urlscan.io logo urlscan.io
SecurityTrails logo

shrinke.me Open in urlscan Pro
2606:4700:3030::ac43:a287  Public Scan

Go To Rescan Add Verdict Report
URL: https://shrinke.me/4lpHNx
Submission: On March 30 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 122 IPs in 9 countries across 131 domains to perform 677 HTTP transactions. The main IP is 2606:4700:3030::ac43:a287, located in United States and belongs to CLOUDFLARENET, US. The main domain is shrinke.me. The Cisco Umbrella rank of the primary domain is 318977.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time shrinke.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2600:9000:210... 16509 (AMAZON-02)
2 2606:4700:7::... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 107.22.28.167 14618 (AMAZON-AES)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 13.225.214.125 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 192.243.59.12 39572 (ADVANCEDH...)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:212... 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
6 2607:f8b0:400... 15169 (GOOGLE)
15 172.217.165.130 15169 (GOOGLE)
4 35.163.94.139 16509 (AMAZON-02)
3 192.0.78.146 2635 (AUTOMATTIC)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
39 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
15 23.41.168.202 16625 (AKAMAI-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
27 2607:f8b0:400... 15169 (GOOGLE)
8 29 68.67.179.133 29990 (ASN-APPNEX)
5 74.119.119.129 19750 (AS-CRITEO)
5 104.36.115.98 62713 (AS-PUBMATIC)
6 12 2620:100:a001::c 19750 (AS-CRITEO)
9 74.119.119.139 19750 (AS-CRITEO)
7 2607:f8b0:400... 15169 (GOOGLE)
6 52.85.109.33 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 27 104.22.69.131 13335 (CLOUDFLAR...)
2 8 147.75.38.124 54825 (PACKET)
33 2606:4700:10:... 13335 (CLOUDFLAR...)
3 34.107.148.139 15169 (GOOGLE)
10 51.222.39.186 16276 (OVH)
7 162.210.196.208 30633 (LEASEWEB-...)
2 8.2.111.126 46636 (NATCOWEB)
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 172.98.26.126 399668 (E-PLANNING-)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
12 2607:f8b0:400... 15169 (GOOGLE)
35 2607:f8b0:400... 15169 (GOOGLE)
8 142.251.40.98 15169 (GOOGLE)
1 104.105.36.85 16625 (AKAMAI-AS)
1 11 209.54.177.54 16509 (AMAZON-02)
11 104.19.133.80 13335 (CLOUDFLAR...)
18 36 142.250.176.194 15169 (GOOGLE)
4 36 104.118.9.53 16625 (AKAMAI-AS)
5 2620:100:a001::4 19750 (AS-CRITEO)
2 3 34.98.64.218 15169 (GOOGLE)
1 2 104.118.9.133 16625 (AKAMAI-AS)
4 2600:9000:215... 16509 (AMAZON-02)
4 4 75.126.248.142 36351 (SOFTLAYER)
8 13 52.3.54.123 14618 (AMAZON-AES)
2 54.147.248.200 14618 (AMAZON-AES)
2 104.105.42.146 16625 (AKAMAI-AS)
4 4 2606:ae80:145... 26762 (CNVR-US-EAST)
2 2 13.248.245.213 16509 (AMAZON-02)
6 151.101.1.108 54113 (FASTLY)
4 68.67.160.114 29990 (ASN-APPNEX)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 6 68.67.160.76 29990 (ASN-APPNEX)
9 11 52.223.40.198 16509 (AMAZON-02)
1 1 67.202.105.22 32748 (STEADFAST)
4 5 8.43.72.97 26667 (RUBICONPR...)
11 104.36.113.107 62713 (AS-PUBMATIC)
2 5 104.36.113.23 62713 (AS-PUBMATIC)
8 9 35.211.178.172 15169 (GOOGLE)
3 3 35.190.90.30 15169 (GOOGLE)
2 2 107.178.246.49 15169 (GOOGLE)
1 2 2600:9000:21a... 16509 (AMAZON-02)
2 34.204.64.181 14618 (AMAZON-AES)
2 2 52.200.181.105 14618 (AMAZON-AES)
2 2 198.148.27.139 19189 (PULSEPOINT)
3 6 51.89.7.202 16276 (OVH)
1 34.120.155.137 15169 (GOOGLE)
4 18.207.82.126 14618 (AMAZON-AES)
1 2600:9000:214... 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
3 3 23.73.241.119 16625 (AKAMAI-AS)
2 2 151.101.130.49 54113 (FASTLY)
1 1 52.54.192.111 14618 (AMAZON-AES)
2 2 69.166.1.10 27630 (AS-XFERNET)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
1 2600:1f18:612... 14618 (AMAZON-AES)
5 6 192.35.249.127 11742 (SPOTX-IAD)
26 2a03:90c0:999... 199524 (GCORE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.105.8 15169 (GOOGLE)
1 1 54.205.198.81 14618 (AMAZON-AES)
6 6 50.31.142.223 23352 (SERVERCEN...)
1 1 104.118.8.25 16625 (AKAMAI-AS)
4 5 185.167.164.43 198622 (ADFORM)
2 22 104.36.115.109 62713 (AS-PUBMATIC)
4 4 185.29.132.241 30419 (MEDIAMATH...)
7 7 34.232.7.173 14618 (AMAZON-AES)
2 2 150.136.26.45 31898 (ORACLE-BM...)
3 3 173.231.178.117 29791 (VOXEL-DOT...)
1 1 74.119.119.150 19750 (AS-CRITEO)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 69.90.254.78 13768 (COGECO-PEER1)
3 3 18.206.0.36 14618 (AMAZON-AES)
1 1 104.45.178.220 8075 (MICROSOFT...)
3 3 38.27.122.101 174 (COGENT-174)
1 1 52.71.87.250 14618 (AMAZON-AES)
2 3 52.72.71.171 14618 (AMAZON-AES)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 104.36.113.24 62713 (AS-PUBMATIC)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
2 2600:1f18:4e9... 14618 (AMAZON-AES)
7 7 54.175.87.114 14618 (AMAZON-AES)
1 1 52.202.13.238 14618 (AMAZON-AES)
2 2 207.198.113.170 13768 (COGECO-PEER1)
1 1 204.62.13.72 46636 (NATCOWEB)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 1 34.102.253.54 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 23.221.200.79 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
7 8 23.92.190.68 29791 (VOXEL-DOT...)
1 172.98.26.125 399668 (E-PLANNING-)
3 3 3.219.48.45 14618 (AMAZON-AES)
4 4 96.46.186.57 7979 (SERVERS-COM)
2 5 199.127.204.142 26120 (RHYTHMONE)
3 142.250.64.66 15169 (GOOGLE)
1 1 3.230.82.111 14618 (AMAZON-AES)
3 3 141.226.224.48 200478 (TABOOLA-AS)
1 1 3.226.8.84 14618 (AMAZON-AES)
1 52.16.159.166 16509 (AMAZON-02)
2 2 51.161.118.168 16276 (OVH)
1 1 199.38.167.129 54312 (ROCKETFUEL)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 199.187.193.185 47043 (SMARTADSE...)
4 4 52.54.231.250 14618 (AMAZON-AES)
2 8.28.7.84 62713 (AS-PUBMATIC)
2 2 50.31.142.255 23352 (SERVERCEN...)
3 5 184.50.205.90 16625 (AKAMAI-AS)
3 3 23.88.75.186 24940 (HETZNER-AS)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 37.157.4.23 198622 (ADFORM)
1 1 35.186.253.211 15169 (GOOGLE)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 104.19.131.80 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 1 172.105.232.22 63949 (LINODE-AP...)
2 2 51.79.83.225 16276 (OVH)
1 2 35.201.96.126 15169 (GOOGLE)
1 2 50.57.31.206 19994 (RACKSPACE)
1 52.205.80.231 14618 (AMAZON-AES)
1 54.152.225.144 14618 (AMAZON-AES)
1 104.19.136.80 13335 (CLOUDFLAR...)
1 2 34.226.0.144 14618 (AMAZON-AES)
1 13.225.195.60 16509 (AMAZON-02)
1 13.225.223.71 16509 (AMAZON-02)
677 122
9    2606:4700:3030::ac43:a287 (United States)

ASN13335 (CLOUDFLARENET, US)
shrinke.me
2    2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
5    2600:9000:210b:8a00:12:fc33:3bc0:21 (United States)

ASN16509 (AMAZON-02, US)
d301cxwfymy227.cloudfront.net
2    2606:4700:7::a29f:8a55 (United States)

ASN13335 (CLOUDFLARENET, US)
shrinkme.io
5    2606:4700:3033::ac43:8bcc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
3    107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com
leaderhistliness.info
choobinoobi.com
2    2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
7    13.225.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-125.ewr50.r.cloudfront.net
bookljlihooli.com
4    2606:4700:3033::ac43:a861 (United States)

ASN13335 (CLOUDFLARENET, US)
doobyyooby.com
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:824::200d (United States)

ASN15169 (GOOGLE, US)
accounts.google.com
3    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
roofprison.com
4    2607:f8b0:4006:808::2003 (United States)

ASN15169 (GOOGLE, US)
www.recaptcha.net
4    2600:9000:2120:a000:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.orquideassp.com
5    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
6    2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
securepubads.g.doubleclick.net
4    35.163.94.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-94-139.us-west-2.compute.amazonaws.com
exchange.adtrue.com
3    192.0.78.146 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
supertruco.com
8    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
8    2607:f8b0:4006:821::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
39    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    23.41.168.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-202.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
27    2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
29    68.67.179.133 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
5    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
5    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
9    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
7    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    52.85.109.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-109-33.yul62.r.cloudfront.net
c.amazon-adsystem.com
3    2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
27    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
8    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
33    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
3    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
10    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
7    162.210.196.208 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
2    8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
13    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
3    172.98.26.126 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
6    2606:4700:10::6816:3ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
tag.vlitag.com
12    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ca
35    2607:f8b0:4006:81f::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads4.g.doubleclick.net
1    104.105.36.85 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-36-85.deploy.static.akamaitechnologies.com
t.6sc.co
11    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
11    104.19.133.80 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.co.uk
c.adskeeper.co.uk
cdn.adskeeper.co.uk
servicer.adskeeper.co.uk
cm.adskeeper.co.uk
36    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
cm.g.doubleclick.net
36    104.118.9.53 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-53.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
5    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.118.9.133 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-133.deploy.static.akamaitechnologies.com
sync.teads.tv
4    2600:9000:215f:4a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
13    52.3.54.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-54-123.compute-1.amazonaws.com
match.sharethrough.com
2    54.147.248.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-248-200.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
2    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2606:ae80:1451:19::1370 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    68.67.160.114 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    68.67.160.76 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
11    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    2600:9000:21a2:8a00:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
2    34.204.64.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-64-181.compute-1.amazonaws.com
ads.yieldmo.com
2    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    51.89.7.202 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p37.id5-sync.com
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
4    18.207.82.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-82-126.compute-1.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
1    2600:9000:2140:d000:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    23.73.241.119 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-241-119.deploy.static.akamaitechnologies.com
px.owneriq.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.54.192.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-192-111.compute-1.amazonaws.com
fksnk.com
2    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
1    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2607:f8b0:4020:1::a (Montreal, Canada)

ASN15169 (GOOGLE, US)
r5---sn-t0a7ln7d.c.2mdn.net
1    2600:1f18:612b:4264:5fd:edb0:5599:8b67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
6    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
26    2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE, LU)
cdn.somplo.com
adserve.somplo.com
pixel.somplo.com
3    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com
sync.extend.tv
6    50.31.142.223 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.118.8.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-8-25.deploy.static.akamaitechnologies.com
cs.media.net
5    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
22    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
7    34.232.7.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-7-173.compute-1.amazonaws.com
match.prod.bidr.io
2    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    173.231.178.117 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-delivery-9.sys.adgear.com
cm.adgrx.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    18.206.0.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-0-36.compute-1.amazonaws.com
pm.w55c.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
3    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    52.71.87.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-87-250.compute-1.amazonaws.com
docker.creative-serving.com
3    52.72.71.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-71-171.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    2600:1f18:4e9:5a02:1f3b:68bb:44b5:b695 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
7    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    52.202.13.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-13-238.compute-1.amazonaws.com
sync.ipredictive.com
2    207.198.113.170 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
1    2620:116:800b:21:9525:7e6a:be2b:3707 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
2    204.2.255.233 (Newark, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
3    23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com
contextual.media.net
2    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
8    23.92.190.68 (Charlotte, United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    172.98.26.125 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-iad04.e-planning.net
3    3.219.48.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-48-45.compute-1.amazonaws.com
ssp.disqus.com
4    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
3    142.250.64.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net
ade.googlesyndication.com
1    3.230.82.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-82-111.compute-1.amazonaws.com
nep.advangelists.com
3    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    3.226.8.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-8-84.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
1    52.16.159.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-159-166.eu-west-1.compute.amazonaws.com
serve.somplo.com
2    51.161.118.168 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns571817.ip-51-161-118.net
gu.dyntrk.com
1    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
sync.connectad.io
4    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
4    52.54.231.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-231-250.compute-1.amazonaws.com
ice.360yield.com
2    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    50.31.142.255 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1h.zemanta.com
5    184.50.205.90 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-50-205-90.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
3    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
5    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
sync-eu.connectad.io
sync.connectad.io
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    104.19.131.80 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.co.uk
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    172.105.232.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1886-22.members.linode.com
gocm.c.appier.net
2    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh
pixel.onaudience.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    52.205.80.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-80-231.compute-1.amazonaws.com
rtb.adentifi.com
1    54.152.225.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-225-144.compute-1.amazonaws.com
rtb.gumgum.com
1    104.19.136.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.steepto.com
2    34.226.0.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-0-144.compute-1.amazonaws.com
io.narrative.io
1    13.225.195.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-60.yul62.r.cloudfront.net
api.intentiq.com
1    13.225.223.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-71.jfk51.r.cloudfront.net
sync.intentiq.com
Apex Domain
Subdomains		 Transfer
76 googlesyndication.com
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 261
368 KB
72 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
639 KB
62 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 453
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
image2.pubmatic.com — Cisco Umbrella Rank: 882
image6.pubmatic.com — Cisco Umbrella Rank: 610
simage2.pubmatic.com — Cisco Umbrella Rank: 620
image4.pubmatic.com — Cisco Umbrella Rank: 868
simage4.pubmatic.com — Cisco Umbrella Rank: 1140
282 KB
46 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 560
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1300
secure.adnxs.com — Cisco Umbrella Rank: 436
cdn.adnxs.com — Cisco Umbrella Rank: 1396
178 KB
38 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
gcdn.2mdn.net — Cisco Umbrella Rank: 937
r5---sn-t0a7ln7d.c.2mdn.net — Cisco Umbrella Rank: 254140
2 MB
36 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536
dsum.casalemedia.com — Cisco Umbrella Rank: 1319
ssum.casalemedia.com — Cisco Umbrella Rank: 1346
45 KB
33 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 10254
sync.quantumdex.io — Cisco Umbrella Rank: 4416
6 KB
27 somplo.com
cdn.somplo.com — Cisco Umbrella Rank: 48935
adserve.somplo.com — Cisco Umbrella Rank: 44873
pixel.somplo.com — Cisco Umbrella Rank: 45229
serve.somplo.com — Cisco Umbrella Rank: 45545
693 KB
27 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6353
csync.smilewanted.com — Cisco Umbrella Rank: 4694
static.smilewanted.com — Cisco Umbrella Rank: 11191
36 KB
27 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 389
mug.criteo.com — Cisco Umbrella Rank: 2685
dis.criteo.com — Cisco Umbrella Rank: 697
25 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 290
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
51 KB
15 google.com
accounts.google.com — Cisco Umbrella Rank: 82
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
analytics.google.com — Cisco Umbrella Rank: 829
3 KB
13 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 588
3 KB
13 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 18263
5 KB
12 adskeeper.co.uk
jsc.adskeeper.co.uk — Cisco Umbrella Rank: 41389
c.adskeeper.co.uk — Cisco Umbrella Rank: 28869
cdn.adskeeper.co.uk — Cisco Umbrella Rank: 27308
servicer.adskeeper.co.uk — Cisco Umbrella Rank: 38858
s-img.adskeeper.co.uk — Cisco Umbrella Rank: 27777
cm.adskeeper.co.uk — Cisco Umbrella Rank: 46335
91 KB
11 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4331
sync-eu.connectad.io — Cisco Umbrella Rank: 2967
sync.connectad.io — Cisco Umbrella Rank: 3896
4 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
6 KB
11 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 18549
tag.vlitag.com — Cisco Umbrella Rank: 23154
assets.vlitag.com — Cisco Umbrella Rank: 22329
525 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 841
7 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
4 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
5 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
550 KB
9 adtrue.com
cdn.adtrue.com — Cisco Umbrella Rank: 99584
exchange.adtrue.com — Cisco Umbrella Rank: 80417
170 KB
9 shrinke.me
shrinke.me — Cisco Umbrella Rank: 318977
279 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 602
4 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 558
b1h.zemanta.com — Cisco Umbrella Rank: 3599
5 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1149
3 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
79 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 489
3 KB
7 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 348
token.rubiconproject.com — Cisco Umbrella Rank: 669
14 KB
7 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 14531
sync.aralego.com — Cisco Umbrella Rank: 2608 Failed
2 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1198
cs.media.net — Cisco Umbrella Rank: 1799
contextual.media.net — Cisco Umbrella Rank: 511
38 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
244 KB
7 bookljlihooli.com
bookljlihooli.com
8 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
cm.adform.net — Cisco Umbrella Rank: 2048
3 KB
6 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 515
4 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 607
10 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
280 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 469
tags.bluekai.com — Cisco Umbrella Rank: 449
4 KB
5 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 963
trc.taboola.com — Cisco Umbrella Rank: 645
match.taboola.com — Cisco Umbrella Rank: 2157
2 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
153 KB
5 cloudfront.net
d301cxwfymy227.cloudfront.net
97 KB
4 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1413
1 KB
4 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1435
2 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1734
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 438
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 800
s.tribalfusion.com — Cisco Umbrella Rank: 2468
2 KB
4 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1694
sync.crwdcntrl.net — Cisco Umbrella Rank: 629
2 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 801
idsync.rlcdn.com — Cisco Umbrella Rank: 321
819 B
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5491
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3118
1 KB
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5567
ads.yieldmo.com — Cisco Umbrella Rank: 611
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 10321
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 809
2 KB
4 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 728
960 B
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 399
rtb.openx.net — Cisco Umbrella Rank: 1485
825 B
4 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6033
u-iad04.e-planning.net — Cisco Umbrella Rank: 9698
2 KB
4 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12478
www.google.ca — Cisco Umbrella Rank: 7916
1 KB
4 orquideassp.com
tags.orquideassp.com — Cisco Umbrella Rank: 106331
5 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2088
24 KB
4 doobyyooby.com
doobyyooby.com
1 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 977
609 B
3 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3286
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 8081
873 B
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1367
950 B
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1558
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 873
2 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1479
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1077
3 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
d.agkn.com — Cisco Umbrella Rank: 546
2 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 906
803 B
3 supertruco.com
supertruco.com — Cisco Umbrella Rank: 239270
2 KB
2 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2227
sync.intentiq.com — Cisco Umbrella Rank: 1510
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2390
643 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1189
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4179
1009 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3030
726 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 534
1011 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 650
730 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1250
1 KB
2 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 7743
2 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4708
965 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 613
946 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 756
943 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 852
849 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1184
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5576
958 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1004
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 575
742 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 587
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 822
844 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 435
628 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 229
57 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 325
739 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1005
638 B
2 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 2026
474 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1906
24 KB
2 cdn-adtrue.com
cdn-adtrue.com — Cisco Umbrella Rank: 126378
2 KB
2 choobinoobi.com
choobinoobi.com — Cisco Umbrella Rank: 119177
73 B
2 roofprison.com
roofprison.com — Cisco Umbrella Rank: 622009
2 freychang.fun
freychang.fun — Cisco Umbrella Rank: 21497
1 KB
2 shrinkme.io
shrinkme.io — Cisco Umbrella Rank: 520591
159 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
imasdk.googleapis.com — Cisco Umbrella Rank: 405
126 KB
1 steepto.com
cm.steepto.com — Cisco Umbrella Rank: 43150
173 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1242
209 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1094
47 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2237
395 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2238
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 725
776 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5790
320 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2321
232 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 7194
695 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3728
464 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 418
542 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2945
584 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1001
522 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4199
391 B
1 creative-serving.com
docker.creative-serving.com — Cisco Umbrella Rank: 3985
475 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3840
348 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1157
674 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 933
211 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1707
606 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3159
173 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1007
183 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6222
524 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4565
484 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4357
610 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 905
537 B
1 6sc.co
t.6sc.co — Cisco Umbrella Rank: 8521
774 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 431
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 652
29 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
1 leaderhistliness.info
leaderhistliness.info — Cisco Umbrella Rank: 624704
23 KB
677 131
Domain Requested by
39 pagead2.googlesyndication.com securepubads.g.doubleclick.net
shrinke.me
tpc.googlesyndication.com
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
assets.vlitag.com
www.googletagservices.com
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
s0.2mdn.net
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
36 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
35 s0.2mdn.net shrinke.me
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
s0.2mdn.net
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
30 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
29 ib.adnxs.com 8 redirects cdn.adtrue.com
assets.vlitag.com
googleads.g.doubleclick.net
sync-amz.ads.yieldmo.com
acdn.adnxs.com
csync.smilewanted.com
27 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
shrinke.me
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
s0.2mdn.net
26 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
23 csync.smilewanted.com 2 redirects assets.vlitag.com
csync.smilewanted.com
sync-eu.connectad.io
ads.pubmatic.com
22 simage2.pubmatic.com 2 redirects ads.pubmatic.com
22 cdn.somplo.com googleads.g.doubleclick.net
srcdoc
15 ads.pubmatic.com shrinke.me
s.amazon-adsystem.com
cdn.adtrue.com
ads.pubmatic.com
assets.vlitag.com
sync.quantumdex.io
csync.smilewanted.com
sync-eu.connectad.io
15 securepubads.g.doubleclick.net shrinke.me
securepubads.g.doubleclick.net
tags.orquideassp.com
www.googletagservices.com
13 match.sharethrough.com 8 redirects s.amazon-adsystem.com
match.sharethrough.com
13 px.vliplatform.com
12 gum.criteo.com 6 redirects static.criteo.net
11 image2.pubmatic.com googleads.g.doubleclick.net
ads.pubmatic.com
11 match.adsrvr.org 9 redirects ads.pubmatic.com
11 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
11 googleads.g.doubleclick.net shrinke.me
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
assets.vlitag.com
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 onetag-sys.com assets.vlitag.com
sync.quantumdex.io
sync-eu.connectad.io
9 x.bidswitch.net 8 redirects sync-amz.ads.yieldmo.com
9 mug.criteo.com
9 shrinke.me shrinke.me
8 ssum-sec.casalemedia.com 2 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
8 ap.lijit.com 7 redirects
8 googleads4.g.doubleclick.net shrinke.me
googleads.g.doubleclick.net
8 prebid.a-mo.net 2 redirects assets.vlitag.com
8 www.google.com 1 redirects tpc.googlesyndication.com
shrinke.me
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 sync.connectad.io sync-eu.connectad.io
ssum.casalemedia.com
ads.pubmatic.com
7 ups.analytics.yahoo.com 7 redirects
7 match.prod.bidr.io 7 redirects
7 hb.aralego.com assets.vlitag.com
7 www.googletagservices.com tag.vlitag.com
shrinke.me
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
s0.2mdn.net
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
7 bookljlihooli.com d301cxwfymy227.cloudfront.net
leaderhistliness.info
6 b1sync.zemanta.com 6 redirects
6 sync.search.spotxchange.com 5 redirects googleads.g.doubleclick.net
6 id5-sync.com 3 redirects ads.pubmatic.com
assets.vlitag.com
6 secure.adnxs.com 6 redirects
6 acdn.adnxs.com assets.vlitag.com
cdn.adtrue.com
6 c.amazon-adsystem.com tag.vlitag.com
c.amazon-adsystem.com
6 assets.vlitag.com tag.vlitag.com
assets.vlitag.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
6 www.googletagmanager.com shrinke.me
cdn-adtrue.com
www.googletagmanager.com
tag.vlitag.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 static.criteo.net cdn.adtrue.com
static.criteo.net
assets.vlitag.com
5 hbopenbid.pubmatic.com cdn.adtrue.com
assets.vlitag.com
5 bidder.criteo.com cdn.adtrue.com
assets.vlitag.com
5 cdn.adtrue.com shrinke.me
exchange.adtrue.com
5 d301cxwfymy227.cloudfront.net shrinke.me
bookljlihooli.com
4 stags.bluekai.com 3 redirects
4 ice.360yield.com 4 redirects
4 sync.smartadserver.com 4 redirects
4 ads.betweendigital.com 4 redirects
4 sync.mathtag.com 4 redirects
4 pixel.rubiconproject.com 3 redirects googleads.g.doubleclick.net
4 nym1-ib.adnxs.com assets.vlitag.com
cdn.adnxs.com
4 um.simpli.fi 4 redirects
4 s.ad.smaato.net s.amazon-adsystem.com
sync.quantumdex.io
4 exchange.adtrue.com shrinke.me
cdn.adtrue.com
4 tags.orquideassp.com shrinke.me
tag.vlitag.com
4 www.recaptcha.net shrinke.me
www.gstatic.com
www.recaptcha.net
4 doobyyooby.com shrinke.me
3 csync.loopme.me 3 redirects
3 cdn.adskeeper.co.uk jsc.adskeeper.co.uk
3 c.adskeeper.co.uk jsc.adskeeper.co.uk
3 sync.taboola.com 3 redirects
3 ade.googlesyndication.com
3 usermatch.targeting.unrulymedia.com sync.quantumdex.io
3 ssp.disqus.com 3 redirects
3 pixel.somplo.com googleads.g.doubleclick.net
3 contextual.media.net assets.vlitag.com
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 match.bnmla.com 3 redirects
3 pm.w55c.net 3 redirects
3 cm.adgrx.com 3 redirects
3 px.owneriq.net 3 redirects
3 odr.mookie1.com 3 redirects
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 pbjs.e-planning.net 1 redirects assets.vlitag.com
3 prebid.media.net assets.vlitag.com
3 useast.quantumdex.io assets.vlitag.com
3 analytics.google.com www.googletagmanager.com
3 tag.vlitag.com services.vlitag.com
tag.vlitag.com
3 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 supertruco.com tags.orquideassp.com
3 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
2 io.narrative.io 1 redirects
2 cm.adskeeper.co.uk jsc.adskeeper.co.uk
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 1 redirects ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 sync.1rx.io 2 redirects
2 creativecdn.com 2 redirects
2 b1h.zemanta.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 sync-eu.connectad.io cdn.connectad.io
sync-eu.connectad.io
2 cdn.connectad.io csync.smilewanted.com
2 gu.dyntrk.com 2 redirects
2 sync.crwdcntrl.net ssum-sec.casalemedia.com
2 static.smilewanted.com csync.smilewanted.com
2 cdn.aralego.net assets.vlitag.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum.casalemedia.com
2 ad.turn.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 sync.technoratimedia.com 2 redirects
2 s.tribalfusion.com 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 r5---sn-t0a7ln7d.c.2mdn.net
2 rtb2-useast.e-volution.ai 2 redirects
2 sync.go.sonobi.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 id.crwdcntrl.net ads.pubmatic.com
2 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ads.yieldmo.com sync-amz.ads.yieldmo.com
2 aa.agkn.com 1 redirects ads.pubmatic.com
2 pixel.tapad.com 2 redirects
2 cdnjs.cloudflare.com s0.2mdn.net
2 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 jsc.adskeeper.co.uk exchange.adtrue.com
jsc.adskeeper.co.uk
2 colossusssp.com assets.vlitag.com
2 prebid.smilewanted.com assets.vlitag.com
2 script.4dex.io assets.vlitag.com
script.4dex.io
2 cdn-adtrue.com exchange.adtrue.com
2 www.google.ca
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.ca securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 choobinoobi.com leaderhistliness.info
2 services.vlitag.com shrinke.me
services.vlitag.com
2 roofprison.com shrinke.me
2 accounts.google.com shrinke.me
2 freychang.fun d301cxwfymy227.cloudfront.net
2 shrinkme.io shrinke.me
1 sync.intentiq.com
1 api.intentiq.com cdn.adskeeper.co.uk
1 cm.steepto.com
1 rtb.gumgum.com ads.pubmatic.com
1 rtb.adentifi.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ad4m.at ssum.casalemedia.com
1 s-img.adskeeper.co.uk
1 ssum.casalemedia.com sync-eu.connectad.io
1 rtb.openx.net 1 redirects
1 cm.adform.net 1 redirects
1 servicer.adskeeper.co.uk jsc.adskeeper.co.uk
1 p.rfihub.com 1 redirects
1 serve.somplo.com srcdoc
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 nep.advangelists.com 1 redirects
1 u-iad04.e-planning.net
1 id.a-mx.com assets.vlitag.com
1 adserve.somplo.com cdn.somplo.com
1 ads.playground.xyz 1 redirects
1 pixel.quantserve.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 sync.ipredictive.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 docker.creative-serving.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 cs.media.net 1 redirects
1 sync.extend.tv 1 redirects
1 tr.blismedia.com 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 fksnk.com 1 redirects
1 cdn.adnxs.com assets.vlitag.com
1 d.agkn.com
1 api.rlcdn.com ads.pubmatic.com
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 token.rubiconproject.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 t.6sc.co 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
1 cdn.jsdelivr.net assets.vlitag.com
1 imasdk.googleapis.com tag.vlitag.com
1 code.jquery.com shrinke.me
1 www.facebook.com shrinke.me
1 leaderhistliness.info shrinke.me
1 fonts.googleapis.com shrinke.me
0 sync.aralego.com Failed cdn.aralego.net
677 202

This site contains links to these domains. Also see Links.

Domain
shrinkme.io
blog.shrinkme.io
agencyorquidea.com
forms.gle
www.facebook.com
t.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
leaderhistliness.info
R3		 2022-03-20 -
2022-06-18		 3 months crt.sh
bookljlihooli.com
Amazon		 2022-03-23 -
2023-04-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-06 -
2022-04-06		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
roofprison.com
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tags.orquideassp.com
Amazon		 2021-06-29 -
2022-07-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
choobinoobi.com
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tls.automattic.com
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.e-planning.net
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-08 -
2023-03-11		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.somplo.com
Go Daddy Secure Certificate Authority - G2		 2021-12-29 -
2023-01-30		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-03-22 -
2022-05-31		 2 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh

This page contains 152 frames:

Primary Page: https://shrinke.me/4lpHNx
Frame ID: 1FED0A9AC7276576EDD1812ED904A81F
Requests: 128 HTTP requests in this frame

Frame: https://bookljlihooli.com/M1ZtaVRSNA4Ea1JrD08hQTpQTGZ1c18vMABmXAosRDAUBC0BZFpHN185GA0yQTkDHXpdMxlMZnUCIDxhABk7Iwd6BAEPNmYDAywjYTouISx1Fyo8DHkXPz4EdhAXKxJUMywOPwQyKVAyd2crJx91ABc7LAtzXysBcBc8KxxhAyQrBXYPFQoidmcZHxZkMSk6AAI3DhEsYhhcKCd2OjRRB0lnPz0QfhskETx3GVxZPXU+FQ4wACI3KgxQEgsFbXwZXFEldBNZARJ7LiU/LWoDCyw3eg8FUHEBFDgOO2IQJREcZzwZDzF2Gw4wDH0kPzg/QhReGTF7ESwrGER7CSMEXwdYLDhAYzotJGAVFTgRVQMsMQ1iMh87BV9gOgANdwApXQFVEjwKDXITBCE4emUrISx7DgcNB3kECjgwRBhIWxZ1ECgODFobPiETcWULWTd5MCwvM2IhKxsWARQvKgxQEgsOBmoYKyhsez4VDjAAIigtOkQVCC8SfjQaKHJZJQIHJA4lDCVndBogBDpy
Frame ID: D0E47E5E1B2DB41AF0B7424761E3E915
Requests: 2 HTTP requests in this frame

Frame: https://bookljlihooli.com/NnJoRnBXEAsrT1dPCmAFRB5VY0JwV1oAFAVCWSUIQRQRKwkEQF9oE1odHSIWRB0GMl5YFxxjQnAaCg4UXyEwHyBxMx8wI2QVDQQeZDA+EyZnES1zO34gLSs3dAojDwoCSiAsF0YROwtHfxoiMDFeKzweQ1ojKQQpez4DMjtzFR83IwdDOgcJBic9Ez5zIioiInEVWDw4QTMKB0JONyMtOnsXPggVZEIHY0J0Oh8PJHImXAAjYyQ7DAd8ODoQOgIgAww4ZEEHdiNjJDsWGA4xORAqRSA7cyNjOgMJJ108JCQ1ZBEuLjkDNQ8tMXQLGyIyZzwgIwp0KDoAXWAcOhAAZScgKhV0ClAROnQCIhQjcAE6AAdUMREPJGUnPhU8Xj84DjEHFT13RX4zOwM1dwoHDhJzIxkUHHxHPwAIbCQGACBhHgQTFWA8DRQIcx0tB0BwMVo+NX0ZIhQWWhoOFyVnSjt3QBAYGykeRk8pMTpEPSN+JWEnGA
Frame ID: 8E565C558F1C0071936EBF2194511250
Requests: 2 HTTP requests in this frame

Frame: https://bookljlihooli.com/RGhlQWQlCgYsWyVVB2cRNgRYZFYCTVcHAHdYVCIcMw4cLB12WlJvBygHECUCNgcLNUoqDRFkVgImMRQILz8gLhEODwpkVgYMMSoDBS8zOAJ3KjcjPHEaLDkHdyIhcFQNLwoEJyMlAA0McDIhNg8ICiEqHgUvM3cFPT0jDw11Hwc2IXYjPQNQFQIONCh3OjQnDnBRLyZdKCE2EBcGPAo3LS0LAApWM1wuBw91IjEiAwcsNDMFDBsMIzMWUQcHPisxDy4DBwISLSsuGCcgCisCNRQiNQ0LOVEXBQ03AiMcJyAKK14sABQxDggpUg4GVHUCEC42IyMKBwBwSRVdKitUKCk2eRIIESwPKANRQHMiAFkjMwITJlMUCnVcAxYhFCUhdQMOPSMwJxMAUhcgFQIvKBwGCQsuFQgpBjsuEzoWFwkjGC8VFwgmNngLIREvMQEqWQsXLB5NVwMAHCo2JQo8UQcHPisnNjYSBjsKKwUMGwwjPCheP3AAMQohKVQSOUMrFysGFXwgdiYiCx4yPDEHCRc
Frame ID: 1C119C29DE269E23C946C97871C36A9A
Requests: 2 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Frame ID: 81BA8DDB2C442F4662286D3F6E008063
Requests: 18 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Frame ID: 8F5132373003E6BC156B3E92B66F1415
Requests: 22 HTTP requests in this frame

Frame: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AB36093213A2BF034C57CC47ACCF817B
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
Frame ID: 1835EE9EB161E1C82A187202C84706D7
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6130AA130CDE812752063D9B67FD45A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5F7102D5A4534AD508C5359065FC8A1
Requests: 2 HTTP requests in this frame

Frame: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F1FCDFF61E76B65E86A345C5A194B63
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 57EAA0C94FCE5AF1CE574C77F3E42CAA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: F49E91A509747FCABE81ED6890578592
Requests: 16 HTTP requests in this frame

Frame: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FBA7C6B40C6769C46B3CDF5696F353E5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQ3JmanAMYp5zAxAEwAQ&v=APEucNWOQPWCxEQMWJ5aqC7UpUYqT5izjUiqvqAjgiLv6VSa3ebo2phhod_ogNnQYVXuvrN33vwEkuY7AQhpcT-WAiO32wtVCw
Frame ID: 03632D44E5FDA777CF696FC2A36858B4
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Frame ID: 914DB7F807A4BC84F360B96A8B1CF002
Requests: 15 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1648641043&d=8509&z=29441&divID=vi_850929441_1&w=320&h=100
Frame ID: FD50AE736BA5F630D654ADA0DE5A90AB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjOyc3CATAB&v=APEucNUTjJZkkl0kDTAy56aM9v_hNkqZou-N-Wpku_APVPFOMAVEt3HoLtbt3AOp9my97pipnae-B--Z3Wlipqf4AVqT23O57g
Frame ID: 7DBC3EC8F5D125C1674B88739587C245
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Frame ID: EB1AFF1D8C56D38C0B02DEEAB7EF3747
Requests: 1 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 64E3BDBAD1FC4D4F2A0298BC8B5073E2
Requests: 22 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Frame ID: F84732DF69AD7FEF3E341B9DD040D75C
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-212001089-1
Frame ID: DD672F9AA896C3607A5F8430A8037EBD
Requests: 3 HTTP requests in this frame

Frame: https://tag.vlitag.com/passback/?t=1648641043&d=8509&z=29440&divID=vi_850929440_1&w=970&h=250
Frame ID: 8407566B9D80E0800BFA378BDA51A43C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BBE89DF5DE69EC6E13B02980A769F14E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F1B950DA3277DCE297585919A06F2291
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Frame ID: ED156D7BDAE2AC301337B65F9A40F6BB
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: E2F3849BD1F57DED78EE036752B3A162
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Frame ID: 3E958594521E4379732F2322F42B8D92
Requests: 2 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 05608AA604AEE3B2D72A0F91BB599F4F
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 607FD5087BB1BBA72F83E96FAE8A7125
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 29437B0EE7BCDD4818CB92817F204B01
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 216931D781105701751185AB43FB85C2
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbrSp2Gz-WQNOPBSsAAAAAAA&expiration=1648729380&is_secure=true
Frame ID: FE0EDC9EC4E8597F78D805D262C739A1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2350325416479113524649
Frame ID: 316A87D720FED711E0EB7D0BD546323C
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Frame ID: 0F8219935955C1C5B2BDB7E57535977F
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYsqvwwQEwAQ&v=APEucNXEWBiikY-aEYT2nhtJ20JpPLrEPbAne5toxP3HgN_UU-Kt-qy9cFhgaYPjuRrs1pm4MQ0MnisXivAk8e43MJM9VgjfOg
Frame ID: 0AF70AFDCC71002E75E4CAA5A4A3F3D4
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Frame ID: 2F79AFECE40F1BAEBD700C89B7C2AF2D
Requests: 3 HTTP requests in this frame

Frame: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 860BBB3C70E8FD52162C8D72BBB2D092
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Frame ID: D2A78727FA39820EB2012B89E757317E
Requests: 2 HTTP requests in this frame

Frame: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B3049D0DD880C452CDB71D14D9053FC5
Requests: 1 HTTP requests in this frame

Frame: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3BC0726E5205B2507B5B947D864E627A
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
Frame ID: 6765A3639409450E0F5AA84A50CC76CC
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYsOaWWdSuNBqYPtR0tTlKYnY4zqa0HzPFwO3fkoxuAm1Sksqq5qH6YUefCkuQgbec955G2l-PWHCvxCVRXZ1nZCeuQnnpDgngyEsz_5TguG8ZuooGkEMrYt3hfQVJda-PNTIwvDirrN0EQHpUwWX3qcZdKdMViIuX5qnARMauh9sYHeutEFMWmsqICv_eCUAQRLVWQts7qHfH6VymmqRrQ8C1bLOaOdLoiqFNIPZdKqG3zibbWgYiVfLOZoQWkSy5WeFEw4POb2erdbbZoVYF1MHgOiH_aBfmtMVNtdIBp3h3nSHbpQ1y34-TWm1MUWpgC0ZWuOFn&sig=Cg0ArKJSzCT1eDQupHRVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A74FCE84217490174F33D284407FCB05
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3344DFF0842CBCA89FDB02ECD189DF51
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B75B892F5A105F106C5ACDA621055AAE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F97A38773A67088CBA58ED0FA9570B18
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 83D7C3D0437FAA7674DFE22201AD9656
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A3BF00EE1916D05CD4C523C127FB20F2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2311EF8780A5F2B498C2ECDF04F7D67B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A7D5B4EE041B97005DDD5CDC2A7E7B8
Requests: 2 HTTP requests in this frame

Frame: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D8CA9015F0785379F06C2FAE52912A6D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjSytrGATAB&v=APEucNXZ-EL-54SF0iBCQ8eSTB4VjbZs4mg1HRlKWREQEOTOheAZS-SYzYn2ADc9Og9QCmhY1G2ZbsUHvDF_cFGdJLv8-0FoiQ
Frame ID: 1235A490A10D9A0B57418E001E7CBA2D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Frame ID: D36A60E96037F0424B2B7D0FC6D640CC
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29EE41E25BA917FEF37A6521158790BF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0DFE40DA87E2185EA408DECB28842F63
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 16E2A222216A94AFE3BE7C265D8D03CF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 39BCEE8EC9AEB454E05D63B56B13F5A7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Frame ID: 26D069E985E4793F3E52C070F0D60CF4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F275DB2E63685F8F1E62173C12C8D0ED
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: B6F5FCB2A815A1D15AF837E0E0B2AF3E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkRLpgAEsiXZUAA-&gdpr=0&gdpr_consent=
Frame ID: 90F76A031026571FFB3DEE29B7FB41A4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&gdpr=0&gdpr_consent=
Frame ID: 57A7555641A66418BC6A6629EB3C48C6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABjsU7EiJcAADHbmN0I8A
Frame ID: F51D78B3EA554D6CE8E5F61E7AFA37B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=254de68e-b024-11ec-bbca-3d3cd1174a24
Frame ID: 32580F9AE7CEBAEB7498CB4D8F4FC0AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 337651BB69920FF6BFC69CFD8AE3BCC8
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 01CA1958075CE9ADDE8FFA7192CDFCE1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=659618076813
Frame ID: 6D8553DDF671DA65C0E9D1B1D66BE6C4
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 50DBADC098541AA839850D7BF0398E70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ae5hhDkq1NzxlR5&gdpr=0&gdpr_consent=
Frame ID: E876A421184512E77812BBD8B1FF1C51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7019293821359926568P
Frame ID: 5DA38002EADC99C37AE0ADC46B95DA69
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=db260b88-6210-4169-9720-e61665ce5cb5
Frame ID: 8D0D0B667CB52097958C79E3127C3462
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a82006e7-ec88-46b8-b0b8-c2ef3527abca
Frame ID: 1A14F2E2FA7140C584B1267E189E3EAE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=64d0b1ae-ca68-45af-a756-71ed697dbece
Frame ID: 94E67A944F03C4D0DDFE9505E693A744
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: 1BB555735A281C197275318FF823B0EF
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 95D7E0837F9B35F83EB5E7D189120272
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 1BE0E6FD9BBE7B7BAD4414A033CE6B28
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E6163D1B166522DEDEDD7E3ED305A16D
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 746742CF24EE27530ADB988BC44783A7
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1648642979984
Frame ID: A955B6DF2DD4ADB88D2B72F5F40903AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: D95135F0800D9A2F47804E967B3069B7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: BC8A6856BEECBC8FCA88F57562C2183F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 7C26CA5C36866301753538E0DF9C6A37
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 77C8A67E34A09A7E0F9BFFBBE18CF259
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1AB2BE15A8B392684108210C0367E0FA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1648642980260
Frame ID: 8767CB8036480FDED7B9873884F16116
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1648642979987
Frame ID: C9665AE1F6B28274799F0BE532F7B438
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: 500488670C41B474E01F66B251CD0E0A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: 939477BF648148BB8D3926D409EE55AC
Requests: 9 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 7F8E0239FCC1D032951536ACC573570F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: A4941454E30AD86EFFEF71CD1D5B5E28
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: EB8B2E54ECB6B096B0EBD28AB1368EA3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0701838D49508B8F4ABCBB07B3CBEA90
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: A4F13DE4D306677D01B452579762A7C6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.somplo.com/prod/Swiper_Scripts/swiper.min.css
Frame ID: 71064D0FE12C367E93E1585EDFED280D
Requests: 22 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: EB187D7CC5960AD1D1818A877E109CA8
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 51E378F244ABABD4EFC1F462987FE322
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 496F2C292FFD622B47537B273313CEF6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C36FCFC8DA7E44E2CDE7E713B1DEA6F2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2CDC365FBD56BB3A77B1ADA53D0A8A8F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 0D55E250CC7EBBA2667870DABA7C0B15
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 91415670033F8B949DF7A1A934B17E6D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 0351292381C56AF004BA3B63640F6B0E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 730478343CFDB54108A8F64422647EC9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 1D394C1AE6DE3D917E750BB7C740C2D9
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: AD6CE6DA4DBE453A989689041508C35B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 73E25A82BB89FEF3C3336532241F5499
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: F450039E5A8E6B1C4A394C8E318E5372
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 0AD409BB65FC869E9733A8DA6135A3F8
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=56556349b41d6e6ed36cd22856d99d09
Frame ID: A3A8D9EAC5F9ABE88CD5B351337F5A1C
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d6c6648ec2213f27e48c7426e30741a6
Frame ID: 81E9349A96B01E9FE3F285C812E3777B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 7A1BDA863748308DA305643336678C9D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 6D702366BEE39433B654819DF8CC0000
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/9207548265241888747
Frame ID: BEC61DF3C876ED3B219F961A86ED91F9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/3410955970430486413
Frame ID: F9B00DFC680950C4B13191C628FF239D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
Frame ID: 36EA6CF89505505C0B7DF76901668EFA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
Frame ID: 2F5442F8595320E95D6D0C24A697D164
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
Frame ID: 102B528722F8EBE0FDEA0A11F14C07AB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
Frame ID: D514E27DE6F143BCE1C3A768BFD2FFD4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: C9A96CBA3021010068A4E07EEF949CF8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: F15D16AB5F33D23EF8F5103AA9E4BBC0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
Frame ID: C8C749E25E86F59168C886732BE51E7F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
Frame ID: 58C193FEA48B305A6B98A4A06217E828
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Frame ID: 4B952477B71DA1F790EBCDDF4848D116
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Frame ID: B9633F88185C99BD787B6F7870ECC511
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: DA4841C8C21652C769E3DF32CCB035B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
Frame ID: 1C75BA61333156A31E29F9D0B0BB069B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
Frame ID: 83051F2219D51746172978A4515F5651
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/90afede6-bab8-44b4-b1c1-757dc58fdde2?gdpr_consent=null&gdpr=0
Frame ID: 72E411D2B32FF6B4CD5BCB522C16D1B3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/dfbb7acd-029d-498d-be5b-e9b25c4664a7?gdpr_consent=null&gdpr=0
Frame ID: 32D54EE6AD637539E93F3006EEAADBCA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Frame ID: 6ECE2DE9D0E78ADC3A98B4CDFC2B4E59
Requests: 9 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Frame ID: F3889BF46DFD74C8B3C3FF1F52B930AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=4668821410471988469
Frame ID: 9B2433873949273E0211CB2A9526B7ED
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?dataid=data5&uuid=9c285c05-4cbb-4fd0-a219-b9cf06f70326
Frame ID: F8027317162A457B127D9E1619C9B2D6
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=qbJtu5hjs3huaNl8uTN9&pi=connectad&tc=1
Frame ID: FA1875EBE87F33EC996A149685D14B6B
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=appnexus&dataid=data11&uuid=1709217890454926719
Frame ID: 6A7BD71E1F907766AC9E594D0BD85750
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=8dfcb9d28e05f6f8bb51f33d
Frame ID: 9F18CBBBAB9CC40AED562486A8AC5182
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Frame ID: 0F79E634567D9D775CCF84DFCC80782C
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Frame ID: 9A943E1FE13000CD09B9949B0B028861
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/connectad/YZA023WAgM7n9zSjlebRZsXID3jTuFy5p2CyzeY9
Frame ID: 2A8C449EA5717DF7A27CE13899F9F801
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: C45E71AFA6A357A55E5D1C36CF3EAF60
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: AF69BE92D77FE5B1FF3E574F2D92FF84
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 6D8C7A173F78729B85F3CBEC1718F4AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
Frame ID: 82E985E1E2E9262F10C457E4EB57056D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=57imGiyUDF6-8nLhqktEYg
Frame ID: 161687F56448632CBD058A1039B4EC07
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vOMZ0imARIRUmMUOJp9Co5U4mbs
Frame ID: 98271983B2241A71DE7D0167BC83DA16
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?dataid=data1&uuid=647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: EF73653A42587939DAF4CF374F23109E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1648642985888499052498
Frame ID: 3058A8134F984740C656B6ECAF481206
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: C423C2D2F568BA2E3BDF486592BAC788
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: 439C587FA6D22B30CF93ED453B6A6909
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: 7C1F72A329B834A28131F90959B42570
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: CDF1D2BA4F5CD03E9DCEE9F4AC1B42C7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/647E2670-BF81-4393-9BFF-FE4D71412F90
Frame ID: 033E946CFCB27CA40B608A1C51040311
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShrinkMe.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

677
Requests

82 %
HTTPS

32 %
IPv6

131
Domains

202
Subdomains

122
IPs

9
Countries

6960 kB
Transfer

14958 kB
Size

228
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=krq04XwvRGlQWXJ5ZVVSRWN6QkVSOG45L2czaXp4TS9SdnhmSXJCVUFTbEFjY29JN2xqdyttUjZ5VHVIV3ZzTEhiTVF2OXpRb0RZNHUydG80dWlhNUoxZVZtUVp3aHlTblFZcVJOZlVNOXpuM2sxNm13TW9oSzdDRUs3SFErZG5YWjExWWY1YytrbFVrMU1TeFgvRG1NcUsreVZsSjV4U0czenBSUG5Td2dxaUY2a3dDSUxkVlMra2JUa21Ib3VsNVd1U2xVVjNYNmJuT0gyaDVtNDBqQkNrbFBET2sxdXpaWC83cXp2Mkx6SUFTSGdZPXw&cppv=2
Request Chain 85
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WUZY4HxmWnk5bzJrY3FWK1FVZW93UkhmZlczVCtnZzBTVklaSGtjNXpxbEYvLzZndEZwTDhsMW4xNzlTKzFHRk9ndW54ZFBZaHlDd1FSS0tVbjUvT2tpOXVYVlpPUml2aXM2cWczSHNCcC9hbW16bzJ2Yk1ZNlVBWlJSZy9kdzN1RXJYek1LM1lhVkNYUEEwc3pyMWIzOXg5cGMvdlk4SGR0V2NUeS9aSEZPZTZSVGNXcDU5Mk9CR2RsM25OYm5rVnJkUnVBbVo0MzZVUGRUYUc3SFZPbFJOaEdRMzh6ZkxITHd4c205a0RwRkxkcUVVPXw&cppv=2
Request Chain 130
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7087389223597933&e=728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F4lpHNx&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21048046.7.336%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7087389223597933&e=728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F4lpHNx&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21048046.7.336%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85
Request Chain 192
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
Request Chain 199
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkRLpGvaMGh5Cualmm8-mQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKs51XKh_-eTsn1V17P-JKk&google_cver=1
Request Chain 201
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwOTIxNzg5MDQ1NDkyNjcxOQ%3D%3D
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXWKSn8L76dF4XDH97y7rQ&google_cver=1
Request Chain 211
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk5OTAwMDAtM2M1My0yMjlkLWRjNzUtMjM2MzRkNGUwZmNi
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHggzU4Hwew08_i67DbhRyI&google_cver=1
Request Chain 213
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjEwNTVlZTMtYmUwNC00MTIxLTk5M2QtMjczZGY2MzFkYjEw
Request Chain 240
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=A21DF2CDF4B34C7C8E43AAE9B595FC54&ex=simpli.fi&status=ok
Request Chain 241
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk1zdHdsa243UTdtTWZLNzBYJTJCQXN5WUlqZlpMNEplVkRBZ3UlMkZhUjVEc1g1TER6NDNCbnJSbXVkcWxLUzFKM2dsenFHalhRUjFqamdsSw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=8YRmvnxSY0VIVlQyTmtkdk5OS0tsMWNQUWtGdi9sTzdiT1JOK1ZCamxDQ3ltYVg1MitMcEt0a05MOUNUaWVpS3AzMDIwR1Y5SkRIV28zTjFmVzV1Wm01TTN5cGZJSTRsT1AwOURMSk5tZmgxaXQ1NWE0SG9lTjJnaThLNVFRWjZVYXhMQUh2VFg3WFc5T1RFYjlPV1dMSVJJU3VoL2ZmR0lxUVBLbUNsdDhiMWxKaGgwL1lWMk1UL3cyL3g3N0dMcnBDaGJWdmN5MW1xRlZXVW5SYTZzYXIvSWdFZU9COHJrd3dGd1hCK0ZFa3d4ejlUZGQ4Tld0Mi8xck93WmpEN3lUQkYxUFcwQWhGT3RQSUVwRHdyMENGZmFKZz09fA&cppv=2
Request Chain 246
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=771633bb03d1121c&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbrSp2Gz-WQNOPBSsAAAAAAA&expiration=1648729380&is_secure=true
Request Chain 247
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2350325416479113524649
Request Chain 257
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk1zdHdsa243UTdtTWZLNzBYJTJCQXN5WUlqZlpMNEplVkRBZ3UlMkZhUjVEc1g1TER6NDNCbnJSbXVkcWxLUzFKM2dsenFHalhRUjFqamdsSw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ATALtHxpK3lSdTM0bUdNMDhCR2FDTzQrOGxpSUZNNDl5UWxSZ21oQis0TUN3K1c0VjZlWnBzRVRhWlpsaHNOQnQzRnZkZXdQU0hPWFU2U2JoYis1YnI3UUZDcVJCclFHN2t1UDBFc01KcnMwa3ZXVlNTaUFkSDJ1YUtMOHhkeTNZaVpzb01LU2g4dFk1cytNMnQzVkdXNysyMHF5OHExUDYyTkt3Y0xxdDl4U3lqT3dOa0JzcjNlcU1UOVF1VTV0RDdTaFpZN2RJdVpaK3cvOTVWS1ZCVmRreGxHNVF3Uk8wS3BmSHlINDdvblFRQTkvbk5RaGNOSjlUSHRmVi9GaGdmZjM5SzV3U1Zab0dIbitoSWY0YjdDczBrdz09fA&cppv=2
Request Chain 272
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
Request Chain 273
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&gdpr=0&gdpr_consent=
Request Chain 274
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117602199111697
Request Chain 275
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2JjAb7xV2oGGdJWZ1RtDY&google_cver=1
Request Chain 277
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
Request Chain 279
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQ3RTI2NzAtQkY4MS00MzkzLTlCRkYtRkU0RDcxNDEyRjkw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 283
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1709217890454926719&pn_id=an
Request Chain 284
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10610269616472883662&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dyieldmo%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10610269616472883662&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dyieldmo%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dbafd45a-3cc0-4902-9597-3c81aff2d313&ssp=yieldmo&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=262280004106006850555&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10610269616472883662&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Request Chain 286
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=vOMZ0imARIRUmMUOJp9Co5U4mbs
Request Chain 287
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=MSSYBpbIiPIQ&ev=1&pn_id=pp&pid=561118
Request Chain 294
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk1zdHdsa243UTdtTWZLNzBYJTJCQXN5WUlqZlpMNEplVkRBZ3UlMkZhUjVEc1g1TER6NDNCbnJSbXVkcWxLUzFKM2dsenFHalhRUjFqamdsSw&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WL9zQ3xuZGw3c2pKNDgxT1RCcmJhem1wbHBvWFR5YmFEVys2dFQ4RnNGYXBSZFpFQVBwUUtCLzF1VDdEaEhDeGNCSVFJM2hqZjQ2azkvNi95cm9RMEFJMkN1OUs4d1AzRDRBdVdGaHE5MHk5T0NNU3FpK0kxdlNmL015cHVhOEpKU01nYktwL0UvMDZYTWNCaGlSSUd5U1VwMmNVTW0xak9kZ1BlNlNjMDM4bTg1Q2N5c0ZYVFk0ZzBTeE1UeDBMNU1BaUQ5SnlxZGpkRlNKZVdzRVI5YnZyamVyeWVTdTNJQUd2em9IM2NlNWl5WXNLVXl4aXN2aXNkczY1Qm14VncrMVpWd2cwTVE4TUIySFM0aDl4SkpZaGR3dz09fA&cppv=2
Request Chain 371
  • https://px.owneriq.net/ecmg?google_gid=CAESEFPHYjfhBpFaBQeZmbutYuc&google_cver=1&google_push=AYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw%26google_cver%3d1%26google_gid%3dCAESEFPHYjfhBpFaBQeZmbutYuc%26google_hm%3dUTcwMTkyOTM4MjEzNTk5MjY1Njg%3d&uid=Q7019293821359926568&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw&google_cver=1&google_gid=CAESEFPHYjfhBpFaBQeZmbutYuc&google_hm=UTcwMTkyOTM4MjEzNTk5MjY1Njg=
Request Chain 372
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHOlizWzl8BaQgnsxWjDVX4&google_cver=1&google_push=AYg5qPI4FzNHIUQdAzcoAgXKMN4seT-UqXt4VIoDx5h_apGDZlNBseN6jZ05_LXNZv2M0MezAwkD-v7V81GKkoQ2AmJgh5HJb5s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHOlizWzl8BaQgnsxWjDVX4&google_push=AYg5qPI4FzNHIUQdAzcoAgXKMN4seT-UqXt4VIoDx5h_apGDZlNBseN6jZ05_LXNZv2M0MezAwkD-v7V81GKkoQ2AmJgh5HJb5s
Request Chain 373
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOu2oSqO5xpCYnQKxf10fbA&google_cver=1&google_push=AYg5qPLWdTmUeLk90dltzUxs8TmOzFkrIGRRyqTsNFI1rM2vNNN4FCkgbRAm2tSzCYnCnGSJz4v8ZlQgjPRmLMK1V3UmCeNPfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDdiNGZjY2QtZWVkOS00OGY4LWIwZjgtNGZmNjk0ZGQ3ZmFk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Request Chain 374
  • https://fksnk.com/cs/google?google_gid=CAESEJspflqqJt3YViuCDbVIFKM&google_cver=1&google_push=AYg5qPJaQ1Wbta-2HdnsChN6GBcoDUv7xSN85UYzGc5b1BoXwUTHDUPo3VrqYf7Oj70JhvJf1zwSJx8bRtVe71mDMJrDRjt07w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUFDQzZGNjQyRTQ3MTg5Qw==
Request Chain 375
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKYqLYUCqGy1m7JayUppkYVXcmdnhxnSqm3hyCKv3L2ElTr8K22HwoGLXFA2xPfwb4jlnhjsu4n34Gx8MrVf4n9e5x8nXY%26google_hm%3D%5BUID%5D&google_gid=CAESEApzSec-C8FYrcp3GsgT9iM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKYqLYUCqGy1m7JayUppkYVXcmdnhxnSqm3hyCKv3L2ElTr8K22HwoGLXFA2xPfwb4jlnhjsu4n34Gx8MrVf4n9e5x8nXY&google_hm=2c420fd2-abd3-4224-9303-8a017d8258fb
Request Chain 376
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAYaLLDeS4kblmVRgdO-Ce0&google_cver=1&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph21HUP6q4z3vAq7EBLJ0 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEAYaLLDeS4kblmVRgdO-Ce0%26google_cver%3D1%26google_push%3DAYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph21HUP6q4z3vAq7EBLJ0 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4400094246947355239&exchange=193&google_gid=CAESEAYaLLDeS4kblmVRgdO-Ce0&google_cver=1&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph21HUP6q4z3vAq7EBLJ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MDAwOTQyNDY5NDczNTUyMzk&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph21HUP6q4z3vAq7EBLJ0
Request Chain 377
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOaXgztUVNIu5z6sl4MKdRM&google_cver=1&google_push=AYg5qPJ0S7VJdRXeNz0uFnGvYHVGrTAUWwORIYFe-O9RKvQHyh50cI0JBietyx5W1wyCCZjmtmKx-cmCwxat6UacTmXxdJx5XlR8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPJ0S7VJdRXeNz0uFnGvYHVGrTAUWwORIYFe-O9RKvQHyh50cI0JBietyx5W1wyCCZjmtmKx-cmCwxat6UacTmXxdJx5XlR8&google_hm=Y41L8NbFSA2kh8Q7MLDhILs
Request Chain 387
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 390
  • https://gcdn.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/421196041E2D03ED11A78EF5CCC0B1831A77D0DA.AD5DEC14F5D63442C0B36655F2C89123AC7C66EB/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FC68630A99C3F7481153BC2029B76FA70883B0B.5C0E003F46D78E1C8842D8EC0685E7DEDCE1F477/key/cms1/cms_redirect/yes/mh/jU/mip/2607:5300:60:7867::3/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1648642611/mv/m/mvi/5/pl/32/file/file.mp4
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEJO41OGQPQ6m7ZwSpHpOQLw&google_cver=1
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM4z2PWltnMA4_yNwhhYtks&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM4z2PWltnMA4_yNwhhYtks&google_cver=1&__user_check__=1&sync_id=24f40636-b024-11ec-bf3a-16765c7f0403
Request Chain 397
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=24f18519-b024-11ec-91f5-1c0a792c0503 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjRmNDA1ZjktYjAyNC0xMWVjLWJmM2EtMTY3NjVjN2YwNDAz
Request Chain 415
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFJbeR19Pv2knJVe0KZ_mos&google_cver=1&google_push=AYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJbeR19Pv2knJVe0KZ_mos&google_cver=1&google_push=AYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 417
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEMEfMFHCorVjbaxjvbCcLmo&google_cver=1&google_push=AYg5qPI0kbiv9JAwR2XYJJwamW5tEdblwOZF5G5YQatNpsz0-0Jpw6Vgj6MtCXmqPk-Rqk673NJcV_V65W52eT4PW6cquctsiA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPI0kbiv9JAwR2XYJJwamW5tEdblwOZF5G5YQatNpsz0-0Jpw6Vgj6MtCXmqPk-Rqk673NJcV_V65W52eT4PW6cquctsiA
Request Chain 418
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAz-rP8VjC8uaUCf1lE0GHg&google_cver=1&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g2-Z7XTABd21Eg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAz-rP8VjC8uaUCf1lE0GHg&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g2-Z7XTABd21Eg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g2-Z7XTABd21Eg&google_hm=SVhzZ2FwUkZHQXlJWlg4WWEwWmM=
Request Chain 419
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIE8k7s2SF8mqLKotgAWGNA&google_cver=1&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA
Request Chain 420
  • https://cs.media.net/cksync?type=g&google_gid=CAESECpyuiuW3MDdSXRtgNDTy-I&google_cver=1&google_push=AYg5qPLJHQKfEomGUXGNYCO-BrFCbraJ7imBGd3sApnBuUf6QReKd89dUj397hcWUVNZ9PNZDT8P9f2UOBKUkLfguU6w-1yAmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&mn_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLJHQKfEomGUXGNYCO-BrFCbraJ7imBGd3sApnBuUf6QReKd89dUj397hcWUVNZ9PNZDT8P9f2UOBKUkLfguU6w-1yAmQ&gdpr=&gdpr_consent=
Request Chain 421
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMhJBUedy-Ooh3B1bT2nVKA&google_cver=1&google_push=AYg5qPK3gnkT7kZenza09zsRILEYKZ59IVN3EL44H-dGCiTJFSVs3yTmSn4PxlVX0XOgAdO3B0lKvxeI85hKkCvKkCZlXmhPKNZH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDMwNmE2MjktMGQ5Ni00NmUyLWE1NzItNDMyMmMxOGQ5OTFl&google_push=AYg5qPK3gnkT7kZenza09zsRILEYKZ59IVN3EL44H-dGCiTJFSVs3yTmSn4PxlVX0XOgAdO3B0lKvxeI85hKkCvKkCZlXmhPKNZH
Request Chain 423
  • https://c1.adform.net/serving/cookie/match?party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90
Request Chain 424
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkRLpgAEsiXZUAA-&gdpr=0&gdpr_consent=
Request Chain 425
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&gdpr=0&gdpr_consent=
Request Chain 426
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCanNVN0VpSmNBQURIYm1OMEk4QQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABjsU7EiJcAADHbmN0I8A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABjsU7EiJcAADHbmN0I8A&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABjsU7EiJcAADHbmN0I8A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABjsU7EiJcAADHbmN0I8A
Request Chain 427
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=254de68e-b024-11ec-bbca-3d3cd1174a24
Request Chain 428
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 430
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=659618076813
Request Chain 431
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 432
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ae5hhDkq1NzxlR5&gdpr=0&gdpr_consent=
Request Chain 433
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7019293821359926568P
Request Chain 434
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=db260b88-6210-4169-9720-e61665ce5cb5
Request Chain 435
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=A21DF2CDF4B34C7C8E43AAE9B595FC54 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=CFFE420CC0514E92A5FD115137623FE3 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a82006e7-ec88-46b8-b0b8-c2ef3527abca
Request Chain 436
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=64d0b1ae-ca68-45af-a756-71ed697dbece
Request Chain 437
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=7d691154-004e-4252-9e0a-d9d99806fd73&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=647E2670-BF81-4393-9BFF-FE4D71412F90
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZH4mcL-BQ5Ob__5NcUEvkA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 439
  • https://idsync.rlcdn.com/420486.gif?partner_uid=647E2670-BF81-4393-9BFF-FE4D71412F90 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY0N0UyNjcwLUJGODEtNDM5My05QkZGLUZFNEQ3MTQxMkY5MBAAGg0Ip5eRkgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=086cd4229cadc1fb98f865b2246e67e9e70e8f230d6686e1a8006f1e5eb9e9f6791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwODZjZDQyMjljYWRjMWZiOThmODY1YjIyNDZlNjdlOWU3MGU4ZjIzMGQ2Njg2ZTFhODAwNmYxZTVlYjllOWY2NzkxNDI2YjU0MTdkY2UyMRAAGgwIp5eRkgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwODZjZDQyMjljYWRjMWZiOThmODY1YjIyNDZlNjdlOWU3MGU4ZjIzMGQ2Njg2ZTFhODAwNmYxZTVlYjllOWY2NzkxNDI2YjU0MTdkY2UyMRAAGgwIp5eRkgYSBAgCEABCAEoA&google_gid=CAESEHZCMznTuCqc94ym_XAa5zw&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cf686836-2d6b-4bf8-9fc5-fb66f03651ec
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQ3RTI2NzAtQkY4MS00MzkzLTlCRkYtRkU0RDcxNDEyRjkw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
Request Chain 443
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
Request Chain 444
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4460801092495011935&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 445
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Request Chain 447
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=647E2670-BF81-4393-9BFF-FE4D71412F90&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=647E2670-BF81-4393-9BFF-FE4D71412F90&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OuaV7odE2uWHP5IUbWxd4zujoubZJK4-~A&gdpr=0&gdpr_consent=
Request Chain 448
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2550dbcc-b024-11ec-ab6a-758556ee574a&gdpr=0&gdpr_consent=
Request Chain 449
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1709217890454926719&gdpr=0&gdpr_consent=
Request Chain 450
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=db570c61-a535-4c8c-81be-3c051b4d09b7-62444ba7-4341&gdpr=0&gdpr_consent=
Request Chain 451
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=22c7fe0d74a5121a&is_secure=true&networkId=17100&version=1&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblm2ylRjuANlcfL5AAAAAAA&expiration=1648729383&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 452
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D7f6e77c9-14a3-4120-bf1a-82d1a5a54293%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=fb4a059bc9ca4adda6fd8d27518e29df&ssp=pubmatic&bsw_param=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 453
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz
Request Chain 454
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668821410471988469
Request Chain 455
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_ED8B39E5_108963CB&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 456
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1709217890454926719
Request Chain 460
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=dN4FaXxKc1h3cFVYMXYvZ3FSSWRvdXYvVGVuVkhJMVVSTjdmY3kzS1VCRWp2UGtaNVBiTGRRUHZFb0dpVEJIUUgrbmFOYlh1ZUo2Y25iOW56NTR4d25kNWN2VXlnRXRtQVE0eUNCeTFFNG1ZUDlFcDJlV1VUSnl1c1R4TjZjbmwxQ25nc2szRHdYS21CaVo1bkVjdGwrWlFDYU1jMmJmUWk5Vzg5WnQvQ3Q5UEZySzEzem9wWHBac0EvaCtyVSsrUno5WHJaQmhUUGlJTXg5WjlDaEhqUmJoUXpwMGhSOFp2bVlWOGlXMjFQUkt3dzNMbTJHVWNMRTlhMjM0cXlTdnY0WWdLUERVY0JWeG9NMllOR0U2VEs4OVQ2Zz09fA&cppv=2
Request Chain 481
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L1DJGPPP-L-EKUO&gdpr=0&us_privacy=1---
Request Chain 482
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=cb2ae4c7-d9df-47c6-98fb-6f374336e3fa HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
Request Chain 483
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=3b67e1ec-d7a4-487f-ad63-04aa2bc4361b HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
Request Chain 484
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F481%3FA%3D3b67e1ec-d7a4-487f-ad63-04aa2bc4361b%26bidder%3Dappnexus%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/481?A=3b67e1ec-d7a4-487f-ad63-04aa2bc4361b&bidder=appnexus&cbx=&gdpr=0&gdpr_consent=&us_privacy=1---&uid=1709217890454926719 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F481%3FA%3D3b67e1ec-d7a4-487f-ad63-04aa2bc4361b%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
Request Chain 485
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dbc58cd0af3e05b8a%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=bc58cd0af3e05b8a&uid=2c420fd2-abd3-4224-9303-8a017d8258fb
Request Chain 512
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Request Chain 513
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
Request Chain 514
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Request Chain 515
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Request Chain 516
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=0f411552-cefc-2b92-8009-fe3e305493e9
Request Chain 517
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
Request Chain 519
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
Request Chain 520
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
Request Chain 521
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Request Chain 522
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
Request Chain 523
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Request Chain 524
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Request Chain 525
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=9bc802c3-41d8-147f-3a77-38f511b69757
Request Chain 526
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
Request Chain 528
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=565702ff-0dd2-abb5-0aec-87c71cde3ce8
Request Chain 529
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
Request Chain 531
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
Request Chain 532
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Request Chain 533
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
Request Chain 534
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Request Chain 535
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Request Chain 542
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Request Chain 543
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Request Chain 562
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
Request Chain 563
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
Request Chain 564
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Request Chain 566
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852584
Request Chain 567
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-db1caf0a-08da-4f53-84f5-b78730852d02
Request Chain 568
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8-mQAA%26983 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1c3433f9-6113-47c0-96f8-d357f2153ca5-tuct93dd128
Request Chain 570
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
Request Chain 571
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
Request Chain 573
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Request Chain 574
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_027a5590-d9b7-4b79-bbc1-0d5bf2a394e9&bsw_param=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&expires=10 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Request Chain 575
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=620e860e-a79d-4ef1-806a-f64d9a847145&expiration=1680178984
Request Chain 576
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852584
Request Chain 577
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8-mQAA%26983 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
Request Chain 580
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
Request Chain 581
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
Request Chain 583
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Request Chain 584
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ae5hhDkq1NzxlR5
Request Chain 585
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=254de68e-b024-11ec-bbca-3d3cd1174a24
Request Chain 586
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_62444ba8c1e5a&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62444ba8c1e5a
Request Chain 587
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751679036070747
Request Chain 596
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=56556349b41d6e6ed36cd22856d99d09
Request Chain 597
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d6c6648ec2213f27e48c7426e30741a6
Request Chain 602
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/9207548265241888747
Request Chain 603
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/3410955970430486413
Request Chain 605
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
Request Chain 606
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
Request Chain 608
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
Request Chain 610
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
Request Chain 617
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
Request Chain 618
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
Request Chain 619
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Request Chain 620
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Request Chain 623
  • https://b1h.zemanta.com/usersync/prebidtest?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=IXsgapRFGAyIZX8Ya0Zc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3QMFZHI3TFOJPXK43FOJUWIX3HMV2C633VORRHEYLJNYXUSWDTM5QXAUSGI5AXSSK2LA4FSYJQLJRT6ZLYMNUGC3THMU6XA4TFMJUWI5DFON2CMZ3EOBZD2MA&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3QMFZHI3TFOJPXK43FOJUWIX3HMV2C633VORRHEYLJNYXUSWDTM5QXAUSGI5AXSSK2LA4FSYJQLJRT6ZLYMNUGC3THMU6XA4TFMJUWI5DFON2CMZ3EOBZD2MA HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
Request Chain 624
  • https://b1h.zemanta.com/usersync/prebidtest?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=IXsgapRFGAyIZX8Ya0Zc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3QMFZHI3TFOJPXK43FOJUWIX3HMV2C633VORRHEYLJNYXUSWDTM5QXAUSGI5AXSSK2LA4FSYJQLJRT6ZLYMNUGC3THMU6XA4TFMJUWI5DFON2CMZ3EOBZD2MA&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3QMFZHI3TFOJPXK43FOJUWIX3HMV2C633VORRHEYLJNYXUSWDTM5QXAUSGI5AXSSK2LA4FSYJQLJRT6ZLYMNUGC3THMU6XA4TFMJUWI5DFON2CMZ3EOBZD2MA HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
Request Chain 625
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/90afede6-bab8-44b4-b1c1-757dc58fdde2?gdpr_consent=null&gdpr=0
Request Chain 626
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/dfbb7acd-029d-498d-be5b-e9b25c4664a7?gdpr_consent=null&gdpr=0
Request Chain 629
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=YZA023WAgM7n9zSjlebRZsXID3jTuFy5p2CyzeY9&gdpr=0 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drtaplus%26bsw_param%3D7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=41b86244-4ba6-4d00-ae4c-0c44c15dcc35&expires=30&ssp=rtaplus&bsw_param=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Request Chain 630
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID HTTP 303
  • https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=4668821410471988469
Request Chain 631
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%24%7BUID%7D HTTP 302
  • https://sync.connectad.io/umatch/1?dataid=data5&uuid=9c285c05-4cbb-4fd0-a219-b9cf06f70326
Request Chain 632
  • https://creativecdn.com/cm-notify?pi=connectad HTTP 302
  • https://creativecdn.com/cm-notify?pi=connectad&tc=1 HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=qbJtu5hjs3huaNl8uTN9&pi=connectad&tc=1
Request Chain 633
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dappnexus%26dataid%3Ddata11%26uuid%3D%24UID HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=appnexus&dataid=data11&uuid=1709217890454926719
Request Chain 634
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID HTTP 307
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=8dfcb9d28e05f6f8bb51f33d
Request Chain 642
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4460801092495011935
Request Chain 643
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852585
Request Chain 644
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
Request Chain 645
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852585
Request Chain 646
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=IXsgapRFGAyIZX8Ya0Zc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SKYONTWC4CSIZDUC6KJLJMDQWLBGBNGG HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SKYONTWC4CSIZDUC6KJLJMDQWLBGBNGG HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=IXsgapRFGAyIZX8Ya0Zc
Request Chain 647
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8-mQAA%26983 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
Request Chain 650
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 651
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 652
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1648642985835 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 653
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
Request Chain 654
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=57imGiyUDF6-8nLhqktEYg
Request Chain 655
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vOMZ0imARIRUmMUOJp9Co5U4mbs
Request Chain 657
  • https://pixel.onaudience.com/?partner=214&mapped=647E2670-BF81-4393-9BFF-FE4D71412F90 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=9954fd9372cf31f8
Request Chain 658
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=&fbounce=1
Request Chain 659
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=647E2670-BF81-4393-9BFF-FE4D71412F90&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=647E2670-BF81-4393-9BFF-FE4D71412F90&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 667
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:647E2670-BF81-4393-9BFF-FE4D71412F90 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=270457b0-b024-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:647E2670-BF81-4393-9BFF-FE4D71412F90

677 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4lpHNx
shrinke.me/ 		69 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f153d7ddc6d5130372ba631ee4f60b97e648a2e0e32874eb65dcf89a111aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6f40d0547aa54bc5-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:22:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgEkzArVUQuiv7wLOhu2ocYwphj88%2BXaDz1Pky2qNYF2OwSuhTCBF5cfKI623R%2FvK0KAGpUILbKb63HCk5jPoSYcgF7UEPtkHC6Ps9C0MFIU4B2o1FVLmZ5UwiAv1UsOz19Um%2FgIhnh1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e667273736cc088e5c45da9d80c956807969e29928a9bff6304e443b19eec9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:22:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 12:22:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 12:22:58 GMT
styles.min.css
shrinke.me/modern_theme/build/css/ 		187 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491165
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2ec69-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LChtR1uznIzJWX%2Bw96ksWGrCEi16Kc9baZG5wygg1GClv4raFJympKFnjMux6hC%2FPJWr%2Fv%2Fs5BaZ8V41xya%2F4KKIsuonltvE9M0QSHCCOvzpRjq%2FGgtG1iv%2F970uPfvRNNBH2FXvETv9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6f40d055fcd74bc5-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
sw.js
shrinke.me/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/sw.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491165
cf-polished
origSize=98240
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17fc0-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B29mylEUb0npjQ%2BE5aflqfOfaZ18bmmFUMXyjBFQkU2pX7qq4pXSelPi%2BX8Bt%2FJN%2FDCTLEt6SH7TNw12C%2FlV0g2I9juBUU1TcsBqXli9gVcEYLED0xVsJ0t6u5rP%2B%2FTUlIb1i6vZEGTB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6f40d055fcd84bc5-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
/
d301cxwfymy227.cloudfront.net/ 		290 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:8a00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d30941d6b035706933ceb10e61b3408b423016a14d9531ab16b188115ef6e48b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
96859
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-cf-id
PjW0VwKk9W1kf1tg1AEjfcgLNomprMHoZ5wZMdg--unfm7XcXBux7w==
logo-sm.webp
shrinkme.io/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkme.io/logo-sm.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24133843
vary
User-Agent, Accept-Encoding
content-length
31236
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
etag
"7a04-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9HFxhYpMyldLlcnrcxDfziV8wu5BQxHdd8%2FddcVnyvwM7IcQJUzVDmocNxEe1%2B0ZItKGIszgoz06l%2FeC0OQnv%2BPOU27QejNnjP0V3X%2Bksql025ERmR7AKklljyHl%2BxVCTLoBZRpcmo0Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6f40d056f4897151-YUL
expires
Fri, 24 Jun 2022 04:32:15 GMT
async.js
cdn.adtrue.com/rtb/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14339968
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7ARVc1SIkhYJmMIwUiv6Tp4dlTC%2FZvGvyrKC0B03gAsp08FlDxs1XyJ0tW%2BvkWkkHyvvHaX2PH4M5huxlfOHX7Ep47pbiqC%2Fq%2F0LKlRzgMsxK39VKKqqQemnBslc4oqvKh4HRteOfG%2BUT4ptw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d0575d604bbe-YUL
expires
Mon, 10 Oct 2022 13:03:30 GMT
email-decode.min.js
shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G7OqUzMdfGIObLh5uQFAdGX7%2F8rn4ck56%2BW1Jt7zQ%2BJizcppo7NfcauRuDKBnzokpttdPJbAViRnF2886KBnzsh6wpcSh1t5oP8sx2%2FQEfJECWajORYbJRqO0YSgMDOvC4UNJvJPGhv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f40d0568a30714b-YUL
vary
Accept-Encoding
expires
Fri, 01 Apr 2022 12:22:58 GMT
ads.js
shrinke.me/js/ 		190 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/js/ads.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491165
cf-polished
origSize=191
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bf-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivYYoKrkhiDDNoXTY3IPXIKLS%2Fzxavvp9fuqaLRbq6kWQRH3XWuc6NaXxm3Cdhvra18vmH8srLoN7d%2BBqlBG9Yvhl1hO93ejdg6P%2B9oNtLrUKq%2FNDuLlxnj5gDxazvolbhKc3vaGrH8k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6f40d0569a50714b-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
rocket-loader.min.js
shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxgXbwEI%2FY6j6tY85oWCs1eCJaCoJV%2FI6nK%2BOHpv6P%2BNoeLsfS9bjJeC3kPelHN1ZL7wmhrILCEA5kgJ%2FeRAiSHV%2BXe5QHXPm7HMPKhE1fxA9jPinaHsBbpxxJiamT%2BWpKCD%2F7wrcOkt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f40d0574b0e714b-YUL
vary
Accept-Encoding
expires
Fri, 01 Apr 2022 12:22:58 GMT
eWVWT0kCRyU4FgwXOm1zWw0iOzkKX3lgOhEXPyEiHEs7KmYKEnglOltJdDwkH0dsfmVbETcoFhABdHVrTlxkfXBAR3ptOgwHCSYtS0dsbS9IA2UscBhWe3grTF17e3saXHt3fBxVeytwGFNvLnpNVjJ%2BcFsY
leaderhistliness.info/ 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leaderhistliness.info/eWVWT0kCRyU4FgwXOm1zWw0iOzkKX3lgOhEXPyEiHEs7KmYKEnglOltJdDwkH0dsfmVbETcoFhABdHVrTlxkfXBAR3ptOgwHCSYtS0dsbS9IA2UscBhWe3grTF17e3saXHt3fBxVeytwGFNvLnpNVjJ%2BcFsY
Requested by
Host: shrinke.me
URL: https://shrinke.me/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c9748d527dc46297298499a26c1be05da1e282853cf06d47071279f07890b019

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"e0f0-YN6aPVT61L/kSGkqoPugGl5lmqc"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
/
freychang.fun/ 		27 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5571c7fe0ba85c0489d443197aac9b58e395c5a2cbcfc04447c7f9c80f903b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BKHcIkUJqRycKPybJgOB%2FXezWFbsgOxlOHW78E7Ocfxawut8G1XtQDr4MYIaVxQAGItGYTWtQRLfU9TDZKG8rQv8jUjUGsV7uucuArjWKdINUIWrtjKwFm3%2FPsyXZOCj3yvE76hm%2B7U6jj5"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6f40d0579a16ecee-YUL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
bookljlihooli.com/ 		0
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/utx?cb=dvusPNomZUga&top=shrinke.me&tid=792297
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
ELZtszFTBPhEmu-m0MXGzdB7pVp8GeDEel9kh1MsF11Ju54OF9Jjmw==
/
freychang.fun/ 		26 B
724 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed16a3826326dfbf7b118de5b858f897347ad83d0edcf555eee951d46d1a9555

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://shrinke.me
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7eHm9XH4yPg%2FhnRbEl8pQA3%2BHnTnigDO5xfmXNVStZiw8jpJDsTcu12xgCrq7Bw1xtNR5N7Trx4xUfdBo%2BnXftOUun5QFYuUZuyxoyfB2yb%2BB%2FPl%2FAFfs5qtMEzwe9QnAlZg9%2FUN8h%2FXxvt"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6f40d0579a18ecee-YUL
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
bookljlihooli.com/ 		0
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/utx?cb=56BtpwWdIYLY&top=shrinke.me&tid=829554
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
bMDD-5Ne3-6R2Y641hYk6rgMuC88A4MaTyEQnLiM57hdX--HJQRTzA==
eGZpWFZXWQoraxkuAWgEFRI4DAMqQ1saDj4eJwoONgU8HWM+AFhocAwPDWVhQVRbYWFeFgA8a0lAGiw3DBMaZWdeDwc+OUVAH2VnVlVddmRNSFl+I0VXTywmGQFUaXAIEh00a0lQXWBgTFRQb25MUlE
doobyyooby.com/ 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doobyyooby.com/eGZpWFZXWQoraxkuAWgEFRI4DAMqQ1saDj4eJwoONgU8HWM+AFhocAwPDWVhQVRbYWFeFgA8a0lAGiw3DBMaZWdeDwc+OUVAH2VnVlVddmRNSFl+I0VXTywmGQFUaXAIEh00a0lQXWBgTFRQb25MUlE
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRG%2F1xpcAAIThA4xMT25FxV6mFo3gSjrWANEzdzSLzBO6J62sd4KZU%2F%2FrF0QVpunJ8FAQDJvAmcQS4FQbeCqlbqtRwf3iE1cLduVlaxEbySWl4ptZ%2Buyw70yfhY9pkSZfar%2Blue912L3eEbpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6f40d057be7c713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200d , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
popunder.gif
doobyyooby.com/ 		35 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doobyyooby.com/popunder.gif
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
public
date
Wed, 30 Mar 2022 12:22:58 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 17:00:16 GMT
server
cloudflare
age
69762
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hb9nO7EgsRgt%2BLCanwsDNWG%2FdFpAGii8w0H5PvK71JDeIWPS7rXJByYoG%2Bw0owJY28D4nWlzha2j5I9ZAZqd1%2BsQbKmDmneS6U4DQ5nHJL5Mb4wS05tWTy7UWHbsiiN68LTOrviKsn%2FIv8efBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f40d057be7e713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KkZXHC54RA1+XQRlKQNNc3ALGDIgUAB9TjVbCnBfeABcdFBnQgcpVXAKSD4cIEYbPlVwFAcjDi4PSDtVcBxeY1lvAkg4VXAUGj0JJg9faxg1RgJwWXcGVntccwtZdVx0Bg
doobyyooby.com/QTJuTWhuDQ0+VRJ6LCI/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doobyyooby.com/QTJuTWhuDQ0+VRJ6LCI/KkZXHC54RA1+XQRlKQNNc3ALGDIgUAB9TjVbCnBfeABcdFBnQgcpVXAKSD4cIEYbPlVwFAcjDi4PSDtVcBxeY1lvAkg4VXAUGj0JJg9faxg1RgJwWXcGVntccwtZdVx0Bg
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8zTGphoSocNUJpPMpCZ9mvxX9MjIcDVPXoY5JSSKFfGjENNCYhkJ7lK%2BXxIMz8Tff0kGgDmFU0LAtdKQluJkE4e4fZMNC9NdQLxQ%2FSjfW1wL%2F0S6Lw%2FqWRfadZpDTu%2FepNe4GThf9xH0hY9FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6f40d057be7f713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
VG9jaGl7UAAbVBs6JT4LAVspDAQOCwcPK2E1JRhfFTcpBT46HEUcADBSW1pQYVpXThk9C15aUHIcFwkdIRxeWU89AQUHVHIZXllHZEFWX0dkSRZVWHIbEwkOaV5FGB0gA15ZX2BXVVxbbVhbXF9k
doobyyooby.com/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doobyyooby.com/VG9jaGl7UAAbVBs6JT4LAVspDAQOCwcPK2E1JRhfFTcpBT46HEUcADBSW1pQYVpXThk9C15aUHIcFwkdIRxeWU89AQUHVHIZXllHZEFWX0dkSRZVWHIbEwkOaV5FGB0gA15ZX2BXVVxbbVhbXF9k
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2oIfyc%2B2%2FG6T3r%2Fvx7RwDmjqwJdOFoSUnMdfSHUOJe%2B8k%2BqjszZRacMH2QxmOac8V3krq6l4wr0HhwsdCkrLGu%2B05AlhZ2KDXs%2FOqOMSHs4ly5EjTlpRtMKqWUIxDctdgdXzzbf%2Bsd9LcXsXw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6f40d057be82713c-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header9.webp
shrinkme.io/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkme.io/header9.webp
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14328353
vary
User-Agent, Accept-Encoding
content-length
130482
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
etag
"1fdb2-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FycsZbQC7MX3w4m3Z%2BDyUq7OmbZhylyKL1kE4l4zjpwD0vUO21VVi2ZoB6zhVUKZwdn1eo65VcrheD%2BALlSS5Nw%2Ff1dMeOQ3DUqV0%2FZ9ejpwyFK0zPHRTCuJQw07ZBJ3f8sTV6%2FPx5UORg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6f40d05784b47151-YUL
expires
Sat, 15 Oct 2022 16:17:05 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shrinke.me
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 19:34:44 GMT
x-content-type-options
nosniff
age
60494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 19:34:44 GMT
fontawesome-webfont.woff2
shrinke.me/modern_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: shrinke.me
URL: https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shrinke.me/modern_theme/build/css/styles.min.css?ver=6.4.0
Origin
https://shrinke.me
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
344
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12d68-5a22587d62000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MyLRym0bCISwQhFC6yzPfNDGjh19nESHJ84lpdkVfqwTIdwwPpCapbsx6DA2KBcYjyyl%2BoJIV%2FktU6AVm%2Bvkay3xJcJGceyGoQQOZnDtwIkTaQ988PJk%2Bie%2FVz1NCBa%2B%2B75ffu3026q"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f40d0578b84714b-YUL
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shrinke.me
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 14:46:57 GMT
x-content-type-options
nosniff
age
336961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 26 Mar 2023 14:46:57 GMT
1844b8e470c024a415cff51a0843d71c.js
roofprison.com/18/44/b8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roofprison.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:22:59 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
api.js
www.recaptcha.net/recaptcha/ 		921 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc03a5dc1bbfaf675a6844f387a6a094dfbf3617d8eacfdb7621ce382000f1ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Wed, 30 Mar 2022 12:22:58 GMT
script.min.js
shrinke.me/modern_theme/build/js/ 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shrinke.me/modern_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491165
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 31 Mar 2020 12:16:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"32956-5a22587d62000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9G99YPW54wndj%2FQY2e1gAqKktP52oy5cLN0OQnr7tecRmHyjvedeZR9OXEAguEVqqlRq3dKlfiYkDoJRpRi6D%2BkxDJ1B5d0Z0Okd1DgMF5YSMJYxRj0unGLwewZCQvpPxy21FAsI7%2Fg9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6f40d0579bb3714b-YUL
expires
Sat, 23 Apr 2022 19:56:53 GMT
11628
tags.orquideassp.com/tag/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/11628
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:a000:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
30077e599842195e23d382b85dd6d3ab8bbb43bf3bfb2529422dc6e970bf6632
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3125
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Wed, 30 Mar 2022 11:34:11 GMT
content-length
829
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33d-bgxjTDcdm+XlaWDc7C8HVn0kSGU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
c9oOLKy-UK3bf40Kfqb2SYcGRL5NfCZ6t4nELb-TqQlILdNL7iPLZA==
12656
tags.orquideassp.com/tag/ 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/12656
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:a000:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
90330951e486dd4303a83f369db490420782093ddeba680cc36e97744de4fd42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2136
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Wed, 30 Mar 2022 11:48:12 GMT
content-length
829
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33d-W4YgcT6ILQyLQIqyYkgXO3XMOEQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
AJQUywRjjXnvgpKTaulRLCiIuDtXUIbiI1Yl_3S1-ZiplarmJBq-NA==
/
services.vlitag.com/adv1/ 		992 B
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46bff755f5fc6e994c3340d10801afac37d3820c0ee1581b0022ebec7d9f3035

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 30 Mar 2022 12:22:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6f40d0580caa4bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e4a"
vary
Accept-Encoding
x-hw
1648642978.dop201.dc2.t,1648642978.cds201.dc2.hn,1648642978.cds102.dc2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
js
www.googletagmanager.com/gtag/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6fc76212b52d09a17241ae0e7300e78e1e5185e5c378ffb4f8707b951976f31c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37792
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 12:22:58 GMT
QhReGTF7ESwrGER7CSMEXwdYLDhAYzotJGAVFTgRVQMsMQ1iMh87BV9gOgANdwApXQFVEjwKDXITBCE4emUrISx7DgcNB3kECjgwRBhIWxZ1ECgODFobPiETcWULWTd5MCwvM2IhKxsWARQvKgxQEgsOBmoYKyhsez4VDjAAIigtOkQVCC8SfjQaKHJZJQIHJA4lD...
bookljlihooli.com/M1ZtaVRSNA4Ea1JrD08hQTpQTGZ1c18vMABmXAosRDAUBC0BZFpHN185GA0yQTkDHXpdMxlMZnUCIDxhABk7Iwd6BAEPNmYDAywjYTouISx1Fyo8DHkXPz4EdhAXKxJUMywOPwQyKVAyd2crJx91ABc7LAtzXysBcBc8KxxhAyQrBXYPFQo... Frame D0E4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/M1ZtaVRSNA4Ea1JrD08hQTpQTGZ1c18vMABmXAosRDAUBC0BZFpHN185GA0yQTkDHXpdMxlMZnUCIDxhABk7Iwd6BAEPNmYDAywjYTouISx1Fyo8DHkXPz4EdhAXKxJUMywOPwQyKVAyd2crJx91ABc7LAtzXysBcBc8KxxhAyQrBXYPFQoidmcZHxZkMSk6AAI3DhEsYhhcKCd2OjRRB0lnPz0QfhskETx3GVxZPXU+FQ4wACI3KgxQEgsFbXwZXFEldBNZARJ7LiU/LWoDCyw3eg8FUHEBFDgOO2IQJREcZzwZDzF2Gw4wDH0kPzg/QhReGTF7ESwrGER7CSMEXwdYLDhAYzotJGAVFTgRVQMsMQ1iMh87BV9gOgANdwApXQFVEjwKDXITBCE4emUrISx7DgcNB3kECjgwRBhIWxZ1ECgODFobPiETcWULWTd5MCwvM2IhKxsWARQvKgxQEgsOBmoYKyhsez4VDjAAIigtOkQVCC8SfjQaKHJZJQIHJA4lDCVndBogBDpy
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
782fdf9adc98c3d535fd6f75cadd0fd8f1d8524b279fe2444432dcfc2fbdd5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1227
content-type
text/html
date
Wed, 30 Mar 2022 12:22:58 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
x-amz-cf-id
kLr0VmsimTWQLjUMsbKUKAWVP4mwmULZSLBR9Zkb-q-ckdAoeY0l8g==
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
NnJoRnBXEAsrT1dPCmAFRB5VY0JwV1oAFAVCWSUIQRQRKwkEQF9oE1odHSIWRB0GMl5YFxxjQnAaCg4UXyEwHyBxMx8wI2QVDQQeZDA+EyZnES1zO34gLSs3dAojDwoCSiAsF0YROwtHfxoiMDFeKzweQ1ojKQQpez4DMjtzFR83IwdDOgcJBic9Ez5zIioiInEVW...
bookljlihooli.com/ Frame 8E56 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/NnJoRnBXEAsrT1dPCmAFRB5VY0JwV1oAFAVCWSUIQRQRKwkEQF9oE1odHSIWRB0GMl5YFxxjQnAaCg4UXyEwHyBxMx8wI2QVDQQeZDA+EyZnES1zO34gLSs3dAojDwoCSiAsF0YROwtHfxoiMDFeKzweQ1ojKQQpez4DMjtzFR83IwdDOgcJBic9Ez5zIioiInEVWDw4QTMKB0JONyMtOnsXPggVZEIHY0J0Oh8PJHImXAAjYyQ7DAd8ODoQOgIgAww4ZEEHdiNjJDsWGA4xORAqRSA7cyNjOgMJJ108JCQ1ZBEuLjkDNQ8tMXQLGyIyZzwgIwp0KDoAXWAcOhAAZScgKhV0ClAROnQCIhQjcAE6AAdUMREPJGUnPhU8Xj84DjEHFT13RX4zOwM1dwoHDhJzIxkUHHxHPwAIbCQGACBhHgQTFWA8DRQIcx0tB0BwMVo+NX0ZIhQWWhoOFyVnSjt3QBAYGykeRk8pMTpEPSN+JWEnGA
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
c3b9685db7e49593858ccc2f1fe5dbd09ab2b288167034e29e56f6188275de8b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1213
content-type
text/html
date
Wed, 30 Mar 2022 12:22:58 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
x-amz-cf-id
pEr0j5wTbiBWZM-fn5C95tqc83K3-MFYSRBiFC2D1RqO9bm08tcEOQ==
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
RGhlQWQlCgYsWyVVB2cRNgRYZFYCTVcHAHdYVCIcMw4cLB12WlJvBygHECUCNgcLNUoqDRFkVgImMRQILz8gLhEODwpkVgYMMSoDBS8zOAJ3KjcjPHEaLDkHdyIhcFQNLwoEJyMlAA0McDIhNg8ICiEqHgUvM3cFPT0jDw11Hwc2IXYjPQNQFQIONCh3OjQnDnBRL...
bookljlihooli.com/ Frame 1C11 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/RGhlQWQlCgYsWyVVB2cRNgRYZFYCTVcHAHdYVCIcMw4cLB12WlJvBygHECUCNgcLNUoqDRFkVgImMRQILz8gLhEODwpkVgYMMSoDBS8zOAJ3KjcjPHEaLDkHdyIhcFQNLwoEJyMlAA0McDIhNg8ICiEqHgUvM3cFPT0jDw11Hwc2IXYjPQNQFQIONCh3OjQnDnBRLyZdKCE2EBcGPAo3LS0LAApWM1wuBw91IjEiAwcsNDMFDBsMIzMWUQcHPisxDy4DBwISLSsuGCcgCisCNRQiNQ0LOVEXBQ03AiMcJyAKK14sABQxDggpUg4GVHUCEC42IyMKBwBwSRVdKitUKCk2eRIIESwPKANRQHMiAFkjMwITJlMUCnVcAxYhFCUhdQMOPSMwJxMAUhcgFQIvKBwGCQsuFQgpBjsuEzoWFwkjGC8VFwgmNngLIREvMQEqWQsXLB5NVwMAHCo2JQo8UQcHPisnNjYSBjsKKwUMGwwjPCheP3AAMQohKVQSOUMrFysGFXwgdiYiCx4yPDEHCRc
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
79e59a4d170acf6a286c1e6da9f3f841ec3fd94d88871e36cf8315e385b77c58

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1232
content-type
text/html
date
Wed, 30 Mar 2022 12:22:58 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
x-amz-cf-id
L9IjfWuv7wi6SNWRLtmmF8AFMC56ajMDlEdy9UVxcBG1k-V8gUOBYw==
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
4lpHNx
shrinke.me/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinke.me/4lpHNx
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a287 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/4lpHNx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f40d057abc4714b-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q9wQdJ4VY21pyjPrJNjieiEKQUujyMhr8iuffy7Qi9RglbyVdIQCDAq9g6IIoqzeZlHJGVFtQoX2nPIEqsUzICeuieHjW6Va9O0C4sYbFO5SIomS4mhZEO0h9B8uf1i6aeGMkfMDHDc"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
expires
Thu, 19 Nov 1981 08:52:00 GMT
TMU53OVJSIRlfbUUnEwRlCHxFAGUXJARWPEFzBFgeAgk7dD9fD1FNKFVzRx8+UCAQBHRUIBQEYxcvE1tvBWgDST1acxxQN1AsElY8Sz1RTDMMIxhDO10iFhxgd3tZCXcDfl9OO18qGE4hFHxHVyYUfEcIYh9+UgoQFHxHTjtfeEMcYXNrRQkqB3peHGABLw-dJPlQ...
d301cxwfymy227.cloudfront.net/ Frame D0E4 		742 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/TMU53OVJSIRlfbUUnEwRlCHxFAGUXJARWPEFzBFgeAgk7dD9fD1FNKFVzRx8+UCAQBHRUIBQEYxcvE1tvBWgDST1acxxQN1AsElY8Sz1RTDMMIxhDO10iFhxgd3tZCXcDfl9OO18qGE4hFHxHVyYUfEcIYh9+UgoQFHxHTjtfeEMcYXNrRQkqB3peHGABLw-dJPlQ5Els5WDpSCxQEfUAXYQdrRQl6WiYDVD4UfDQcYAEiHlI3FHxHXjdSJRgQdwN+FFEgXiMSHGB3f0cJfAFgQwFrB2BBCXcDfgRYNFA8Hhxgd3tEDnwCeFFMbwA
Requested by
Host: bookljlihooli.com
URL: https://bookljlihooli.com/M1ZtaVRSNA4Ea1JrD08hQTpQTGZ1c18vMABmXAosRDAUBC0BZFpHN185GA0yQTkDHXpdMxlMZnUCIDxhABk7Iwd6BAEPNmYDAywjYTouISx1Fyo8DHkXPz4EdhAXKxJUMywOPwQyKVAyd2crJx91ABc7LAtzXysBcBc8KxxhAyQrBXYPFQoidmcZHxZkMSk6AAI3DhEsYhhcKCd2OjRRB0lnPz0QfhskETx3GVxZPXU+FQ4wACI3KgxQEgsFbXwZXFEldBNZARJ7LiU/LWoDCyw3eg8FUHEBFDgOO2IQJREcZzwZDzF2Gw4wDH0kPzg/QhReGTF7ESwrGER7CSMEXwdYLDhAYzotJGAVFTgRVQMsMQ1iMh87BV9gOgANdwApXQFVEjwKDXITBCE4emUrISx7DgcNB3kECjgwRBhIWxZ1ECgODFobPiETcWULWTd5MCwvM2IhKxsWARQvKgxQEgsOBmoYKyhsez4VDjAAIigtOkQVCC8SfjQaKHJZJQIHJA4lDCVndBogBDpy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:8a00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8f732a780f3f223d61fe33661645fcaada4c5a2e67de955025fb52803d9f6165

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bookljlihooli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
545
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-cf-id
kz1S7CFNcNLESBodC5aRaqL9yz9aUBrvl9WEu0osVtOoedND5iXQSg==
multi
bookljlihooli.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/multi?cs=c2Y0UElDUQdgcUpeBWd9S1UHZ3w&abt=0&red=1&sm=76&k=shrinkme%20highest%20payout%20short%20shortener%20link%20earn%20money&v=1.0.57.0&sts=0&prn=0&emb=0&tid=829554&u=1164179586884806&agec=1648642978&fs=1&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F100.0.4896.60%20safari%2F537.36&tzd=0&uloc=&if=0&_520O=1648642978655&crc=1
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: https://d301cxwfymy227.cloudfront.net/?fwxcd=792297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
7bccaa172472fbe8f62639778138e12f36947dade68b0a7ec268e3491303f0d2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
text/plain
content-length
1410
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
x-amz-cf-id
-O9UrM2Gltag_E_PbL6a0u45KDUCAgO5ya8Zvv87jQUY5_L1-YcutQ==
hbHdiSXYPGAwvSRgeBnRBVUVQcE5KHREmGBxKIz48HjgpcSM7IhJvAhYTX3lQABYMLktKEgwqS11RAy0UUUNEPBdRGg0zHwAbA2xEKkJMeVNeR0o+HwITDT4FSUVSJwJJRVJ4RkJHR3o0SUVSPh8CQVZsRS5SUHkOWkNLbERcFhI5GgkABysdBQNHezBZRF-VnRVp...
d301cxwfymy227.cloudfront.net/ Frame 8E56 		187 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/hbHdiSXYPGAwvSRgeBnRBVUVQcE5KHREmGBxKIz48HjgpcSM7IhJvAhYTX3lQABYMLktKEgwqS11RAy0UUUNEPBdRGg0zHwAbA2xEKkJMeVNeR0o+HwITDT4FSUVSJwJJRVJ4RkJHR3o0SUVSPh8CQVZsRS5SUHkOWkNLbERcFhI5GgkABysdBQNHezBZRF-VnRVpSUHleBx8WJBpJRSFsRFwbCyITSUVSLhMPHA1gU15HASEEAxoHbEQqRlJ5WFxZVnFPWllUeVNeRxEoEA0FC2xEKkJRflhfQUQ8S10
Requested by
Host: bookljlihooli.com
URL: https://bookljlihooli.com/NnJoRnBXEAsrT1dPCmAFRB5VY0JwV1oAFAVCWSUIQRQRKwkEQF9oE1odHSIWRB0GMl5YFxxjQnAaCg4UXyEwHyBxMx8wI2QVDQQeZDA+EyZnES1zO34gLSs3dAojDwoCSiAsF0YROwtHfxoiMDFeKzweQ1ojKQQpez4DMjtzFR83IwdDOgcJBic9Ez5zIioiInEVWDw4QTMKB0JONyMtOnsXPggVZEIHY0J0Oh8PJHImXAAjYyQ7DAd8ODoQOgIgAww4ZEEHdiNjJDsWGA4xORAqRSA7cyNjOgMJJ108JCQ1ZBEuLjkDNQ8tMXQLGyIyZzwgIwp0KDoAXWAcOhAAZScgKhV0ClAROnQCIhQjcAE6AAdUMREPJGUnPhU8Xj84DjEHFT13RX4zOwM1dwoHDhJzIxkUHHxHPwAIbCQGACBhHgQTFWA8DRQIcx0tB0BwMVo+NX0ZIhQWWhoOFyVnSjt3QBAYGykeRk8pMTpEPSN+JWEnGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:8a00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f42d32694dfa44a8b59d1087c12d688e1ca17a21c87e777f072b11dfaf45779

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bookljlihooli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
187
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-cf-id
I8mfmY68OvWyfzuewWbGoQuW3ks4OtE1RyAYsS7ha8OxZcKT6HgOJQ==
D1FrfWN6Un14fWEPMD4gJUFqCWh7VDQjJixBanoqLAczJWRsVmgpJTsLNS9oeyJpen1nVHZ+dXBSdnx9bFZoOSwvBSojaHsibXl6Z1dubDh0VQ
d301cxwfymy227.cloudfront.net/NTUlkWEouJgo+dTkgAGVyf3BRbX5rIxc3JD10IGoECgMeLh4ZDwkLbDkzAGV6ayUFNi1wbwE2KXB4QjkuL3RQfj49Jg9lISQsBTovIiceK2w4KFk1JTcgCDQraHsibWR9bFZoYjogCjwlOjpBanojPUFqenx5SmhvfgtBan... Frame 1C11 		580 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/NTUlkWEouJgo+dTkgAGVyf3BRbX5rIxc3JD10IGoECgMeLh4ZDwkLbDkzAGV6ayUFNi1wbwE2KXB4QjkuL3RQfj49Jg9lISQsBTovIiceK2w4KFk1JTcgCDQraHsibWR9bFZoYjogCjwlOjpBanojPUFqenx5SmhvfgtBano6IApufmh6Jn14fTFSbGNoe1-Q5Oj0lAS8vLyINLG9/D1FrfWN6Un14fWEPMD4gJUFqCWh7VDQjJixBanoqLAczJWRsVmgpJTsLNS9oeyJpen1nVHZ+dXBSdnx9bFZoOSwvBSojaHsibXl6Z1dubDh0VQ
Requested by
Host: bookljlihooli.com
URL: https://bookljlihooli.com/RGhlQWQlCgYsWyVVB2cRNgRYZFYCTVcHAHdYVCIcMw4cLB12WlJvBygHECUCNgcLNUoqDRFkVgImMRQILz8gLhEODwpkVgYMMSoDBS8zOAJ3KjcjPHEaLDkHdyIhcFQNLwoEJyMlAA0McDIhNg8ICiEqHgUvM3cFPT0jDw11Hwc2IXYjPQNQFQIONCh3OjQnDnBRLyZdKCE2EBcGPAo3LS0LAApWM1wuBw91IjEiAwcsNDMFDBsMIzMWUQcHPisxDy4DBwISLSsuGCcgCisCNRQiNQ0LOVEXBQ03AiMcJyAKK14sABQxDggpUg4GVHUCEC42IyMKBwBwSRVdKitUKCk2eRIIESwPKANRQHMiAFkjMwITJlMUCnVcAxYhFCUhdQMOPSMwJxMAUhcgFQIvKBwGCQsuFQgpBjsuEzoWFwkjGC8VFwgmNngLIREvMQEqWQsXLB5NVwMAHCo2JQo8UQcHPisnNjYSBjsKKwUMGwwjPCheP3AAMQohKVQSOUMrFysGFXwgdiYiCx4yPDEHCRc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:8a00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b299e5ae87f861bd18f9f0d65d8e0e3368b93c05d460e36e23f81398f3dad22d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://bookljlihooli.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
442
via
1.1 29cdae592cbcdf154c4515153175497e.cloudfront.net (CloudFront)
x-amz-cf-id
kJxl8f2Lg4-yfrWbxmIj8bTkMTSRbtdSn1zx5aiX5uZyrvdfPs7CSg==
utx
bookljlihooli.com/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bookljlihooli.com/utx?tid=792299&top=shrinke.me&cb=fIXuyj3d0KbG
Requested by
Host: leaderhistliness.info
URL: https://leaderhistliness.info/eWVWT0kCRyU4FgwXOm1zWw0iOzkKX3lgOhEXPyEiHEs7KmYKEnglOltJdDwkH0dsfmVbETcoFhABdHVrTlxkfXBAR3ptOgwHCSYtS0dsbS9IA2UscBhWe3grTF17e3saXHt3fBxVeytwGFNvLnpNVjJ%2BcFsY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
EWR50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
DU-IiGcMNIHvcv1Sr4z-OixKG4lBgclBP2X67zYVChM6WCJwSZL7WQ==
/
choobinoobi.com/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://choobinoobi.com/
Requested by
Host: leaderhistliness.info
URL: https://leaderhistliness.info/eWVWT0kCRyU4FgwXOm1zWw0iOzkKX3lgOhEXPyEiHEs7KmYKEnglOltJdDwkH0dsfmVbETcoFhABdHVrTlxkfXBAR3ptOgwHCSYtS0dsbS9IA2UscBhWe3grTF17e3saXHt3fBxVeytwGFNvLnpNVjJ%2BcFsY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
sw.js
shrinke.me/ Frame 		0
0
/
d301cxwfymy227.cloudfront.net/ 		47 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:8a00:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
access-control-allow-origin
https://shrinke.me
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
73
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
x-amz-cf-id
kx93FpxgTimB6_U71-xhAjPs5nsX0DrPSXo2YWODi-Jxa3nbl1aH7g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
97f82abe23efcb481e550e942eebce7aa01ec565c4c0887eb0c1aa4e3e4025a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28053
x-xss-protection
0
server
sffe
etag
"1172 / 873 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 12:22:58 GMT
impress
exchange.adtrue.com/delivery/ Frame 81BA 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.94.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-94-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
804d6c78c2da5437b8b8885b577965a5dfcfaa1e5a78b8d81a8e29ccabf647cf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
nginx
x-adtrue-instance
java2
content-length
4618
content-type
application/javascript
icon.svg
supertruco.com/ 		1 KB
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 19 Mar 2021 14:39:52 GMT
server
nginx
etag
W/"6054b7b8-47c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
date
Wed, 30 Mar 2022 12:22:58 GMT
x-ac
2.yyz _atomic_dca
expires
Wed, 06 Apr 2022 12:22:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137383949-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5942
date
Wed, 30 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 12:43:56 GMT
impress
exchange.adtrue.com/delivery/ Frame 8F51 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.94.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-94-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c57428d27c947f2549a0c55847fcdc4eb1dcb89ab8036e25591440006f93684d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
nginx
x-adtrue-instance
java3
content-length
4618
content-type
application/javascript
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1279472674&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&ul=en-us&de=UTF-8&dt=ShrinkMe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=643682528&gjid=1368974710&cid=1332967654.1648642979&tid=UA-137383949-1&_gid=308436159.1648642979&_r=1&gtm=2ou3n1&z=1799238641
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 19:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Mar 2023 19:24:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		83 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
1764ee79f2be05e9ff5e3d4a6d4725cd6052e8408f89758404980fa03113eba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:22:58 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137383949-1&cid=1332967654.1648642979&jid=643682528&gjid=1368974710&_gid=308436159.1648642979&_u=YEBAAUAAAAAAAC~&z=1378049867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 30 Mar 2022 12:22:59 GMT
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
choobinoobi.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://choobinoobi.com/
Requested by
Host: leaderhistliness.info
URL: https://leaderhistliness.info/eWVWT0kCRyU4FgwXOm1zWw0iOzkKX3lgOhEXPyEiHEs7KmYKEnglOltJdDwkH0dsfmVbETcoFhABdHVrTlxkfXBAR3ptOgwHCSYtS0dsbS9IA2UscBhWe3grTF17e3saXHt3fBxVeytwGFNvLnpNVjJ%2BcFsY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-28-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=320348028423160&correlator=1290596821356457&eid=31065843&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3910693916&sfv=1-0-38&ecs=20220330&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648642979033&lmt=1648642979&dlt=1648642978212&idt=793&biw=1600&bih=1200&adxs=632&adys=164&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fshrinke.me%2F4lpHNx&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&fws=0&ohw=0&ga_vid=1332967654.1648642979&ga_sid=1648642979&ga_hid=1279472674&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
d2c2afec61711039b27d51a24201ca79a84c917c5ae1a30058d33d77d566392d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36285
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		63 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=320348028423160&correlator=1290596821356457&eid=31065843&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=608930018&sfv=1-0-38&ecs=20220330&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1648642979040&lmt=1648642979&dlt=1648642978212&idt=793&biw=1600&bih=1200&adxs=650&adys=942&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fshrinke.me%2F4lpHNx&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=1332967654.1648642979&ga_sid=1648642979&ga_hid=1279472674&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
eca75531286adb2da2ff92e0fcdf5774f2c63dbfe03187338b938be7271ba09f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30572
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB36 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
expires
Thu, 30 Mar 2023 12:22:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137383949-1&cid=1332967654.1648642979&jid=643682528&_u=YEBAAUAAAAAAAC~&z=1942644960
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-137383949-1&cid=1332967654.1648642979&jid=643682528&_u=YEBAAUAAAAAAAC~&z=1942644960
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626d4fe60d4087c4645b64ee35910544be9486b97d748b2737fb20273ae25e35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10493
x-xss-protection
0
vld.json
services.vlitag.com/uv/ 		13 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/vld.json?page_url=https%3A%2F%2Fshrinke.me%2F4lpHNx&mtk=8509&ctt=1648641043
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 12:18:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://shrinke.me
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
6f40d05b49704bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
x-robots-tag
noindex, nofollow, noarchive, nosnippet
b696d0f5c06dbd9fd83feb568718537b.js
tag.vlitag.com/v1/1648641043/ 		540 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=b696d0f5c06dbd9fd83feb568718537b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29368aa847c1cac5a3ce9a3e280a7d3db2302ff0da7499eebea400ef280b8e01

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 11:50:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6f40d05b49094bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ 		359 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Origin
https://shrinke.me
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144576
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 05:26:17 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 8F51 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29469560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPSeiLYkCqFDsecp%2FheiPhPHCat0NS74EOSbSvhgtHGYjSinEiIDBThprEjjnRmNTloNJT5XGm7pYXO3lBqxM%2FcvnkWaDlIkrSHf5j0MOXqYZEy1LJGUtPZ8D%2BdsxgwZO1%2BDlIDTMVQeHv40Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d05b6fda7151-YUL
expires
Mon, 18 Apr 2022 10:23:39 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 8F51 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=61666
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Thu, 31 Mar 2022 05:30:45 GMT
ga.js
cdn-adtrue.com/track/ Frame 8F51 		502 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20033&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7003567
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLhjiHzEORdLf20tebv4nQeBl%2BUhf7hq9w4Er%2FFO1eQaKE0hO1IQtjamLWyBazHEFrt%2FgjIk1eLArivTHjVQ7PMj8Tud37foyOsdGWmw4kNdK23GmonIkSyg6hT4wLcIbYSKHPyZHQZv2YJ7%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d05b792c4bb8-YUL
expires
Tue, 03 Jan 2023 10:56:52 GMT
gtm.js
www.googletagmanager.com/ Frame 8F51 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee6658cfabbf6c4fc1f2bec40f0028aa4129822e00948505e012e1e9637444e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39400
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 12:22:59 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 81BA 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29469560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Apr 2021 09:06:46 GMT
server
cloudflare
etag
W/"6076b0a6-3f06e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDbGW5HVqFWjlzZVGv8IS%2FdEaZ%2F%2F0A4%2FTw7Ivo5vFNFj30U6q1rQ50aZUvrEf5WneOnwkeXEcL5Ds%2BAvtzvO5X2Gc6qvsmo7G41XxTlmFnV440A9Alt8pAoJ7Jb3M38fA9Jw4bOXKLj94dfHNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d05bd8957151-YUL
expires
Mon, 18 Apr 2022 10:23:39 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 81BA 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 05:33:12 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3fca8-5cf4eee137dd8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=61666
accept-ranges
bytes
content-type
text/javascript
content-length
80538
expires
Thu, 31 Mar 2022 05:30:45 GMT
ga.js
cdn-adtrue.com/track/ Frame 81BA 		502 B
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=20034&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cb=2390258388&timeZone=0&adWidth=300&adHeight=250&loc=https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7003567
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 02 Apr 2021 11:02:09 GMT
server
cloudflare
etag
W/"6066f9b1-1f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ti1ghTWr3u6xHPXU0MnZEoyjklUF9MkDzshGmPkvusqPTZZBPZDFL%2FiSA6cPI%2Bv8o%2Fqx04775AwniegfHyRBFPN0efKJ5xrcLg4Y%2FMCyee4NDBlNPVHpAzG%2FnDZxB6kCHMzeN8Zu7epTmOHutQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d05bfb9d4bb9-YUL
expires
Tue, 03 Jan 2023 10:56:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:22:59 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8F51 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fc14c926e6ac1e4209c991c1f063bddd934f3629def0d3bea2bfe5241db23795
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:22:59 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b43873f9-d985-4e17-981c-8d01697644cc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 8F51 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=39665198349
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/ Frame 8F51 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
anchor
www.recaptcha.net/recaptcha/api2/ Frame 1835 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bec3ae5ebd693c592db91344ad42b89c24c1ce3c3612cbea858c1eea91da698e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fr9hlZWirPUqcplNs6bfiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22787
content-security-policy
script-src 'report-sample' 'nonce-fr9hlZWirPUqcplNs6bfiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://shrinke.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Mar 2022 12:22:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1761
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8F51
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=krq04XwvRGlQWXJ5ZVVSRWN6QkVSOG45L2czaXp4TS9SdnhmSXJCVUFTbEFjY29JN2xqdyttUjZ5VHVIV3ZzTEhiTVF2OXpRb0RZNHUydG80dWlhNUoxZVZtUVp3aHlTblFZcVJOZlVNOXpuM2sxNm13TW9oSzdDRUs3SF...
348 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=krq04XwvRGlQWXJ5ZVVSRWN6QkVSOG45L2czaXp4TS9SdnhmSXJCVUFTbEFjY29JN2xqdyttUjZ5VHVIV3ZzTEhiTVF2OXpRb0RZNHUydG80dWlhNUoxZVZtUVp3aHlTblFZcVJOZlVNOXpuM2sxNm13TW9oSzdDRUs3SFErZG5YWjExWWY1YytrbFVrMU1TeFgvRG1NcUsreVZsSjV4U0czenBSUG5Td2dxaUY2a3dDSUxkVlMra2JUa21Ib3VsNVd1U2xVVjNYNmJuT0gyaDVtNDBqQkNrbFBET2sxdXpaWC83cXp2Mkx6SUFTSGdZPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
01be366c0d9bf06c5900a08ac982e2dc5ab239301887224f3d190dcf15bf4e7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3498
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
location
https://mug.criteo.com/sid?cpp=krq04XwvRGlQWXJ5ZVVSRWN6QkVSOG45L2czaXp4TS9SdnhmSXJCVUFTbEFjY29JN2xqdyttUjZ5VHVIV3ZzTEhiTVF2OXpRb0RZNHUydG80dWlhNUoxZVZtUVp3aHlTblFZcVJOZlVNOXpuM2sxNm13TW9oSzdDRUs3SFErZG5YWjExWWY1YytrbFVrMU1TeFgvRG1NcUsreVZsSjV4U0czenBSUG5Td2dxaUY2a3dDSUxkVlMra2JUa21Ib3VsNVd1U2xVVjNYNmJuT0gyaDVtNDBqQkNrbFBET2sxdXpaWC83cXp2Mkx6SUFTSGdZPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2234
content-length
482
expires
0
translator
hbopenbid.pubmatic.com/ Frame 81BA 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 81BA 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
467de54d0401ec1eb0f9c2987c20bc6606e985ec88b5926e4b59b6d76494a971
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:22:59 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cf7b7fb6-96d7-447a-961d-0c7a1bae74c9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 81BA 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=39658549727
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ Frame 81BA 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Requested by
Host: cdn-adtrue.com
URL: https://cdn-adtrue.com/track/ga.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50a51004b3176df96f756ebbdd0b21d2d4c0c48153a3d6299494bc6ad61b447f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39399
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 12:22:59 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://shrinke.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Mar 2022 12:22:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1553
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 81BA
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=WUZY4HxmWnk5bzJrY3FWK1FVZW93UkhmZlczVCtnZzBTVklaSGtjNXpxbEYvLzZndEZwTDhsMW4xNzlTKzFHRk9ndW54ZFBZaHlDd1FSS0tVbjUvT2tpOXVYVlpPUml2aXM2cWczSHNCcC9hbW16bzJ2Yk1ZNlVBWlJSZy...
352 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WUZY4HxmWnk5bzJrY3FWK1FVZW93UkhmZlczVCtnZzBTVklaSGtjNXpxbEYvLzZndEZwTDhsMW4xNzlTKzFHRk9ndW54ZFBZaHlDd1FSS0tVbjUvT2tpOXVYVlpPUml2aXM2cWczSHNCcC9hbW16bzJ2Yk1ZNlVBWlJSZy9kdzN1RXJYek1LM1lhVkNYUEEwc3pyMWIzOXg5cGMvdlk4SGR0V2NUeS9aSEZPZTZSVGNXcDU5Mk9CR2RsM25OYm5rVnJkUnVBbVo0MzZVUGRUYUc3SFZPbFJOaEdRMzh6ZkxITHd4c205a0RwRkxkcUVVPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
fdbe01a016bbb25801ab41804969af233a7c2aff7eda31e7ba0a5999306096d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2965
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:58 GMT
location
https://mug.criteo.com/sid?cpp=WUZY4HxmWnk5bzJrY3FWK1FVZW93UkhmZlczVCtnZzBTVklaSGtjNXpxbEYvLzZndEZwTDhsMW4xNzlTKzFHRk9ndW54ZFBZaHlDd1FSS0tVbjUvT2tpOXVYVlpPUml2aXM2cWczSHNCcC9hbW16bzJ2Yk1ZNlVBWlJSZy9kdzN1RXJYek1LM1lhVkNYUEEwc3pyMWIzOXg5cGMvdlk4SGR0V2NUeS9aSEZPZTZSVGNXcDU5Mk9CR2RsM25OYm5rVnJkUnVBbVo0MzZVUGRUYUc3SFZPbFJOaEdRMzh6ZkxITHd4c205a0RwRkxkcUVVPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1773
content-length
482
expires
0
js
www.googletagmanager.com/gtag/ Frame 8F51 		175 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ee3cbe9a0ba9b5f0ca58c0fb1d5cc57bc8642af823dbd6832131d3998503698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65697
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:22:59 GMT
analytics.js
www.google-analytics.com/ Frame 8F51 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5943
date
Wed, 30 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 12:43:56 GMT
prebid-6.14.2.js
assets.vlitag.com/prebid/default/ 		597 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e933cc9769f0e6f2500ae75b01341272e6de8b2ada65678eb57894e2f7c615d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1119312
cf-polished
origSize=611755
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 17 Mar 2022 13:27:37 GMT
server
cloudflare
etag
W/"62333749-955ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6f40d05d1b2a4bb8-YUL
expires
Thu, 17 Mar 2022 13:57:43 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79df3b076b6c79b51d4dbddbf4133ff7ce25b86131b1531d48f6833ce93967fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28053
x-xss-protection
0
server
sffe
etag
"1172 / 170 of 1000 / last-modified: 1648638702"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 12:22:59 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8892b221847a8b63f7691aafa26375f8fd8cfa04756f22c0407d9b3ed1299fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127865
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:22:59 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1650232
cf-ray
6f40d05d1b2c4bb8-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Sat, 26 Feb 2022 15:38:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 04:03:31 GMT
content-encoding
gzip
age
29967
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
11BVG56SBB1RVR1DRP59
etag
0e4876665018a306b1c42fb415cdf907
vary
Accept-Encoding
x-amz-version-id
UuYFL6_bKfCgf8RedP7ZN9_L0fyU1x_2
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
0WUgkNZrdQ0hxcFcj1S80iCBxFyX_iRDvvYe-2ZhjNA8Ib-fwddA1w==
styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 1835 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 00:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 00:17:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 1835 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144576
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 05:26:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A613 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
39468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 01:25:11 GMT
expires
Thu, 30 Mar 2023 01:25:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B5F7 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19ee33510c4d6c3a2fbbf978fdc8307facb877787b885080c13206b848684740
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GKVdHLssDvp9/aAl+oAUlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-GKVdHLssDvp9/aAl+oAUlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
expires
Wed, 30 Mar 2022 12:22:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 81BA 		175 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ee3cbe9a0ba9b5f0ca58c0fb1d5cc57bc8642af823dbd6832131d3998503698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65697
x-xss-protection
0
expires
Wed, 30 Mar 2022 12:22:59 GMT
analytics.js
www.google-analytics.com/ Frame 81BA 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPLC9ST
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5943
date
Wed, 30 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 12:43:56 GMT
collect
www.google-analytics.com/j/ Frame 8F51 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=486690825&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=QACAAEABAAAAAC~&jid=1575011271&gjid=82785160&cid=1332967654.1648642979&tid=UA-177299981-5&_gid=308436159.1648642979&_r=1&gtm=2wg3n1NPLC9ST&z=1512065196
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ Frame 8F51 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe3n1&_p=486690825&sr=1600x1200&_gaz=1&ul=en-us&cid=1332967654.1648642979&_s=1&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&dt=&sid=1648642979&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 8F51 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0DTZ6LRDBJ&cid=1332967654.1648642979&gtm=2oe3n1&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ Frame 8F51 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0DTZ6LRDBJ&cid=1332967654.1648642979&gtm=2oe3n1&aip=1&z=418152868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WUZY4HxmWnk5bzJrY3FWK1FVZW93UkhmZlczVCtnZzBTVklaSGtjNXpxbEYvLzZndEZwTDhsMW4xNzlTKzFHRk9ndW54ZFBZaHlDd1FSS0tVbjUvT2tpOXVYVlpPUml2aXM2cWczSHNCcC9hbW16bzJ2Yk1ZNlVBWlJSZy9kdzN1RXJYek1LM1lhVkNYUEEwc3pyMWIzOXg5cGMvdlk4SGR0V2NUeS9aSEZPZTZSVGNXcDU5Mk9CR2RsM25OYm5rVnJkUnVBbVo0MzZVUGRUYUc3SFZPbFJOaEdRMzh6ZkxITHd4c205a0RwRkxkcUVVPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Mar 2022 12:22:58 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1196
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=krq04XwvRGlQWXJ5ZVVSRWN6QkVSOG45L2czaXp4TS9SdnhmSXJCVUFTbEFjY29JN2xqdyttUjZ5VHVIV3ZzTEhiTVF2OXpRb0RZNHUydG80dWlhNUoxZVZtUVp3aHlTblFZcVJOZlVNOXpuM2sxNm13TW9oSzdDRUs3SFErZG5YWjExWWY1YytrbFVrMU1TeFgvRG1NcUsreVZsSjV4U0czenBSUG5Td2dxaUY2a3dDSUxkVlMra2JUa21Ib3VsNVd1U2xVVjNYNmJuT0gyaDVtNDBqQkNrbFBET2sxdXpaWC83cXp2Mkx6SUFTSGdZPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Mar 2022 12:23:00 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1724
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
container.html
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F1F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
expires
Thu, 30 Mar 2023 12:22:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
passback.js
cdn.adtrue.com/rtb/ Frame 57EA 		753 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14337170
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8LKUCti7sttEe5admXUnfpvYHJr5D%2FQ2iLuMqsDB%2F8zbCOhHLuSQpDFMF2HNcnbo%2Bd5lUMkEiTV3kR4WR8H%2FtVbPIS1ulU8m4FwCLPfLcYQQzoKOUgbG0n0Dz%2FnKI47hYA5ZKg673PeTAjMig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d05e4bcb7151-YUL
expires
Mon, 10 Oct 2022 13:50:09 GMT
passback.js
cdn.adtrue.com/rtb/ Frame F49E 		753 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8bcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14337170
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzRmsz7T60jxj91epc1w2fISQFZ0CkSJZEvZ%2FLYLHs8AjT9024%2BXiNr1lvJyN59Vq2%2FLXb8ppyv%2FjXiftSmvdZmir8o0OItzQbaeg%2BfSHyYNC%2FY8z3QfDpRz%2B4iiyNL%2FBqXk5%2FU8AWr%2BhHkQgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
6f40d05e4bd07151-YUL
expires
Mon, 10 Oct 2022 13:50:09 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-33.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
38863
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Wed, 30 Mar 2022 01:35:17 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
KTmJQSqhdIhVF_TZoz8OyqpWXKxNuV31lqYRb2csK-GLtO2Cqv1njg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshrinke.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 07:58:31 GMT
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
server
Server
age
15867
x-cache
Hit from cloudfront
access-control-allow-origin
https://shrinke.me
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
5BO0bvxCftlxNYmMMFvE7j2BvhfzjfuUerzClYU4nNn6k5C3osS_2Q==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220330
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb64bd0c5122a358604b80ec9d6af109ac9712e9c7b08e9d17912d78ef867ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
fastly-original-body-size
897
age
33713
x-jsd-version
1.0.1295
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-itm18824-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-CPwmSnQ23LHuw9IY1kxONkAbH8o"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f40d05eefe37148-YUL
localstore.js
script.4dex.io/ 		483 B
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
702423
x-amz-request-id
tx8eb36d25696045eca73c2-00623993ca
x-amz-id-2
tx8eb36d25696045eca73c2-00623993ca
last-modified
Tue, 22 Mar 2022 09:15:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAnN%2FVAJKbd1gKfEy2%2BSRiyShFN1UiDLf0uFBO6Ty6466i74u7JgNALZwMVbDdwP6JXZ6x8mYfWqiGQNx1T2GXI1uF%2Fb1%2FmXcrqNPP8MhnTYqRtU1pe89R6q6xxMIUPmcBK97KCCE9TvlutF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1647940521027959
cf-ray
6f40d05f1931713f-YUL
/
prebid.smilewanted.com/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6f40d05f4efd19e7-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		351 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
d79b45e40f244a763e6e734bd3ca988b6da0dd49f173fb7715be2fe315dbf536

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
240
content-length
228
quantumdex
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6f40d05f2d767151-YUL
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8f10ee37b3994f4c73a96ddff816c70a652d045151f79eb285bdc4bda986783d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:22:59 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd67b944-c017-493b-a5da-b41f86c0dd02
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bc435626209e1213c442d3b6f47907e80af82c27325863d1c921a055d6cb2637

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=51234248074
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:58 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A26293EED8A4D2A044AAE4D67B397B7&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:59 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A2E296777D639DB0BB6499EEA2B227D&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:59 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A284DD36AABB6CBBEEDEE794A4BB3&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:59 GMT
access-control-allow-credentials
true
connection
close
/
colossusssp.com/ 		2 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Wed, 30 Mar 2022 12:22:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F4lpHNx&pid=uU8C1Q9Ydwpnt&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929441_1%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%2C%22300x75%22%2C%22300x100%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
92902d3258e612b58595945ceed3194e1e8bf195eb9dfa3fd8b6eee11b8b9f1c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-amz-rid
B6SSZ395PNK0XNZ3W35V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
Q9dDQ247NOSDKIUSSbq9NI1Mhd8LLJcQ7tzM13h1vlHSkeZBgi61gw==
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F4lpHNx&pid=uU8C1Q9Ydwpnt&cb=1&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850929440_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
91d2fa1a71f9df46a7ed5a1a70dd0166fb5a0d9f8bb47cdbd9cec73df3321826
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-amz-rid
W336KEKGMWEJE221R9S6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
bguQWN3SvvEm_mJPqO1GUrQpvOSNc0JPMSXloFpD8zz-2f-xdAU7Aw==
/
px.vliplatform.com/bi-v4/ 		0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRmNYaPPTRzdNwPAwKBrr-PYqK-PeAP-aMBK-ZUUtAAAUUwyTRlmNBYAbTAARdzNwqfftkRqxeNco_MZAaYaPPT_TRwkjNARkjmNBYAbZA,BYAbTAA,BAAbKZ,BAAbBT,BAAbTAARwlNldostvqfztr,qdb,jxqfzxdrtb,qhhftbxl,dtroqftz,ekoztg,ekoztg,gftzqu,hxwdqzoe,hxwdqzoe,xeyxffts,xeyxffts,xeyxffts,egsgllxlllh,egsgllxlllhRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMFfpQd6xobYVJ1mjHWQ0iXrpVhxFGU%2Fe4XBqJa1SnyH7ePZvFO4ZwcVN6Xnnfxu9HASbOHA9Ahrgfy76i3ZaCnMnKG7X2KKQInj29Y3c8ck0rpeuUz5e3zHDR%2F6%2FPq4c3zs2pOB5guEoNtwF16HKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e59714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRzdNtUKYPMZU-wtwM-PAUq-MUTa-eyUBrBMTKAeKRdzNwqfftkRlmNBYAbTAARwlNqdqmgfRkjmNBYAbZA,BYAbTAA,BAAbKZ,BAAbTAARrdzNqdqmgfRwkjNTRmNYaPPTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu1YzUruhe8jli9RqhVZtzAFSEuH5dIY5Z1B0UtAShDMWY8u%2BvCa2aN5S8eLsNb2YjsVuB2B4ZGD8brpYZlNjENTdKQbawJUaKwbV8ELKwBk0Ub3LvV1VlUnoegjbCShs1444fFEFYlfqx4%2F7fu4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e5d714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRzdNrtYeKZMA-weaY-PMTK-MaTt-wKeZtAAMrqwtRdzNwqfftkRlmNaKAbYZARwlNqdqmgfRkjmNKYMbaA,aKAbYZA,aKAbaA,PUMbUARrdzNqdqmgfRwkjNARmNYaPPARleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB%2FigQaqrn3zuFVn%2FeCBUodK0HoaUozVthbdBS%2FWkfLj52x5pMDCjSmk%2FOvgm2CzHdGLEo5x9nR%2FLbpw0DJif24k3ZdtILm3lVk4GPL0wHzqq1rt7jwHnGUSBzVAQitM1s20mySZK8DcQIalRO6izg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e5f714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
prebid
ib.adnxs.com/ut/v3/ 		19 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eb61679ead395bad634b7e5e1249b95cfc986767af9c44ced0658799ab8ee16f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Mar 2022 12:22:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
daaef523-b381-4b60-8a4c-355be1918428
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7087389223597933&e=728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me...
  • https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7087389223597933&e=728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2F...
62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7087389223597933&e=728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F4lpHNx&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21048046.7.336%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85
Protocol
H2
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
e3dc078206236d9f38b15ba28555b948847d0c045a8bdb85a51d82f90321262a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Wed, 30 Mar 2022 12:22:59 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
62
x-sid
IAD-1213

Redirect headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
openresty
access-control-allow-origin
https://shrinke.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/shrinke.me/ROS?ct=1&r=pbjs&rnd=0.7087389223597933&e=728x90_0%3A728x90&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F4lpHNx&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21048046.7.336%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1213
prebid
prebid.media.net/rtb/ 		1 KB
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1154905eb1bd3586d5041ae47f43f59ebcdd81abf90f25dee4925df595604f71

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=70527326928
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
quantumdex
useast.quantumdex.io/auction/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6f40d05f5db17151-YUL
c
prebid.a-mo.net/a/ 		351 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ebed20f3f8d2bd99bb3bc430e989a63c1f8ffe216c4ffb899ebf75647ab961ea

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
content-length
229
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
c.amazon-adsystem.com/e/dtb/ 		174 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshrinke.me%2F4lpHNx&pid=uU8C1Q9Ydwpnt&cb=2&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_850944415_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_850944415_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C1506%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.109.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-109-33.yul62.r.cloudfront.net
Software
Server /
Resource Hash
38a94682655a67eb6c5de40eb7f94a7c3549337990067bbc8e4a9d2162669a00
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
via
1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
YUL62-C2
x-amz-rid
YN88EFGZXSV3S900QYMB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
174
x-amz-cf-id
LVLinqOcTj90Za6C6Ege9eMd5V1hKOffCkg8xeRGPhYxN_Zk9Dulng==
/
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRmNPPPTZRzdNqeZUAaKM-wqqT-PaMr-waUY-qMaYTrPMtyaeRlmNaKAbaARdzNwqfftkRqxeNco_MZAaPPPTZ_KRwkjNARkjmNaKAbaARwlNqhhftbxl,dtroqftz,jxqfzxdrtb,qdb,hxwdqzoe,gftzquRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zp1Qh5PHX9RNB4NQ5lWKLy2boCpyxmKP8kvU7DGnHWzvCISUCsNY5W2njluW64aRjkVgtzwBi5zuzAJbTvL3kvN5J5J3P%2FubbyRkTgJ5Wd4unHQnSI4oRSc8eqMvPcDQXAca%2BNvmg%2Fn1C1sfQpaDsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e62714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRmNPPPTZRzdNYaTqMqeP-rePM-PAUq-MTPw-UeZPYPYPABUARlmNKYMbaARdzNwqfftkRqxeNco_MZAaPPPTZ_MRwkjNARkjmNKYMbaARwlNqhhftbxl,thsqffofu,dtroqftz,ekoztg,jxqfzxdrtb,qdb,hxwdqzoe,gftzquRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibswFz11A01wSuFoaWs3FSY%2Fbw%2B%2F3l44%2F%2FjvI3dgi7PKL3o8%2FOOChhzMjtigI0aus8tFY6CzWSuzYJqur3tMhteO9gFI9KHuKsU34e2vEAj63EGSnJ9WPBTZQa0P%2FGfXMmL27%2BeuFjta8uRicjH77w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e64714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRzdNKMrweeqq-BKya-PKeM-MTUM-ArwaaZtKwBaaRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNPPPTZRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfkuyqUTpd8ql%2Be35%2FqUzHSAj%2Be3wcyxVXxtdxHt5uDLgsNXLSDPc%2FEfCmiIL7bI2Jm%2FV3b%2FBk%2BHivEKWL27IBfwH5qVnlKBbGEocz%2Fj5TTcKDmXAhORy9PwCndwlv1gCJkD%2FKojGsgpFvm0L%2BNJNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e63714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRzdNYrKtBBTY-qZKe-PTTY-qUKe-PeBBYeZUyAPeRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNPPPTZRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHqZiN55qft4ZXBcVomCeAkXNhs9H8TfUMXP2df3iObJEyl2UoyebomsTcYSPi%2FELyaCWupDOte8QgP4oku1lNeluKCgfPONo918VOY3t2QSHSK3lsJMLwFCoOEY%2F1LbyiDov1v8B1xb0cY0RnQ%2BuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d05f7e68714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
947676
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sat, 26 Feb 2022 15:38:46 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6f40d05faffc4bb9-YUL
cf-bgj
imgq:85,h2pri
collect
www.google-analytics.com/ Frame 81BA 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1048015990&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1332967654.1648642979&tid=UA-177299981-5&_gid=308436159.1648642979&gtm=2wg3n1NPLC9ST&z=988131159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 08:24:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14313
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBA7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
expires
Thu, 30 Mar 2023 12:22:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1835 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1835 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1835 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 13:59:43 GMT
x-content-type-options
nosniff
age
339796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 02 Apr 2022 13:59:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1835 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 11:41:34 GMT
x-content-type-options
nosniff
age
88885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 11:41:34 GMT
passback
exchange.adtrue.com/tag/ Frame F49E 		299 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=620874320&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.94.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-94-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e74896721735b05a9816587363aea8d3bb1784eaf3fdf680d184ace32db6e037

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
nginx
content-length
299
content-type
application/javascript
passback
exchange.adtrue.com/tag/ Frame 57EA 		446 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20034&divid=810906060&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.94.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-94-139.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
904cb51061fb08cdf8aab6293cc564ad3b6f60644af87aafee36c7cfcfb900d6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
nginx
content-length
446
content-type
application/javascript
sodar
pagead2.googlesyndication.com/pagead/ Frame B5F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=320348028423160&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1835 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
54a95c4dce8be0c0d0e4182d6ead9f4c9e8ee1a5866b133e2a5d39a465b80d7f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD&co=aHR0cHM6Ly9zaHJpbmtlLm1lOjQ0Mw..&hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=normal&cb=k0tf9w48ai8h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 30 Mar 2022 12:22:59 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0363 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQ3JmanAMYp5zAxAEwAQ&v=APEucNWOQPWCxEQMWJ5aqC7UpUYqT5izjUiqvqAjgiLv6VSa3ebo2phhod_ogNnQYVXuvrN33vwEkuY7AQhpcT-WAiO32wtVCw
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
expires
Wed, 30 Mar 2022 12:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 914D 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
Origin
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Mar 2022 20:41:57 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/ Frame 914D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 02:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 02:26:12 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/ Frame 914D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/abg_lite_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:08:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 914D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:15:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 914D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648494235360460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 914D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:22:25 GMT
l
www.google.com/ads/measurement/ Frame 914D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRf89GGFXOSysLaXLDLZGx9kjvR94XwkbG8Ij7OYrHNJJD7mExkZab8WPwaYXn8gGE9YzWh0XStq9NQ3smPt1579oPHYw
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 914D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aj7D3WU3GPs_y4EVRzRw-C7ao2OeSLonBjoYZBa77ZSJjKW55rHeld14lsJ15QMlrY4fbZRsPb3rXogfoeB80f1PIsmYzxAE0eqY-ClhSUhTjQ9fE
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
colossusssp.com/ 		2 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shrinke.me
Date
Wed, 30 Mar 2022 12:23:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
c
prebid.a-mo.net/a/ 		351 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ebed20f3f8d2bd99bb3bc430e989a63c1f8ffe216c4ffb899ebf75647ab961ea

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
228
content-length
229
quantumdex
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6f40d0613fb47151-YUL
/
prebid.smilewanted.com/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cf-ray
6f40d06139d419e7-EWR
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:22:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d20671e6e56421d04849e732185c337ddc5e2bfde4b0a535ad9994d9dedc1c30

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=16964551540
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:22:59 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ 		231 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/shrinke.me/ROS?rnd=0.7087389223597933&e=728x90_0%3A728x90%2C970x250%2C970x90%2C468x60%2C970x66%2C930x180%2C950x90%2C960x90%2C750x100&ur=https%3A%2F%2Fshrinke.me%2F4lpHNx&pbv=6.14.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fshrinke.me%2F4lpHNx&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522shrinke.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522agribje_ne21048046.7.336%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.126 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
f248138c34a170907bc6b69a119e236de8a3979c2e6081f4efe026c0f3a955bc

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://shrinke.me
expires
Wed, 30 Mar 2022 12:23:00 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
231
x-sid
IAD-1213
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://shrinke.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
15b05f02ae38f116300554c11c4405155adaff9cfe57dff9abace07ea2e8a50a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c236e9b-d3f7-452c-8dfe-a7c16594c3eb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shrinke.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7A78644BDB3DED077A2366B9E9AA99&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:23:00 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34BAB89663A86DDE13A924382D8E2476&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:23:00 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34BAB8966326A4E303ED6A2BD62D3A8A&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:23:00 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47BDB4A32BD24694FEE94EDB624287BE&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=604659ba-068c-4a5a-adfa-e4138e1c2e85&host=shrinke.me&u=https%3A%2F%2Fshrinke.me&xr=0&ucfUid=19cb30df-33d9-424f-a2e6-42032a39dd2f&w=445&h=250&atype=2
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bethesda, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shrinke.me
date
Wed, 30 Mar 2022 12:23:00 GMT
access-control-allow-credentials
true
connection
close
/
px.vliplatform.com/bi-v4/ 		0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRmNYaPPARzdNPTTrartB-aUyA-PPMU-wtPY-TKqyAwtYaqPZRlmNaKAbYZARdzNwqfftkRqxeNco_MZAaYaPPA_TRwkjNTRkjmNKYMbaA,aKAbYZA,aKAbaA,PUMbUA,aKAbUU,aBAbTMA,aZAbaA,aUAbaA,KZAbTAARwlNegsgllxlllh,egsgllxlllh,egsgllxlllh,qdb,jxqfzxdrtb,ldostvqfztr,hxwdqzoe,hxwdqzoe,hxwdqzoe,dtroqftz,ekoztg,ekoztg,ekoztg,ekoztg,thsqffofu,gftzqu,qhhftbxl,xeyxffts,xeyxffts,xeyxfftsRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUThNU0jOWXANGOieJfgJNDahryoNV46n8GEGb2BX4ayoqH%2BCYjgQ%2BRwj1Qg%2Bo3iNHrpPXiMyeOw0Vz70jDQcHGmOecncsPXEdZzldpAyFXb15fPT0WaMC2z9RhvKS8kaghrD7o90tILFjyCGaHmEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d0617eb3ece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
px.vliplatform.com/bi-v4/ 		0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/?e=rNMZAaRrtNrtl0zghRmNYaPPARzdNtePwaPUr-BBPy-PtUr-qaqA-aqetaZUBtABwRlmNPPZbYZARdzNcortg%20gxzlzktqdRqxeNco_MZAaYaPPA_T_gxzlzktqdRwkjNARkjmNPPZbYZARwlNqdb,jxqfzxdrtb,hxwdqzoe,ekoztg,qhhftbxl,xeyxfftsRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylxSGjsV5%2FajcH5N8XJLW6O%2BTqESv9Ii%2FmvkLj3CTYyg5oxJUSAwFAfbUwL9YZahlVlOYbjDsSTETFGKYsOc57FWzrokyPD1ojoI%2FiL%2FeZMRo3F%2BndYvbxwbwRyqUo6yXRFxAhp%2F9Jj2tG2dixjf1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d0617eb1ece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
tag.vlitag.com/passback/ Frame FD50 		77 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1648641043&d=8509&z=29441&divID=vi_850929441_1&w=320&h=100
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e268c806756ea8aec9f0d9e9e20e99c07c04d65eff4b46c6c199e379090000e1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 11:50:49 GMT
server
cloudflare
age
1919
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6f40d061ca714bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame A613 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
128838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:35:42 GMT
/
px.vliplatform.com/br-v4/ 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/?e=rNMZAaRrtNrtl0zghRzdNwABBwrew-APey-PyUa-wyKe-ZAATwyreUrUPRlmNKYMbaARdzNwqfftkRqxeNco_MZAaPPPTZ_MRysggkNAGATRwkNqhhftbxl|AGAaPYaZ|KYMbaA|wqfftk|PTY|RmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mENhum68QCQAYUUCMUXPcXUI4Fb%2FkcEgXaUsAir9v9XfSvF4gmDkyXmLhARARJO%2FWuXf6m3DGz%2FaNJ%2FpjxnHRy4OppqY9bay0oXzqAnrO%2BvKrq5fdfIjrXWSZCYQ2C23DWk%2BX9yT5Oj6HO2oUANLhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d061ef05ece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7DBC 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjOyc3CATAB&v=APEucNUTjJZkkl0kDTAy56aM9v_hNkqZou-N-Wpku_APVPFOMAVEt3HoLtbt3AOp9my97pipnae-B--Z3Wlipqf4AVqT23O57g
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/ Frame FBA7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/abg_lite_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:08:54 GMT
2720810573641710648
s0.2mdn.net/simgad/ Frame FBA7 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2720810573641710648
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95eac434d6d57808ce6a445533e0411802684fad8fb4bfaa2d35189b85503183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 05:09:38 GMT
x-content-type-options
nosniff
age
458002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1295608
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 18:23:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Mar 2023 05:09:38 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/ Frame FBA7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 02:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 02:26:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FBA7 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnzWu23U2JAx1ARs1w-mLty6Mt0WcvbVEGqMybIiiFBUfh4pJz6Ef98hkvxJeJF2Sj1jhjUpsvA8DlFU_yy1FNLoFMbCZgHd2T1Civ3j9k-am_FR1Cbwu7qfhzT9xC_LAWaQvHwo09XJfhHowt1Gmn2QDz1XGVob2zAa-0b8iF8FgemSkyWXRB9p552pg-9B8VzLr78EdOK4jSe7fRAkNexRmCWq05TGg3ti0GpBKnKqANlgU59mUux097rC2w-PdgnwrbCzESJL75tPze4pqzlEPQvsqglHBOdfV9M6eH_tFcSlyfaCKPUZ_95vsZbthn4r0ydW3psiZaPWHDBVb9rHWks48ASvF1MzfML4MwkY-_ESFrn1xTCk2za5DTaarn0e4zvDGpbQNvGsvvBcJFDigCBRIF2SXNRxiV2Nsce5bJUzW0jnvHFLuDdNNaiNTkYDQ40ElxLaqYDLWwfJ0t2Hp5BeKFrAX7qA6txOhqxn-1tA50pWbseEU0Fsm_3b7FldllohPGDD3VH1OZCTo_NeNbhTb-qVbB1XwM9MX48tCP4z_LStHJJA4srKzy_XMmVlypH_P9pRcUlpUd6HKVy0XPKPJAj1DpIuRX2ss1rEXUInZY8S4akGxh4svZoK9G4WID2d-5iBhFEXaoNVEpktEtPD9_Dhe_YeF9iZDGN5g86b-T0Rs_v9lbaTNI5Sx4DzS_rfitMl_xxeMLgqvgsM2-5x65uz0H87K85nTZtWZntIW661AgPpC6OhLfi7EtO7AZPKcLq50BXzK2hq1XUqyhS3SYYZ4NT5fGD2_2zUv4Cu3hlt3AttXH_JgxtaxD8H8OE7iULbG8pI_933mk-Q1zdmjABpbY_3bsQmRW9P7oslbDvfpdSObtzJ--1U1rzqd4eKWpg7DxVLs5rg974QUv80nJQHvdPtbeWUMJ08ofX2kWszM4myiG2vzLWFaUF5meKnMxy1F-pAYg2TPlauw5uer6ZtYTVjW3nlId23hRmFqXhpzRqfX_61ZTb2UCJGhcUC3b44Sq90glGwyFtxWk830LkL45FaZRipAoEqrj6vT-lfDrdXYsbeDbJ7TQzVHcLChqW9alzxgNeoiXoJCxmv-IO5k3oXM66Rg2-7fn3JNWz97-g9QW&sai=AMfl-YT6RdaZbJcc-tc-n2rKoApQh7piWIiVrqv2neApNDE-eAyLnhUu1nQYg9Y8FITkFc9BbpfCN3tasG5epJn2R8-PEz4vTvNsvNjoj4FTQsnbpdOTLc-rDWABVBrayKWz9sEL2lUujQi2YYuTQwPRTFEnAk0v53YWeLqEOv6SBf-pWNMef-dlBABJm9ScZNRVm2NkcL_eDPoyhVH7mYUyjwfB7rcI8scRU6q_f9vzA4B6bWWnmw2khzC5X8kg-GyN3NXHFrxS8qiRR2b8IvupdMMjQTkhc4B6R0PU_zWbnvHdb1FIL3nZRvXGZs3HUfFWC2hed2BssEK6ytEtY3AKjZh0TGohZ-ruFm0nBiXACK3LpPshkdyJxKfnBLWHyUcA0wZzj812XA6jZJI&sig=Cg0ArKJSzOp6dHyoYebBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220328.11018&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 30 Mar 2022 12:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FBA7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 20:41:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBA7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkZh1d717FwPhKmFI6KH_24NzyyoQNeAmyfmXCLo_vN6soI81t65ek8aS29ZfUlmOIkLQoeCaWZo0fPVWdRBuKke5GXnfUiMxcKvMLb9UCwyBmAaE
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
t.6sc.co/ Frame FBA7 		43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.6sc.co/img.gif?event=imp&ppgid=ec2fee4e&cb=%n
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.36.85 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-36-85.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf16-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame FBA7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:15:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBA7 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648494235360460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame FBA7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:22:25 GMT
iu3
s.amazon-adsystem.com/ Frame EB1A
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
304 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
23a3e025271ec571854b9b8db4412459a204a5468a324f67b0b0d09401fe91e6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
304
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 30 Mar 2022 12:23:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YJRMYMP37M8XX830JR3R

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Mar 2022 12:23:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EPKNVQSKEKH71DKM92WW
adtrue.shrinke.me.994618.js
jsc.adskeeper.co.uk/a/d/ Frame F49E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=20033&divid=620874320&ref=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ec7f1d8a935964f10bd730c43fc5edd7997a83888e0a158cbb99ae68dc6d3a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
cf-cache-status
HIT
age
3728
last-modified
Fri, 04 Feb 2022 11:16:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
96Q2G50GE4CMB2BM
x-amz-id-2
BGy29mdv6joWP1AK51NNLWtChcJV+PzR1nwhLiq3w1QBJj/RrO7HjnqAsuPGQQ0XB99vkrtTo/4=
cf-bgj
minify
server
cloudflare
etag
W/"f46a5f8a206a880f491fe601585b12fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6f40d062b8f5a222-YYZ
expires
Wed, 30 Mar 2022 16:23:00 GMT
invoke.js
roofprison.com/2b7825b40010ad17ac7b5777c664449c/ Frame 57EA 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://roofprison.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:00 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type
application/javascript
Content-Length
0
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701962
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx038525f69a754a8586495-00623993f0
x-amz-id-2
tx038525f69a754a8586495-00623993f0
last-modified
Tue, 22 Mar 2022 09:15:19 GMT
server
cloudflare
etag
W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONpb1FFRBiJWadmSJGfjdM9cu5HJDHofqKHsjZ4UaxTFQZRuBX7AkjHvmrX%2F6HsIX788L28cTzrk7RHqvlXBuhPpbcsOYpAvGvfaAqU%2F%2B%2FzelUn9j26gklVr%2B5gE5dXdGZwH85Ha4%2Fw1D1Pp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1647940519211847
cf-ray
6f40d0627e75ece6-YUL
access-control-allow-headers
Authorization
r.html
assets.vlitag.com/plugins/safeframe/src/html/ Frame 64E3 		1 KB
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d0a68660a2feb53c5ac83780bf44922231afc9af8ebf6428aa6f80a921bd41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-cache-status
DYNAMIC
cf-ray
6f40d0627b154bb9-YUL
content-encoding
br
content-type
text/html
date
Wed, 30 Mar 2022 12:23:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 30 Mar 2022 12:53:00 GMT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
/
px.vliplatform.com/bw-v4/ 		0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/?e=rNMZAaRrtNrtl0zghRzdNMAeAeUeU-PaeM-PBKB-MyAY-qTtBwPUZYTwMRqxeNco_MZAaPPPTZ_MRwNqhhftbxlRhNAGAaPYaZRlmNKYMbaARdzNwqfftkRmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MMTbYkR3WoHz4DTN3oqpQWc0zW5%2BBEFjMJ2xKRWrLALcKLfqaLie8MC5vfIgv%2FRJYf7kn6H4xHw3GqJFl7LK6xM%2BWWnFkKOX89HFuSoR1gtDcT7p3XiKvSM944uH3F2mr%2BO7uhM1JQyiJ5jono4lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d0627f7cece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
rum
dsum-sec.casalemedia.com/ Frame 0363
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQ3JmanAMYp5zAxAEwAQ&v=APEucNWOQPWCxEQMWJ5aqC7UpUYqT5izjUiqvqAjgiLv6VSa3ebo2phhod_ogNnQYVXuvrN33vwEkuY7AQhpcT-WAiO32wtVCw
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0363
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkRLpGvaMGh5Cualmm8-mQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQ3JmanAMYp5zAxAEwAQ&v=APEucNWOQPWCxEQMWJ5aqC7UpUYqT5izjUiqvqAjgiLv6VSa3ebo2phhod_ogNnQYVXuvrN33vwEkuY7AQhpcT-WAiO32wtVCw
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSGGE-DIjC1X-fLpm_eWu4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0363
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKs51XKh_-eTsn1V17P-JKk&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKs51XKh_-eTsn1V17P-JKk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQ3JmanAMYp5zAxAEwAQ&v=APEucNWOQPWCxEQMWJ5aqC7UpUYqT5izjUiqvqAjgiLv6VSa3ebo2phhod_ogNnQYVXuvrN33vwEkuY7AQhpcT-WAiO32wtVCw
Protocol
HTTP/1.1
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b2edc3b3-1f91-4bf7-9e3e-ed323821a512
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKs51XKh_-eTsn1V17P-JKk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0363
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwOTIxNzg5MDQ1NDkyNjcxOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwOTIxNzg5MDQ1NDkyNjcxOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK36vQEQ3JmanAMYp5zAxAEwAQ&v=APEucNWOQPWCxEQMWJ5aqC7UpUYqT5izjUiqvqAjgiLv6VSa3ebo2phhod_ogNnQYVXuvrN33vwEkuY7AQhpcT-WAiO32wtVCw
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
906936b4-c6dd-4b58-926b-027302154928
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcwOTIxNzg5MDQ1NDkyNjcxOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame F847 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a792de5013d00900f25edd33785fd9017d8eb0d6cf2eac3011a2ac623410cd1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FozQQVswUy1GE6y57CKIZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-FozQQVswUy1GE6y57CKIZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame DD67 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-212001089-1
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98f25dfc780e7234ac58920f3785820470e3f0e4381dbf2b1c1f5d4314c69bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37787
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 12:23:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F51 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Mar 2022 12:23:00 GMT
11630
tags.orquideassp.com/tag/ Frame FD50 		826 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/11630
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1648641043&d=8509&z=29441&divID=vi_850929441_1&w=320&h=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:a000:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a9eecf41513b97d5590668384112bc961ba71eb372afb5cd07caee94dc366642
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
708
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Wed, 30 Mar 2022 12:13:55 GMT
content-length
826
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33a-G6ENEqNBXqZge1NtSeqeXuENJdQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
uAlBYkTPVdua7R3sPSU1HOl3EJXE_uRjzH8sB2il6KPtMNBcBuqWuA==
view
googleads4.g.doubleclick.net/pcs/ Frame 914D 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV3JOhad5JesqvxwdBy1w9BphWntUkGYA-as84bRxDFeutlZ56Q7QfexN0vZ4yB098OUXBsYiK3Vlyrkbgk2pgMUINcsQDy4jQnk2eb9T0Z2Tifx0Z6j6nP4KJoqqrkqXID2y5pZtm-oo-D86HYCalIuY25K6jmi4JxpFzjr1ACm6Iju6hmTCKS6BKZud2QQYeVkd81J3jUNuhcFldFAhPo8EDe8Vd-wLsCB_SisapwBgXoT5oW6GRISsphCvjNE2fnoYep9To_BS0UE2v6ugl2jyFXIAtuJfxBExE6EUoDfRkGxD_VwdVNRtoiuPjGDUhtGhw5r7BMf8YX1dBUUnaY8aWix5HoAspusr8I8-M0GuQBNRhFZ72YA--5Sj5oLdLUT4P3hwJwlxdE8sSWTh1hEPAhACzXy6Scc2GKHyaeylFmeuMJKSFIYAGbE5FXa930WbGBoTHnbtIr2qFxANrgb5mN-xN8TaScqko3ga_6J78kYWnGJJtWkVBf4xBuyUSARMS1g0TBSdrd2F98yrp0CBVJXo_iFWvBMfi1yh1thIi8wv9cXsMZl5emfLpGm2X4YIAlj1wGKdjcqbrOO-iBDobbTV3sXi7SqAu7KNT2em63AvpBPRuwF4wQcL9VycvVEPCx2HJqONnhNUPZ2ZPuDzSVviG5oLQw9JFSriERNnPFlABqc5ByOCFtG1byEZgJ5TxLZyqZCK8cD_yqwHQ813rLifwhJeXJBMmKlG7RtEexVxWaMMd9kch4c3NkrIniAVK6Geeg-UN9ulV4eRjZ04K04LAcBdv3oi5l1eEK-ECIOE1Q1ibWm5OG8NRvRbmjiJN4dhFEYd4iFjX2adQxFeWHRg3FmxS4oqGTRx6sv9NyuP6E-meOiUKvyuosCwO8UPTOdFmdB4mLacdhVF8fei30wFM2vl1i3JcvlK22bLNvBdggyytgGL8gycNXr9RaBr7IxlL-WvHwhSqigLDSLarLp6KEsvnti9Q48-08dttwPOnjETLY91bF8IEeBxV4bsm87MwHScz_UVVvSt7hAWBqaPvAMkQ-H0cR1xCRZSzU2KSO_C-v-yTfOUSG56AUGoeeTnG0QxhdEcd5Y5IRfNtqonSHgeMrTFmNSf73fMi8p73IXrTJzgdZQ&sai=AMfl-YR07ffqz9gUYJKxW3eV8STDwQW3H5ZHQKcFPbiPg-SZ5LP6024fy4zwn472rSO0mRBvHMuTDwre23RUTyyntsqGHWhsBEvDn2B9bmCl3Tazfn1jCjaSpwcJg6o9Ok5Js0H669F3uBBKpHdfSmuZS3va2XrB5ekU3zsTb1WzhDi42bY-uchFpJ_hTGu2_MGpQkksL7jnzzDEbCMkc1bbyM8khKbnyV-2Rrt1OhVc9L2n0XWE1icbccptqzYW8PNF_vjvwlIuqTQpqN5hZ7X2p9iBN0p6FDnxQlWIL1QfMrRimG7Eb8Mrg61vppTz_LXYcXsdOLhgLWHprAegzJ0QQJFK9mDc2VxTZb-hIBzf96FYwq2k1QEE2PyCzbuL3cBOnO62xPtC8h3IOLo&sig=Cg0ArKJSzBhdrlVsEYpFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=310&cbvp=1&cisv=r20220328.11604&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 30 Mar 2022 12:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13363933097729925018
s0.2mdn.net/simgad/ Frame 914D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13363933097729925018
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a2ab49e438da337fc17f0b6d2298c1ca7419d751c17454f3c25a560d2e9e582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:09 GMT
x-content-type-options
nosniff
age
574851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32199
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:10:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 914D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 20:41:56 GMT
truncated
/ Frame 914D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0bd1d752fc817b59c146aadacbbd144b1e9870bc431fabcc20a7ced88ff2b0a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 7DBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXWKSn8L76dF4XDH97y7rQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXWKSn8L76dF4XDH97y7rQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjOyc3CATAB&v=APEucNUTjJZkkl0kDTAy56aM9v_hNkqZou-N-Wpku_APVPFOMAVEt3HoLtbt3AOp9my97pipnae-B--Z3Wlipqf4AVqT23O57g
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAXWKSn8L76dF4XDH97y7rQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7DBC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk5OTAwMDAtM2M1My0yMjlkLWRjNzUtMjM2MzRkNGUwZmNi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk5OTAwMDAtM2M1My0yMjlkLWRjNzUtMjM2MzRkNGUwZmNi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjOyc3CATAB&v=APEucNUTjJZkkl0kDTAy56aM9v_hNkqZou-N-Wpku_APVPFOMAVEt3HoLtbt3AOp9my97pipnae-B--Z3Wlipqf4AVqT23O57g
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODk5OTAwMDAtM2M1My0yMjlkLWRjNzUtMjM2MzRkNGUwZmNi
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 7DBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHggzU4Hwew08_i67DbhRyI&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHggzU4Hwew08_i67DbhRyI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjOyc3CATAB&v=APEucNUTjJZkkl0kDTAy56aM9v_hNkqZou-N-Wpku_APVPFOMAVEt3HoLtbt3AOp9my97pipnae-B--Z3Wlipqf4AVqT23O57g
Protocol
H2
Server
104.118.9.133 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-133.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 30 Mar 2022 12:23:00 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEHggzU4Hwew08_i67DbhRyI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7DBC
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjEwNTVlZTMtYmUwNC00MTIxLTk5M2QtMjczZGY2MzFkYjEw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjEwNTVlZTMtYmUwNC00MTIxLTk5M2QtMjczZGY2MzFkYjEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjOyc3CATAB&v=APEucNUTjJZkkl0kDTAy56aM9v_hNkqZou-N-Wpku_APVPFOMAVEt3HoLtbt3AOp9my97pipnae-B--Z3Wlipqf4AVqT23O57g
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjEwNTVlZTMtYmUwNC00MTIxLTk5M2QtMjczZGY2MzFkYjEw
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 30 Mar 2022 12:23:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 81BA 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Mar 2022 12:23:00 GMT
/
tag.vlitag.com/passback/ Frame 8407 		94 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/passback/?t=1648641043&d=8509&z=29440&divID=vi_850929440_1&w=970&h=250
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1648641043/b696d0f5c06dbd9fd83feb568718537b.js?cc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba97de29555b4abe6cb6a8db6a0924a2f281a35580be694dcf08e729dc6d789

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 11:50:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6f40d0638c544bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
truncated
/ Frame FBA7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3efb3262225f8c66648c0df91bb486eab511246a9ecb3eeebe322c66e99a1f5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
styles__ltr.css
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame F847 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 00:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 00:17:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame F847 		359 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=gZWLhEUEJFxEhoT5hpjn2xHK&k=6LdJkt4dAAAAACANDNI7s0sga9wEjI_Qd3YuSDGD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:26:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144576
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 04:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 05:26:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FD50 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11630
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
97f82abe23efcb481e550e942eebce7aa01ec565c4c0887eb0c1aa4e3e4025a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28053
x-xss-protection
0
server
sffe
etag
"1172 / 899 of 1000 / last-modified: 1648638614"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 12:23:00 GMT
icon.svg
supertruco.com/ Frame FD50 		1 KB
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 19 Mar 2021 14:39:52 GMT
server
nginx
etag
W/"6054b7b8-47c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
date
Wed, 30 Mar 2022 12:23:00 GMT
x-ac
2.yyz _atomic_dca
expires
Wed, 06 Apr 2022 12:23:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FBA7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnzWu23U2JAx1ARs1w-mLty6Mt0WcvbVEGqMybIiiFBUfh4pJz6Ef98hkvxJeJF2Sj1jhjUpsvA8DlFU_yy1FNLoFMbCZgHd2T1Civ3j9k-am_FR1Cbwu7qfhzT9xC_LAWaQvHwo09XJfhHowt1Gmn2QDz1XGVob2zAa-0b8iF8FgemSkyWXRB9p552pg-9B8VzLr78EdOK4jSe7fRAkNexRmCWq05TGg3ti0GpBKnKqANlgU59mUux097rC2w-PdgnwrbCzESJL75tPze4pqzlEPQvsqglHBOdfV9M6eH_tFcSlyfaCKPUZ_95vsZbthn4r0ydW3psiZaPWHDBVb9rHWks48ASvF1MzfML4MwkY-_ESFrn1xTCk2za5DTaarn0e4zvDGpbQNvGsvvBcJFDigCBRIF2SXNRxiV2Nsce5bJUzW0jnvHFLuDdNNaiNTkYDQ40ElxLaqYDLWwfJ0t2Hp5BeKFrAX7qA6txOhqxn-1tA50pWbseEU0Fsm_3b7FldllohPGDD3VH1OZCTo_NeNbhTb-qVbB1XwM9MX48tCP4z_LStHJJA4srKzy_XMmVlypH_P9pRcUlpUd6HKVy0XPKPJAj1DpIuRX2ss1rEXUInZY8S4akGxh4svZoK9G4WID2d-5iBhFEXaoNVEpktEtPD9_Dhe_YeF9iZDGN5g86b-T0Rs_v9lbaTNI5Sx4DzS_rfitMl_xxeMLgqvgsM2-5x65uz0H87K85nTZtWZntIW661AgPpC6OhLfi7EtO7AZPKcLq50BXzK2hq1XUqyhS3SYYZ4NT5fGD2_2zUv4Cu3hlt3AttXH_JgxtaxD8H8OE7iULbG8pI_933mk-Q1zdmjABpbY_3bsQmRW9P7oslbDvfpdSObtzJ--1U1rzqd4eKWpg7DxVLs5rg974QUv80nJQHvdPtbeWUMJ08ofX2kWszM4myiG2vzLWFaUF5meKnMxy1F-pAYg2TPlauw5uer6ZtYTVjW3nlId23hRmFqXhpzRqfX_61ZTb2UCJGhcUC3b44Sq90glGwyFtxWk830LkL45FaZRipAoEqrj6vT-lfDrdXYsbeDbJ7TQzVHcLChqW9alzxgNeoiXoJCxmv-IO5k3oXM66Rg2-7fn3JNWz97-g9QW&sai=AMfl-YT6RdaZbJcc-tc-n2rKoApQh7piWIiVrqv2neApNDE-eAyLnhUu1nQYg9Y8FITkFc9BbpfCN3tasG5epJn2R8-PEz4vTvNsvNjoj4FTQsnbpdOTLc-rDWABVBrayKWz9sEL2lUujQi2YYuTQwPRTFEnAk0v53YWeLqEOv6SBf-pWNMef-dlBABJm9ScZNRVm2NkcL_eDPoyhVH7mYUyjwfB7rcI8scRU6q_f9vzA4B6bWWnmw2khzC5X8kg-GyN3NXHFrxS8qiRR2b8IvupdMMjQTkhc4B6R0PU_zWbnvHdb1FIL3nZRvXGZs3HUfFWC2hed2BssEK6ytEtY3AKjZh0TGohZ-ruFm0nBiXACK3LpPshkdyJxKfnBLWHyUcA0wZzj812XA6jZJI&sig=Cg0ArKJSzOp6dHyoYebBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&vt=11&dtpt=318&dett=2&cstd=0&cisv=r20220328.11018&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rocket-loader.min.js
assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 64E3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6f40d0641d264bb9-YUL
vary
Accept-Encoding
expires
Fri, 01 Apr 2022 12:23:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BBE8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
56463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Mar 2022 20:41:57 GMT
expires
Wed, 29 Mar 2023 20:41:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBA7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BoATEo0tEYpO5GOS4hQbp2onICwAAAAA4AeAEAg
Requested by
Host: 2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
URL: https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adtrue.shrinke.me.994618.es6.js
jsc.adskeeper.co.uk/a/d/ Frame F49E 		230 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379cf77cd5714e54741f614a43ee07628c29f52ee1fc228d14cd0d77af961ac1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
cf-cache-status
HIT
age
3727
last-modified
Fri, 04 Feb 2022 11:16:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4HCDW4SZ4KGW6VN7
x-amz-id-2
k7Pw+UVxMMu4uXRVEybZfrMxqRLWTLOoiRZTYyIrFzLZ4xO1Y+mDyCPRNXzp+RpaHvSnK0I0siM=
cf-bgj
minify
server
cloudflare
etag
W/"b4aa6d8cc6d6a62c2dc534daf3ac7b50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
6f40d0647b7af989-YYZ
expires
Wed, 30 Mar 2022 16:23:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F1B9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
56463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Mar 2022 20:41:57 GMT
expires
Wed, 29 Mar 2023 20:41:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame ED15 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
server-processing-duration-in-ticks
2634
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F51 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Mar 2022 12:23:00 GMT
11628
tags.orquideassp.com/tag/ Frame 8407 		829 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/11628
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/passback/?t=1648641043&d=8509&z=29440&divID=vi_850929440_1&w=970&h=250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:a000:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
30077e599842195e23d382b85dd6d3ab8bbb43bf3bfb2529422dc6e970bf6632
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3127
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
date
Wed, 30 Mar 2022 11:34:11 GMT
content-length
829
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"33d-bgxjTDcdm+XlaWDc7C8HVn0kSGU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
Ju7z1U4Y1gXNhw0nD65fdk7cilkSBy0cEc933ogx2XfxE5RA2vyiQw==
pr
s.amazon-adsystem.com/v3/ Frame E2F3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b12b9549671ecfee3699b3c0a16d69f4926bf2183c4b0b05248e039e1b4b87e0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1848
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 30 Mar 2022 12:23:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
8X3K4DJYY1H33N7E8PYN
analytics.js
www.google-analytics.com/ Frame DD67 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212001089-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5944
date
Wed, 30 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 12:43:56 GMT
syncframe
gum.criteo.com/ Frame 3E95 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:22:59 GMT
server-processing-duration-in-ticks
5701
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 81BA 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 02:42:25 GMT
server
nginx
etag
W/"6226c291-1834f"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Mar 2022 12:23:00 GMT
sf_ext.min.js
assets.vlitag.com/plugins/safeframe/src/js/ Frame 64E3 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1650154
cf-ray
6f40d0650e424bb9-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-5aed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Sat, 26 Feb 2022 15:38:49 GMT
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ Frame FD50 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 19:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Mar 2023 19:24:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8407 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
67521c94a4566f03afc24a68425885aec864fe2578485817ce014980bfd0ccf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28072
x-xss-protection
0
server
sffe
etag
"1172 / 630 of 1000 / last-modified: 1648638702"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Mar 2022 12:23:00 GMT
icon.svg
supertruco.com/ Frame 8407 		1 KB
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/11628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 19 Mar 2021 14:39:52 GMT
server
nginx
etag
W/"6054b7b8-47c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
date
Wed, 30 Mar 2022 12:23:00 GMT
x-ac
2.yyz _atomic_dca
expires
Wed, 06 Apr 2022 12:23:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Mar 2022 12:23:00 GMT
/
s.ad.smaato.net/c/ Frame E2F3 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:4a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
via
1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
XbmWiHpwlpjiRBhFCnwyetAEMQ3LOf3mEGZkuMnekqyPvTG2Ffjf8Q==
x-cache
FunctionGeneratedResponse from cloudfront
ecm3
s.amazon-adsystem.com/ Frame E2F3
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=A21DF2CDF4B34C7C8E43AAE9B595FC54&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=A21DF2CDF4B34C7C8E43AAE9B595FC54&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J70N9X9K55V9NZA91AD3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=A21DF2CDF4B34C7C8E43AAE9B595FC54&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 29 Mar 2022 12:23:00 GMT
sid
mug.criteo.com/ Frame ED15
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk...
  • https://mug.criteo.com/sid?cpp=8YRmvnxSY0VIVlQyTmtkdk5OS0tsMWNQUWtGdi9sTzdiT1JOK1ZCamxDQ3ltYVg1MitMcEt0a05MOUNUaWVpS3AzMDIwR1Y5SkRIV28zTjFmVzV1Wm01TTN5cGZJSTRsT1AwOURMSk5tZmgxaXQ1NWE0SG9lTjJnaThLNV...
431 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8YRmvnxSY0VIVlQyTmtkdk5OS0tsMWNQUWtGdi9sTzdiT1JOK1ZCamxDQ3ltYVg1MitMcEt0a05MOUNUaWVpS3AzMDIwR1Y5SkRIV28zTjFmVzV1Wm01TTN5cGZJSTRsT1AwOURMSk5tZmgxaXQ1NWE0SG9lTjJnaThLNVFRWjZVYXhMQUh2VFg3WFc5T1RFYjlPV1dMSVJJU3VoL2ZmR0lxUVBLbUNsdDhiMWxKaGgwL1lWMk1UL3cyL3g3N0dMcnBDaGJWdmN5MW1xRlZXVW5SYTZzYXIvSWdFZU9COHJrd3dGd1hCK0ZFa3d4ejlUZGQ4Tld0Mi8xck93WmpEN3lUQkYxUFcwQWhGT3RQSUVwRHdyMENGZmFKZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
d66cad8633a5467788a9750ec269ce23a736f851f53e3af911a2d6287e58f8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3724
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=8YRmvnxSY0VIVlQyTmtkdk5OS0tsMWNQUWtGdi9sTzdiT1JOK1ZCamxDQ3ltYVg1MitMcEt0a05MOUNUaWVpS3AzMDIwR1Y5SkRIV28zTjFmVzV1Wm01TTN5cGZJSTRsT1AwOURMSk5tZmgxaXQ1NWE0SG9lTjJnaThLNVFRWjZVYXhMQUh2VFg3WFc5T1RFYjlPV1dMSVJJU3VoL2ZmR0lxUVBLbUNsdDhiMWxKaGgwL1lWMk1UL3cyL3g3N0dMcnBDaGJWdmN5MW1xRlZXVW5SYTZzYXIvSWdFZU9COHJrd3dGd1hCK0ZFa3d4ejlUZGQ4Tld0Mi8xck93WmpEN3lUQkYxUFcwQWhGT3RQSUVwRHdyMENGZmFKZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2531
content-length
541
expires
0
/
match.sharethrough.com/jwumXNuB/v1/ Frame 0560 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.54.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-54-123.compute-1.amazonaws.com
Software
/
Resource Hash
291690563f00b332a32ab96a0312d5b2f8329d6f2e3ffd8a4f15006e210dbbbc

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length
427
date
Wed, 30 Mar 2022 12:23:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 607F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48823
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 2943 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.248.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-248-200.compute-1.amazonaws.com
Software
/
Resource Hash
b6b64b16bf262843cbf50fa045567c9f8b6f75bb53931e7d3a53f1f64e252da6

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2169 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Mar 2022 12:23:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame FE0E
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=771633bb03d1121c&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbrSp2Gz-WQNOPBSsAAAAAAA&expiration=1648729380&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbrSp2Gz-WQNOPBSsAAAAAAA&expiration=1648729380&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Mar 2022 12:23:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
EJPFEM1B6T2YPVTCEKRQ

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 30 Mar 2022 12:23:00 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGbrSp2Gz-WQNOPBSsAAAAAAA&expiration=1648729380&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 316A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2350325416479113524649
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2350325416479113524649
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_pm-db5_n-simpli.fi_ym_rbd_cnv_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Mar 2022 12:23:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
8AEJKK82SBPFWJGQ24ZM

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 30 Mar 2022 12:23:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2350325416479113524649
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
googleads4.g.doubleclick.net/pcs/ Frame 914D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV3JOhad5JesqvxwdBy1w9BphWntUkGYA-as84bRxDFeutlZ56Q7QfexN0vZ4yB098OUXBsYiK3Vlyrkbgk2pgMUINcsQDy4jQnk2eb9T0Z2Tifx0Z6j6nP4KJoqqrkqXID2y5pZtm-oo-D86HYCalIuY25K6jmi4JxpFzjr1ACm6Iju6hmTCKS6BKZud2QQYeVkd81J3jUNuhcFldFAhPo8EDe8Vd-wLsCB_SisapwBgXoT5oW6GRISsphCvjNE2fnoYep9To_BS0UE2v6ugl2jyFXIAtuJfxBExE6EUoDfRkGxD_VwdVNRtoiuPjGDUhtGhw5r7BMf8YX1dBUUnaY8aWix5HoAspusr8I8-M0GuQBNRhFZ72YA--5Sj5oLdLUT4P3hwJwlxdE8sSWTh1hEPAhACzXy6Scc2GKHyaeylFmeuMJKSFIYAGbE5FXa930WbGBoTHnbtIr2qFxANrgb5mN-xN8TaScqko3ga_6J78kYWnGJJtWkVBf4xBuyUSARMS1g0TBSdrd2F98yrp0CBVJXo_iFWvBMfi1yh1thIi8wv9cXsMZl5emfLpGm2X4YIAlj1wGKdjcqbrOO-iBDobbTV3sXi7SqAu7KNT2em63AvpBPRuwF4wQcL9VycvVEPCx2HJqONnhNUPZ2ZPuDzSVviG5oLQw9JFSriERNnPFlABqc5ByOCFtG1byEZgJ5TxLZyqZCK8cD_yqwHQ813rLifwhJeXJBMmKlG7RtEexVxWaMMd9kch4c3NkrIniAVK6Geeg-UN9ulV4eRjZ04K04LAcBdv3oi5l1eEK-ECIOE1Q1ibWm5OG8NRvRbmjiJN4dhFEYd4iFjX2adQxFeWHRg3FmxS4oqGTRx6sv9NyuP6E-meOiUKvyuosCwO8UPTOdFmdB4mLacdhVF8fei30wFM2vl1i3JcvlK22bLNvBdggyytgGL8gycNXr9RaBr7IxlL-WvHwhSqigLDSLarLp6KEsvnti9Q48-08dttwPOnjETLY91bF8IEeBxV4bsm87MwHScz_UVVvSt7hAWBqaPvAMkQ-H0cR1xCRZSzU2KSO_C-v-yTfOUSG56AUGoeeTnG0QxhdEcd5Y5IRfNtqonSHgeMrTFmNSf73fMi8p73IXrTJzgdZQ&sai=AMfl-YR07ffqz9gUYJKxW3eV8STDwQW3H5ZHQKcFPbiPg-SZ5LP6024fy4zwn472rSO0mRBvHMuTDwre23RUTyyntsqGHWhsBEvDn2B9bmCl3Tazfn1jCjaSpwcJg6o9Ok5Js0H669F3uBBKpHdfSmuZS3va2XrB5ekU3zsTb1WzhDi42bY-uchFpJ_hTGu2_MGpQkksL7jnzzDEbCMkc1bbyM8khKbnyV-2Rrt1OhVc9L2n0XWE1icbccptqzYW8PNF_vjvwlIuqTQpqN5hZ7X2p9iBN0p6FDnxQlWIL1QfMrRimG7Eb8Mrg61vppTz_LXYcXsdOLhgLWHprAegzJ0QQJFK9mDc2VxTZb-hIBzf96FYwq2k1QEE2PyCzbuL3cBOnO62xPtC8h3IOLo&sig=Cg0ArKJSzBhdrlVsEYpFEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=841&vt=11&dtpt=531&dett=3&cstd=840&cisv=r20220328.11604&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/ Frame 0F82 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bb3e063c944e31fbed795f7c6792cc89e703def605ad0c936eb3bbfa3decb04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
574850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1811
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Mar 2022 20:42:10 GMT
expires
Thu, 23 Mar 2023 20:42:10 GMT
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
collect
www.google-analytics.com/j/ Frame DD67 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=226327769&t=pageview&_s=1&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&ul=en-us&de=UTF-8&dt=appnexus_shrinke.me_8509_0.094295_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.094295&cs=shrinke.me_8509&cm=appnexus&cc=Default&_u=QACAAUABAAAAAC~&jid=1319449442&gjid=130710408&cid=1332967654.1648642979&tid=UA-212001089-1&_gid=308436159.1648642979&_r=1&gtm=2ou3n1&z=1591427916
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0AF7 		588 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYsqvwwQEwAQ&v=APEucNXEWBiikY-aEYT2nhtJ20JpPLrEPbAne5toxP3HgN_UU-Kt-qy9cFhgaYPjuRrs1pm4MQ0MnisXivAk8e43MJM9VgjfOg
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cb745c1c8cffe3edddd856464e624896014f9b980629890b3986c6da3f056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2F79 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24528
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:00 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 70343
X-Served-By
cache-lga21963-LGA, cache-yul12832-YUL
X-Timer
S1648642981.899754,VS0,VE0
ad
googleads.g.doubleclick.net/dbm/ Frame 64E3 		76 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CSErEJvpNgdzXyLt8fhD_dTyD_ZTD7_Wzl9KYuKQAAKZl3v6TcKfNtDJulKx339VFoeVgduOvgfQ6ONCh2jxFojKUF2aUPmbXbbhWPiZv9BepmDbVrOYLjv59atf4pEihN9q7Ggz0ig17N7BaWZ01fQ5oIpQ&dbm_d=AKAmf-Aq61ZSTiezwaSrULfAUQfbpcnTgLhj-WgKu3tpcSvr8LFyy2Li5RfVCTDCER4iJ2f98CrBVB2_05K7ay7-k87dEhiHE3VlQTwftKTEWUdiY9N6rd6NHDtmsRCp6ZYo5KRYRU_luXtWcKNHwGzC1S51fypEcP7R68NZ1vHAP-B2XCQI5Q125ir-JtHHL8NY9RS7Bmy8vHNmoefu6JuY5tXgw0C26NGy4qZu6T1Vvyxri1tZ91k4UD6w17qLpO5bRRy9-UusT6u3aLtA1ZVbLv8AykM8yz5psGzd3UceN6pbrNrtkRrN7TLipncHYoeZqJ9qG8oqSozMkcP16rKuzMXz3Ly4ImJl8Ge5HR8aLmQM8xe6ETIEb45cD5UPjOL2ku5vU5FXqUeOa8bqmYxnfydZu5VTFprO0SRqEUl9s9ZSyASnmD0NrN-xsRUZD5BLZfYwGaGijBdC0MPjLEL-ZAi5Kr9svPLX4iKK0WuJ6y2V7gpe7aAGOhDTWNrRH3uX5PH8SSKbiE-Pwh2Ds1uDoHuEFGgcuoX_qeH2LPwOue5Uul2aXibbaK1o6IO75U1O_MwqkAsI2Wyml71NNyQy38l7fJhItt2OhqukQd40sw46a2KPTLTmgVN6V_smaop8IHmpBA10SspPNtW_JLsBpYAbZoLGXPrMNNjqrOcs0LXVhkfxp2VDNwyyhZC0COtOgAGBo-08qkl7WLqhR293yc5sKzxs2-Mpi8sj5NhQmQB0TTbx-Z9ICxvBbSw0qC4SPAsrYfH8x8fPZD-QbDLKSpJKCbxJcx3AVIoyCnWTcRYTBxcbrW0MY-qU80FHEr1qVkzqKcVr_SI9B0-vtAUnXh5UWA-WPr5bSj6PTVN6wM9gjv503mGQOCwEURtfGxYGfrbxcY1FkL12UzhPZd-hfTXr_Og_pZP49cE7F8fxihAUWY6l3XOGSL70lRXvhb1WhBwKYKkpGZCHhhbDYs-ZtmauDizjoy-dwZrmzdzBW8VndD6Rdv0j_gboegFac5lM7mrUMQrtoibMmdCXOwXHzgMsUpZ4EM2098hYjhGje6xvoBpgkJyYR8gaZaVKiPaukfeYIWodW7oOM7BRdt-XOpnHUBsi3SWQKbCaELHjjmZ_3RErQzSPvGNxvfMMKu-6XmTJ1BLUkQfbFMm31-l0X21D_lP5JPNdeVlEpOGINq48IokGgCQ7qzWgekFkC3_N_ZsQDIA1buBd8jrwKRZioIph4rLoVraft1qYYMTB_E00leoBoii7zixkFQGfZNTZYaMaEdpEDhMGzAgE_4sLteNB6XpabswqwGdmehJiOzjt-MGPtqI6IYMJBOZShthZ0GLMe4XN2X-jGvJtEzT-ZkBZJcnziRDs0v4gXXn9K2OG9e4qyEV-5RvAhHyuGhgpuDsanlT9gbtARGtr0H_Ya1idnnpQ45sFseCuFWLIECYL8Nmmxzt-A-ujoXjxxY6zzB5FQ61EzKJGysm_nrgJY7uItl-fo9mbJL_ZUveMwwWMZoXsK8wqYPWK-Z37QWmISwwN2BOQfmG7FhApf-jOS3b_AydAWGzj8Xp0t4MixDSHwoWOkkmwgyWbXmmvMTP_SHEKW9qatzPB7io0pz0H4LM80V-acCh8f4y56MMDXDzEfE0UMasp4PDJx9cLLC7lis6TjWVR4R_0_5x7_bStnMAMLXFfHDsfmL7OQfne_G1vesd0xIEJhnKPEyH5xKciAUgqURDckIyH7dxvOTm7KfIKhC8jJLGdbddWhorb8FkxZRGu7pL2P-NOD5ahw3C_NWpOkwdngRnoyP5gpV7-afMGrZQtptq4lw55iTjyKTYaSe_nbou8XtHSuVMtN-7umVtV_nn0X2_zNUSjirlKrygjj0Ci6ewtnzt4gvwA3gPbP7dmoTRLxfJvJlNs2SmemJqtcdDHtMf-6MmmsBq1Rt_-uthIIquwqCNfrw9jK8Q76mVTqbVyZ4X57Y9Q_3BoaC87v27DLXI1XtpScXpJPmZeRoRIWrH1KU0MePYzItWf9GqckLto9rjwbgjb27M_iD52wvvYsZ9ex5kUPLWr044LyMdolR3eF4gai-nhp97zpqVSpFcOMiRwFzRCE6VHGJVlESpbT3NmdL5V_4HLGLJj-X4kr_FjqHv_crnSY43fZJPlReU02jJsmXLNYjsgXQtDYNkymEHufXhCJQoakqMfKDunfzh6dS4ULDQ2Ao3bx-S5tyaHMbd-EBxgQWe1HEPktvcRNUDwS0D-NMt6nOLgM80tHQBVR72qFKVVgZYgD8mt9i1pr5d-4ZE7z6v4BxEN7p26SMdKJORA3wVaRnFBqjkOmV4YkpCJdcgS1oD647pXdqI6ucDFxRs0UcbsVHSQ9SjvvQCDQ8SgZCymTmcEobDHUT1oJyeZXDWR8VzJHeYHaxan2BVw9WkRvXT5mI5_jm2b8PBgLkgFFwDkQ1J_JGcXB0QWDYzT_oRcZt_MLMDA7H9uW9hnMluYEmA_J1AT6aTs-MKZslwVCLhjEbbTdQn6_symtLlGA29Kissed7kapx38ei0VzwbC4YOVA0Hn8QbN111Dlo2HQBbDzSZCqgLrmp4SuLctBgu5mtJWgaQFewivwSun0i0lehxjbVRh1MGPhZfJQ3Ni5PHSrFkpTDmBNaaYOMS3TfEH7ff1i-Z_Scxrajtk4_XgCcHY5c195I_swx7bRYn7kozG_pGo2VxFw3MOz_VltAOswU15fZKr6t88ZomUT0Oc5gP8wUkrfAzGhLTWWN6Wc3HTbg1rYDIT2xbWbEMzi7gBArLdaDWdFD0kwfoQJJDBBwQZesy6ayOh-MWpDbm_u8ROef-yLoezVgak0K_SQKsp_3Zo5KYmkdc4ZswPlKmTADV0JYNXma7IORqA289ufp2iOs0h5qPUNQj1peqrFuJC4RIkXQL-1eLlCqzLrTmw4MwjzO5LjTGwdDUiZ2bFnB6kVmsr--UbGIRfmRhpNZ9jYecYf2PPZ2PCmqnY1Iv_ts6JzCItcYiQAcuHLC1ZWHj2DaIGvc_hKxE3jaMZL9AwLEb6Gb6YWhFeY8J4BKRwfrGBK3nn0E7YQ2thnPKXccsMz_2yRSmltA&cid=CAASBORoRTM&rfl=1%2Chttps%253A%252F%252Fshrinke.me%252F%240
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d4e4d52562cae962932e7f135d272cbafcce82eaf1d00be661370f096502265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32626
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64E3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4zhfepa4EisBa2i0hHeMygvUmOtZ5g9rSoBNV3ILuKJgfe9dfLuh_25bTyBTNYLvvEHwnf18MCaDEnwdiBTleJv4IyTCQCXslmVw1WBEWjN47xic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
it
nym1-ib.adnxs.com/ Frame 64E3 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fshrinke.me%252F4lpHNx&e=wqT_3QK8CvBMPAUAAAMA1gAFAQijl5GSBhD8mLu4nrKKkhIY_-q7otmTl9wXKjYJ6wCIu3oVvT8RXJrPd78juD8ZAAAAwMzM7D8hXJrPd78juD8p6wAJJNgxAAAA4FG4nj8wiMKPCTiDWUC8CUhlUPK5qKMBWPfiiAFgAGjNjKABeKepBYABAYoBA1VTRJIBAQbwW5gB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCGWh0dHBzOi8vc2hyaW5rZS5tZS80bHBITniAAwCIAwGQAwCYAxegAwGqA58GCugFES_0SQRhZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DUWtGcm8wdEVZdk9WTklQNnp3WFV0b0FJdGRTRW8ybTN2X3pQMFFfNExoQUJJT2FYMWlWZ2ZhQUI3NTdnbGdQSUFRbXBBZ0d0ZC1oVzVLby1xQU1CeUFPYkJLb0UxQUZQME50T0FqRmJHMldMeFdTLXhrOThoTmFpZTcxQzhRVDQxWjZWajRDQkloN3loaWtqbVB0dnNFN0JOSjVNdERySTcyNlJNdzZ4QWYyYWNLX2F1QkVHUGtTZXFGWXhKVHN4SXZYbEp3OWxMVGxzbzNyTnM2a2xPNWswVnhTeFdRMlJlNGVaNFJZNGRJWjNRcHI0Z0tXZkVNdC1GWlZta2p4akVRdzI1NlVhOVo1Q0dxclRFOFlUMHhkTkU1em5NV05PamRraGhrUFdTY3FKLWNBZllRNlZrWVdTN1NQLU9hbHRrTW5nMDBOLVlkV2Y2ejlUOEtNMUVyRkRuWGpkRXR1aGw3TGYzUW84Ylp0NWo3cFdUY0NMSGdOUnc4QUVfcGZNMlA0RDRBUURpQVg3cHV5ZlBKSUZCZ2dkRUFRWUFaSUZCZ2dkRUFFWUFaSUZCZ2dlRUFFWUFaQUdBYUFHVElBSC1lQ2ZhYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTW4zQmhpeXFfREJBZElJQndpQVlSQUJHQl95Q0E1aWFXUmtaWEl0TlRBNU9UYzNOWUFLQk1nTEFiQVRfcGZYRHNnVG12NlMzd1BRRXdEWUV3cUlGQUhZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD1tSGI0VHd4WWZaayZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTQk9Sb1JUTSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxMzA3MjE1NDk4NDY3Nzg5OTQ4IgkzNDI0OTg1NDYqBzExNzA0MzM6CTQwNjU5MDg5OMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAE8rmoowGIBQGYBQCgBYjjiL_17cfEY8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBv5J2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTYxNzI5MTM1MzG6Bw8IABAAGAAgADAAOLQEQADIB6epBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=a8a446017df130636c2d5b68f7aae9e4df57b935
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:00 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
203201a9-b38b-4242-bf2a-cbea453dab3e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
px.vliplatform.com/imp-v4/ Frame 64E3 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/?e=rNMZAaRrtNrtl0zghRzdNqyAtUYaU-BAMY-PtUr-waUr-AZAqrZeyUryYRqxeNco_MZAaPPPTZ_MRwNqhhftbxlRhNAGAaPYaZRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4LuH66HhONCdnBXbooALUj%2FFrGm4u%2Bg4zKmb%2Bd1Lpz2gKjyDq7hpNBB6uq%2F5%2ByafgqKCLUu%2BUw6eJWA32gOphRDaJoUAIv5vbTVzq%2BrSlzagtP5Rzwzps7qlRz%2BB%2BIcpw1KxUhbQuZYAIwZrqJJow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d0666a94ece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
sid
mug.criteo.com/ Frame 3E95
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk...
  • https://mug.criteo.com/sid?cpp=ATALtHxpK3lSdTM0bUdNMDhCR2FDTzQrOGxpSUZNNDl5UWxSZ21oQis0TUN3K1c0VjZlWnBzRVRhWlpsaHNOQnQzRnZkZXdQU0hPWFU2U2JoYis1YnI3UUZDcVJCclFHN2t1UDBFc01KcnMwa3ZXVlNTaUFkSDJ1YUtMOH...
422 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ATALtHxpK3lSdTM0bUdNMDhCR2FDTzQrOGxpSUZNNDl5UWxSZ21oQis0TUN3K1c0VjZlWnBzRVRhWlpsaHNOQnQzRnZkZXdQU0hPWFU2U2JoYis1YnI3UUZDcVJCclFHN2t1UDBFc01KcnMwa3ZXVlNTaUFkSDJ1YUtMOHhkeTNZaVpzb01LU2g4dFk1cytNMnQzVkdXNysyMHF5OHExUDYyTkt3Y0xxdDl4U3lqT3dOa0JzcjNlcU1UOVF1VTV0RDdTaFpZN2RJdVpaK3cvOTVWS1ZCVmRreGxHNVF3Uk8wS3BmSHlINDdvblFRQTkvbk5RaGNOSjlUSHRmVi9GaGdmZjM5SzV3U1Zab0dIbitoSWY0YjdDczBrdz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
5886e2afaa06b2bc451718fb0e3dfbb6c31eb936ae01a5ceff4ee397b5764a60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3883
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ATALtHxpK3lSdTM0bUdNMDhCR2FDTzQrOGxpSUZNNDl5UWxSZ21oQis0TUN3K1c0VjZlWnBzRVRhWlpsaHNOQnQzRnZkZXdQU0hPWFU2U2JoYis1YnI3UUZDcVJCclFHN2t1UDBFc01KcnMwa3ZXVlNTaUFkSDJ1YUtMOHhkeTNZaVpzb01LU2g4dFk1cytNMnQzVkdXNysyMHF5OHExUDYyTkt3Y0xxdDl4U3lqT3dOa0JzcjNlcU1UOVF1VTV0RDdTaFpZN2RJdVpaK3cvOTVWS1ZCVmRreGxHNVF3Uk8wS3BmSHlINDdvblFRQTkvbk5RaGNOSjlUSHRmVi9GaGdmZjM5SzV3U1Zab0dIbitoSWY0YjdDczBrdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2153
content-length
541
expires
0
XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
pagead2.googlesyndication.com/bg/ Frame BBE8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
128982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13735
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:33:18 GMT
XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
pagead2.googlesyndication.com/bg/ Frame F1B9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
128982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13735
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:33:18 GMT
integrator.js
adservice.google.ca/adsid/ Frame FD50 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FD50 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shrinke.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FD50 		92 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1355483729956619&correlator=4167767953195705&eid=44752586%2C31065551&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display320x50&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=1&adks=3180898069&sfv=1-0-38&ecs=20220330&fsapi=false&didk=4110062645&sc=1&cookie=ID%3D6cc800b230009e1f-22540b4212d200fb%3AT%3D1648642979%3AS%3DALNI_MYG2BhT19VIdGYqtvl924hWG_F66A&cdm=shrinke.me&abxe=1&dt=1648642980951&lmt=1648642980&dlt=1648642980115&idt=821&biw=1600&bih=1200&isw=320&ish=100&adxs=640&adys=911&ucis=boza43kgil4x&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fshrinke.me%2F4lpHNx&top=https%3A%2F%2Fshrinke.me%2F4lpHNx&frm=23&vis=1&scr_x=0&scr_y=0&psz=320x-1&msz=320x-1&fws=256&ohw=0&ea=0&ga_vid=308436159.1648642979&ga_sid=1648642981&ga_hid=1402073508&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
c7d301861e0a9aa3e3fab262e30783edb4c79250fa1aa8129d3771d0bf474004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34798
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 860B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
expires
Thu, 30 Mar 2023 12:23:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame 0F82 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1796045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21845
timing-allow-origin
*
last-modified
Wed, 26 Aug 2020 23:14:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f46ecc0-eeae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PodyqOp3y0jma5aHZK%2FVEN4GnAwsB8qABw3Mu8ZCrrhGtCfBaEv%2FD56yjQLZgh44XXbpO8mDbTncfHH7cYVMYQ5cpBGYJrD3xaiaCfVh3Qto%2B%2FA7Ceq0ruQmHCLtwCmYoDpD8KXvXu3YGQfRCR%2FCk%2B6g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f40d067887d4bbe-YUL
expires
Mon, 20 Mar 2023 12:23:01 GMT
default.min.css
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/css/ Frame 0F82 		477 B
278 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/css/default.min.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3740127f0af2a6c3f3886392bf3e0e3370f27daf0a26ff11a02b356a9c087bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:10 GMT
style.css
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/ Frame 0F82 		2 KB
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b3be7c28a35b7d715873caa924c0460fd12a822d095e488aa342dc1f3763824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
463
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:10 GMT
imagesloaded.pkgd.min.js
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/js/ Frame 0F82 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/js/imagesloaded.pkgd.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 19:35:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60472
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1810
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Mar 2023 19:35:09 GMT
main.js
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/ Frame 0F82 		5 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1da593af9f9e6cfa841500b6f862cee0ebafaab0c1f151635c1794687dd2e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
982
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:10 GMT
pubads_impl_2022032105.js
securepubads.g.doubleclick.net/gpt/ Frame 8407 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
sffe /
Resource Hash
3a2fa9999376fd91caaf7de0936e0d5c714e89a8c22de1d71bf701ae46d62bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 00:16:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Mar 2023 00:16:12 GMT
syncframe
gum.criteo.com/ Frame D2A7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=shrinke.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
server-processing-duration-in-ticks
4271
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 0560 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=d306a629-0d96-46e2-a572-4322c18d991e
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YXEJ3TPTG9BX3CJ47X05
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0560
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
68 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.3.54.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-54-123.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
56df68f7-09ac-48fb-9667-9425460db7b6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0560
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&gdpr=0&gdpr_consent=
68 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.3.54.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-54-123.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 0560
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117602199111697
68 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117602199111697
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.3.54.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-54-123.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117602199111697
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
v1
match.sharethrough.com/sync/ Frame 0560
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
68 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.3.54.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-54-123.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a31ad993-925f-4317-8f6a-e785237e40ca
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0AF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2JjAb7xV2oGGdJWZ1RtDY&google_cver=1
42 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2JjAb7xV2oGGdJWZ1RtDY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYsqvwwQEwAQ&v=APEucNXEWBiikY-aEYT2nhtJ20JpPLrEPbAne5toxP3HgN_UU-Kt-qy9cFhgaYPjuRrs1pm4MQ0MnisXivAk8e43MJM9VgjfOg
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2JjAb7xV2oGGdJWZ1RtDY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0AF7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYsqvwwQEwAQ&v=APEucNXEWBiikY-aEYT2nhtJ20JpPLrEPbAne5toxP3HgN_UU-Kt-qy9cFhgaYPjuRrs1pm4MQ0MnisXivAk8e43MJM9VgjfOg
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
image2.pubmatic.com/AdServer/ Frame 0AF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
42 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYsqvwwQEwAQ&v=APEucNXEWBiikY-aEYT2nhtJ20JpPLrEPbAne5toxP3HgN_UU-Kt-qy9cFhgaYPjuRrs1pm4MQ0MnisXivAk8e43MJM9VgjfOg
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:49:31 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug009:0:339
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0AF7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQ3RTI2NzAtQkY4MS00MzkzLTlCRkYtRkU0RDcxNDEyRjkw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIG4RxCxzGkYsqvwwQEwAQ&v=APEucNXEWBiikY-aEYT2nhtJ20JpPLrEPbAne5toxP3HgN_UU-Kt-qy9cFhgaYPjuRrs1pm4MQ0MnisXivAk8e43MJM9VgjfOg
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:04:58 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug023:0:668
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A613 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vNkjAw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2169 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cd1e7a6f936ce66e626a2cc41f28898ba85ade41bb3bf6c11366e4f0895e2ee2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67203
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9538
Expires
Thu, 31 Mar 2022 07:03:04 GMT
ecm3
s.amazon-adsystem.com/ Frame 2943 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g280a6d00ad7be33ee03
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R0DH6108TEGRT4QPHDKS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame 2943
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1709217890454926719&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1709217890454926719&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8092ecc8-0d7a-4390-bebe-8878334045bb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1722bbe7-7eaa-4bfc-a22a-a0695e0d90c8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=1709217890454926719&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 2943
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&ssp=yieldmo&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10610269616472883662&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10610269616472883662&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dbafd45a-3cc0-4902-9597-3c81aff2d313&ssp=yieldmo&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=262280004106006850555&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10610269616472883662&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10610269616472883662&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10610269616472883662&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 2943
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.64.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-64-181.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame 2943
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=vOMZ0imARIRUmMUOJp9Co5U4mbs
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=vOMZ0imARIRUmMUOJp9Co5U4mbs
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
34.204.64.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-64-181.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=vOMZ0imARIRUmMUOJp9Co5U4mbs
Date
Wed, 30 Mar 2022 12:23:01 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame 2943
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=MSSYBpbIiPIQ&ev=1&pn_id=pp&pid=561118
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=MSSYBpbIiPIQ&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.147.248.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-248-200.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=MSSYBpbIiPIQ&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5799967b4-rmqbh
expires
-1
async_usersync
ib.adnxs.com/ Frame 2F79 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11395&pub_id=1777764&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
afe1c54d-bc4d-4345-bbd1-90eea3e84294
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 64E3 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://assets.vlitag.com/
Origin
https://assets.vlitag.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 00:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 00:33:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/ Frame 64E3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/omrhp.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:13:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/ Frame 64E3 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/abg_lite.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:21:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8407 		53 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3699867477367657&correlator=2101682098194342&eid=31060438%2C31065613%2C31065751%2C31065884%2C31065787%2C31063246&output=ldjh&gdfp_req=1&vrg=2022032105&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2929720836&sfv=1-0-38&ecs=20220330&fsapi=false&sc=1&cookie=ID%3D6cc800b230009e1f-22540b4212d200fb%3AT%3D1648642979%3AS%3DALNI_MYG2BhT19VIdGYqtvl924hWG_F66A&cdm=shrinke.me&abxe=1&dt=1648642981293&lmt=1648642981&dlt=1648642980386&idt=879&biw=1600&bih=1200&isw=970&ish=250&adxs=663&adys=464&ucis=td1gz9vkz6qw&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fshrinke.me%2F4lpHNx&top=https%3A%2F%2Fshrinke.me%2F4lpHNx&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=308436159.1648642979&ga_sid=1648642981&ga_hid=1682996558&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
38486c1f06117d5e5fdddcb49217dd9f1537573919b130175fa8509796647576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18463
x-xss-protection
0
google-lineitem-id
5955512370
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385342037
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B304 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:01 GMT
expires
Thu, 30 Mar 2023 12:23:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame D2A7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=shrinke.me&sn=ChromeSyncframe&so=3&topUrl=shrinke.me&bundle=zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk...
  • https://mug.criteo.com/sid?cpp=WL9zQ3xuZGw3c2pKNDgxT1RCcmJhem1wbHBvWFR5YmFEVys2dFQ4RnNGYXBSZFpFQVBwUUtCLzF1VDdEaEhDeGNCSVFJM2hqZjQ2azkvNi95cm9RMEFJMkN1OUs4d1AzRDRBdVdGaHE5MHk5T0NNU3FpK0kxdlNmL015cH...
444 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WL9zQ3xuZGw3c2pKNDgxT1RCcmJhem1wbHBvWFR5YmFEVys2dFQ4RnNGYXBSZFpFQVBwUUtCLzF1VDdEaEhDeGNCSVFJM2hqZjQ2azkvNi95cm9RMEFJMkN1OUs4d1AzRDRBdVdGaHE5MHk5T0NNU3FpK0kxdlNmL015cHVhOEpKU01nYktwL0UvMDZYTWNCaGlSSUd5U1VwMmNVTW0xak9kZ1BlNlNjMDM4bTg1Q2N5c0ZYVFk0ZzBTeE1UeDBMNU1BaUQ5SnlxZGpkRlNKZVdzRVI5YnZyamVyeWVTdTNJQUd2em9IM2NlNWl5WXNLVXl4aXN2aXNkczY1Qm14VncrMVpWd2cwTVE4TUIySFM0aDl4SkpZaGR3dz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
63ee826563c39189c0d13b8d5cdc0c9b012e88ab295deaa0647afbc86ea50e28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4819
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=WL9zQ3xuZGw3c2pKNDgxT1RCcmJhem1wbHBvWFR5YmFEVys2dFQ4RnNGYXBSZFpFQVBwUUtCLzF1VDdEaEhDeGNCSVFJM2hqZjQ2azkvNi95cm9RMEFJMkN1OUs4d1AzRDRBdVdGaHE5MHk5T0NNU3FpK0kxdlNmL015cHVhOEpKU01nYktwL0UvMDZYTWNCaGlSSUd5U1VwMmNVTW0xak9kZ1BlNlNjMDM4bTg1Q2N5c0ZYVFk0ZzBTeE1UeDBMNU1BaUQ5SnlxZGpkRlNKZVdzRVI5YnZyamVyeWVTdTNJQUd2em9IM2NlNWl5WXNLVXl4aXN2aXNkczY1Qm14VncrMVpWd2cwTVE4TUIySFM0aDl4SkpZaGR3dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2040
content-length
541
expires
0
806.json
id5-sync.com/g/v2/ Frame 8F51 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
c4372613745d39f90e16d7ff1e268962936ae683c2d6fdc6f44efe3a3c23042a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Mar 2022 12:23:01 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
envelope
api.rlcdn.com/api/identity/ Frame 8F51 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://shrinke.me
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame 8F51 		154 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3b1f2730e274f3b9c5afcce42e3f454c37cdaf6023a0b7ca6365c99049ba9c95

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.40.5.77
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 8F51 		108 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
150dd86c4b58cf678535b5b9ce21f1f0ac605dc7f984b64a59414d6d5e685406

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 29 Apr 2022 12:23:01 GMT
background2.jpg
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/background2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d33472620bbfff26f87403751e7c7f87790dd692281e8d790c0daa31d9b2cc97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28387
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
background1.jpg
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/background1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed6ce02cf1ff003c750f58b658799f168254ac0f37d5a07f7d4964c9b41b5744
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26894
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text1_1.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		839 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text1_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a811b0327cbb46fd4d4192caf0424e3e14f8a037d94a6e818b7aac7db0e0bbdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
839
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text1_2.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text1_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
252e6020225f1203ac3e367b50cba4d7eb4ee3a225a3b5cf0cc4ac65be9cdcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1296
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text1_3.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text1_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fff5bd07300a6ba982f3b5a4ad538c682b441783fb2d929da7fae899c62ac78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1492
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
triangle1.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/triangle1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34bfecceb73c1ecfb81f4a750b75e432d54dd273bb9963d2bac4cee1f6920947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6542
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text2_1.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text2_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2a0526b10bacf815243584f29ccc3210070fa577349078c1aff15795b15bab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1222
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text2_2.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text2_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ab61566d4d06e5651185a9d3e04725eaf257d9913a1ed6d5508e42a256ff02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1392
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text2_3.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text2_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
547332ee60717c8e2d32bbab875eee5b20a95e0b2cf853307d6be4f17c8b96ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1300
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
text2_4.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text2_4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f920ab91842b979aba72f8872533dfcb6fdc6301b32fb3ef375c04c15938d1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 08:59:05 GMT
x-content-type-options
nosniff
age
185036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1304
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Mar 2023 08:59:05 GMT
text_FF.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/text_FF.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6a4ce5a33bebf43b6f703f5c7b946d9980cada76bb15d4b691bd38030ea1b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11128
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_1.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b01e44a753382ec593ccb0578feb0bab6b996d6729e181de1b34be5ea2d8219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1211
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_2.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670905ee3926d357e236f15b8805a8e9e5d1563525257c5cb3605924090abf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2238
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_3.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bd360a803c67f1de5915334ad1c0bfebc5c3f00cef7fd3cf9e83e18a3ae4907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1896
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_4.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2764084e23dde4cfda0293beb98f94d5c13c4e0bb8a00f05c5b010db7328296e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1632
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_5.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702e37774e23b39185928a452e32d803161e5c7925ee0cb1fb321f9a549f9784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 19:35:01 GMT
x-content-type-options
nosniff
age
60480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2152
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Mar 2023 19:35:01 GMT
logo_6.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f77a97c63c06720fd4be1b1c9b49708c19a31845c31e511977582df2ae13d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1987
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_7.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23d6c3e10f9a845feab9aa6dd11e4d6f035f3fbe3600f23f46c6820a9c7aa669
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2123
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
logo_8.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/logo_8.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f15f217e8bd1d02ed386e1c122adce7437b5952e9382de061d3f008d64c4b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1720
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
stripes.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		338 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/stripes.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
030f3641d401c58016ea807d744f073761527a58a381112027f91cbc1671d87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
338
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
overlay.png
s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/ Frame 0F82 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/img/overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1733aa36c03932cc2da7b5dc4b1020fb74b6d6f2354897fb6e8b230ae27eaf12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514085464728582780/10010543_22_TRS_BRN_REPLATFORM_DV3_AWAR_CXQ_EN_0_300x250_V1/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:42:11 GMT
x-content-type-options
nosniff
age
574850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1479
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 15:09:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 20:42:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD50 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8988eac03be1d69dc1e0bc0026620a19b858c662ad4b01ce4c1b5a485aba843e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10490
x-xss-protection
0
container.html
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BC0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:00 GMT
expires
Thu, 30 Mar 2023 12:23:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
806.json
id5-sync.com/g/v2/ Frame 81BA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
b1814367562398dee55ab9e562e708c7e111a0ea26f888c7b6aa428454dc98f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Mar 2022 12:23:01 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
id
id.crwdcntrl.net/ Frame 81BA 		154 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
744d69df11cedd161743200342e2b923be8e0f3826b0c632fcfe771beacebcf3

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://shrinke.me
cache-control
no-cache
x-server
10.40.44.82
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
154
expires
0
rid
match.adsrvr.org/track/ Frame 81BA 		108 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
150dd86c4b58cf678535b5b9ce21f1f0ac605dc7f984b64a59414d6d5e685406

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 29 Apr 2022 12:23:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 64E3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648494235360460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:01 GMT
index.html
s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/ Frame 6765 		79 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00ea380aa9569377a185aa7c9484b3cd6a7e08d988477f34e8382c7bf45067f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:01 GMT
expires
Thu, 30 Mar 2023 12:23:01 GMT
last-modified
Sat, 19 Feb 2022 02:50:53 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 64E3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrnKAmEm0wpg27pt5SPS8doyrUcXIdSWwTVjkjZBCXqB0tssCpNklo4A_zRgcwVAbTqqphyfJnoFxiddflvuV4uQOFzkbNh3Q4vpszlnl01rK5wnmnZTlQxAkceUiPIURSlHEwrEvW0oDYp0MiR41ZCzvt4crxLD5ti4mktpY8kxUw8AvkBDT6xDM&sai=AMfl-YRJT3jNT-SIL-4yRK8RfKHPJhXxZLrYmRLEsKRwn7qmQYsRGTyYXAmAe2UzhUulA-dVYvqTdg1AVrTnZywhlEo6xEgbJKcFgYOlCn_3h1g9fvMZCMdibewJO1Ym&sig=Cg0ArKJSzB5nJHKfAMLIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=337&cbvp=1&cstd=331&cisv=r20220328.73014&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
d.agkn.com/pixel/2387/ Frame 64E3 		43 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=CA&st=QC&city=1827&dma=0&zp=&bw=1&che=1025306777&col=27245680,3083823,328372895,520909880,166617811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:d000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:00 GMT
via
1.1 542aa1c3fd7431ac31b596fde254f388.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
JMjKaYNO4IUbLCtLDJHXuf5-eYwkQduyXssDvMcwvY3XqidNoYd3Fw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD50 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 64E3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 20:41:56 GMT
rd_log
nym1-ib.adnxs.com/ Frame 64E3 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F4lpHNx&e=wqT_3QL2A6D2AQAAAwDWAAUBCKOXkZIGEOS6uLvK4IHKUBj_6rui2ZOX3BcqNgkAAAkCABEJBywAABkAAADAzMzsPyEREgApEQn0DgExAAAA4FG4nj8wiMKPCTiDWUCDWUgAUABY9-KIAWAAaM2MoAF4p6kFgAEBigEAkgEDVVNEmAHKB6ABWqgBAbABALgBAMABAMgBANABANgBAOABAPABANgCAOACgeJW6gIZaHR0cHM6Ly9zaHJpbmtlLm1lLzRscEhOeIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGMoHIFooADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAJRdo2AUB4AUA8AUA-gUECAAQAJAGAJgGALgGAMEGBSAcAAAA2gYWChABCS4BAFwQABgA4AYA8gYCCACABwGIBwCgBwC6Bw8BREwYACAAMAA4tARAAMgHp6kF0gcNCRE8ATgI2gcGCSdE4AcA6gcCCADwB8T_B4oIAhAA&s=9d8315489bdd19bcaf9e0d1b58f8a102fcc17c4c&bdref=https%3A%2F%2Fshrinke.me%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fshrinke.me%2F,https%3A%2F%2Fassets.vlitag.com%2Fplugins%2Fsafeframe%2Fsrc%2Fhtml%2Fr.html&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:01 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
72ecd417-85e2-47fd-ac9e-9dd532700ee7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 914D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw07Ln5KkAIf8HZCYIx3C_jfslx36ATgGZZi8EvvktprvkslVAG-z5Fe2KEP9d-2VXoTM91S97DKsosKLRwfX3xYxcBmJ8pYwCGg&sai=AMfl-YT_cTLGO2BGWyvjgRelBxWQ0E_0fislAr54Cb7-5jhfcFkrbg_HWKKX2Np0Em8x9eq1rNfOzrccnSMApbBaP0vqgaQe0xZK88bCheA7yiWCDKbQMn5iYiH6gtl1efc&sig=Cg0ArKJSzNu6tT_9BGOJEAE&cid=CAASJ-RomS_JZ6fvgHGUiE2a-sOtnVaR1gjK_UXOpu6YW0SyBffGSLsAgw&id=lidar2&mcvt=1052&p=164,632,414,932&mtos=747,1052,1052,1052,1052&tos=747,305,0,0,0&v=20220328&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3910693916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648642979956&rpt=537&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 3BC0 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88a832c4111e0b3790c12bbeffd2ab3edce59cb14106de52e2b080062e3e78f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 11:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13100
x-xss-protection
0
server
cafe
etag
4486095307292073227
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 11:31:35 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3BC0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:41:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Mar 2023 20:41:51 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/ Frame 3BC0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/abg_lite_fy2019.js
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:11:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
715
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:11:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 3BC0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:15:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BC0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648494235360460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame 3BC0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:22:25 GMT
l
www.google.com/ads/measurement/ Frame 3BC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWKBBfAd330KkZyT9TdoiLUXQFxoyD3TPgAvhKmL8SeAnakPHADa8D1PGER8kvuxACTKovsWYGyd0feTVfJUo8KJ3Qcg
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
/
px.vliplatform.com/iv-v4/ 		0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/?e=rNMZAaRrtNrtl0zghRzdNoc-qyAtUYaU-BAMY-PtUr-waUr-AZAqrZeyUryYRqxeNco_MZAaPPPTZ_MRwNqhhftbxlRlmNKYMbaARdzNwqfftkRrdzNRmNPPPTZRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx3RNtgVnFw398Zkl0V5j%2BQWE7G%2BiVMqTq6qO%2Bd%2Fo4YNgnxBj3TVpQ9fHkHifzzp%2BSsN%2BJM63IrVseC6RtelIbVNQPJcw2%2Bd1K7UuHl%2FZPB2I%2BhCTYkJlDJp1LkV7ZDOSrRlyQm6g13nPwkJuu4FYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
no-cache, no-store, must-revalidate
cf-ray
6f40d06b5e1eece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8407 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032105&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2aec5e6760ff87dca36c847d3852533bc2241ad76ce8cf2fc470220112745ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10550
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A74F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYsOaWWdSuNBqYPtR0tTlKYnY4zqa0HzPFwO3fkoxuAm1Sksqq5qH6YUefCkuQgbec955G2l-PWHCvxCVRXZ1nZCeuQnnpDgngyEsz_5TguG8ZuooGkEMrYt3hfQVJda-PNTIwvDirrN0EQHpUwWX3qcZdKdMViIuX5qnARMauh9sYHeutEFMWmsqICv_eCUAQRLVWQts7qHfH6VymmqRrQ8C1bLOaOdLoiqFNIPZdKqG3zibbWgYiVfLOZoQWkSy5WeFEw4POb2erdbbZoVYF1MHgOiH_aBfmtMVNtdIBp3h3nSHbpQ1y34-TWm1MUWpgC0ZWuOFn&sig=Cg0ArKJSzCT1eDQupHRVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A74F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648494235360460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:01 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6765 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:57:33 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 6765 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1100636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34868
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c604"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H6RtLexhYt0y5JDRHxsmkpyzjBHyhfgoKe7SYWF8LyL1v18rR%2B1UXFa5Qu3OTw7Pptwsfi6PK4yenxYybUMcp0uEl8i%2BfMDV9YceYBo%2FCprpMcP2ZHYcUOkjCUzho1%2FrcD%2BtFIJzw%2FAYusahxpp0O6A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f40d06bd83a4bd7-YUL
expires
Mon, 20 Mar 2023 12:23:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8407 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3344 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
39470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 01:25:11 GMT
expires
Thu, 30 Mar 2023 01:25:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B75B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2f70e579d45f5815be390a6324a4249876ccbaf2712d09afd4fb92cb496c8156
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ucGuKenVkJQYYs5b5lE3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ucGuKenVkJQYYs5b5lE3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:01 GMT
expires
Wed, 30 Mar 2022 12:23:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F97A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
56464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Mar 2022 20:41:57 GMT
expires
Wed, 29 Mar 2023 20:41:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8407 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3699867477367657&correlator=2101682098194342&eid=31060438%2C31065613%2C31065751%2C31065884%2C31065787%2C31063246&output=ldjh&gdfp_req=1&vrg=2022032105&ptt=17&impl=fif&iu_parts=211182487%3A22476148198%2Cwww.shrinke.me_Display300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2929720836&sfv=1-0-38&ecs=20220330&ris=1&rcs=1&fsapi=false&prev_scp=in2w_key%3D148%26in2w_key2%3Dnope%2Coptimization%26in2w_key4%3D--28gz%26in2w_key5%3Doptimization%26in2w_key6%3D--2qgz%26in2w_key7%3D1140%26in2w_key8%3D148%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1%26in2w_keypm%3Dgpt-passback_1%26in2w_key9001%3D1&eri=1&sc=1&cookie=ID%3D6cc800b230009e1f%3AT%3D1648642979%3AS%3DALNI_MbPhFrjkg9m0OEGvOGpFQOp17t9jQ&cdm=shrinke.me&abxe=1&dt=1648642981845&lmt=1648642981&dlt=1648642980386&idt=879&biw=1600&bih=1200&isw=970&ish=250&adxs=663&adys=464&ucis=td1gz9vkz6qw&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fshrinke.me%2F4lpHNx&top=https%3A%2F%2Fshrinke.me%2F4lpHNx&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=308436159.1648642979&ga_sid=1648642981&ga_hid=1682996558&ga_fc=true&btvi=0&a3p=Eh4KDmVzcC5jcml0ZW8uY29tEgAY2v6d1v0vRQAAAAA.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
a92fedb4e59e019657e4241d407f6b8a67196f75d4129d46905e18cfc01b7f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9484
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 64E3 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:01 GMT
Content-Encoding
gzip
Age
2949873
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21929-LGA, cache-yul12826-YUL
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1648642982.894498,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
1, 116649
view
googleads4.g.doubleclick.net/pcs/ Frame 64E3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrnKAmEm0wpg27pt5SPS8doyrUcXIdSWwTVjkjZBCXqB0tssCpNklo4A_zRgcwVAbTqqphyfJnoFxiddflvuV4uQOFzkbNh3Q4vpszlnl01rK5wnmnZTlQxAkceUiPIURSlHEwrEvW0oDYp0MiR41ZCzvt4crxLD5ti4mktpY8kxUw8AvkBDT6xDM&sai=AMfl-YRJT3jNT-SIL-4yRK8RfKHPJhXxZLrYmRLEsKRwn7qmQYsRGTyYXAmAe2UzhUulA-dVYvqTdg1AVrTnZywhlEo6xEgbJKcFgYOlCn_3h1g9fvMZCMdibewJO1Ym&sig=Cg0ArKJSzB5nJHKfAMLIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=665&vt=11&dtpt=328&dett=4&cstd=331&cisv=r20220328.73014&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
8038497795295426648
s0.2mdn.net/simgad/ Frame 3BC0 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8038497795295426648
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15ee97dec5ae7b1f3bc44dd63f836c7c4d43e89b92d07cd737a4a397911fe854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 14:40:38 GMT
x-content-type-options
nosniff
age
78143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35304
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 21:12:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Mar 2023 14:40:38 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3BC0 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfQUk0d5GJuJZpnXut9oR6-zRN1FdzLfXO0UcX_-ziej1N-oBvzCMoLYOoI85DrSWQllKBGCnvfoOQPSCONd1gKpfvn1KnKQqSJpalGsSxatKWLhxqUVdPsV89HRAo9lZW8eBT8zk7FJPYUI-2IldbHTsE_Q&dbm_d=AKAmf-C41adPuWJN6K7QJdfTupv5ZKtTfvB1GC-mG9I9cH7wd9CJwPaF0sHVqpn5puDYYkVoHzB1YZFcc5cqS6aigU1u8ltmmLs4Ol4i97mzd9ffFFeslVzFsd06dWwDU-9n3EKKgG_37x9WwlOotTn8HNhFhv19WNlme-wwops6aEBgj4pfiBkDh0yOvb31QfzTqwlmx7TR6wSeygB6fP-yBn3GSPfeszYwF1AE1wIwHm7n2jE75c2DTrg-el-LD8z9E8txOU71eh75m00ol1Uo7A2sNLhad1l7BQ1gdrDG4t0wLUAEAJ9LedwmF107x3s6Wse_QX3MEC3OqeuEw9VfjiXRYxEHcFM4RUSULf2FhW5VtHG1_aAt4PT3VO6i-016KdPmeaoEsFWYNYWuUbD4DzFmGvXH_dNhHTxqUZb3hFis7GBdVD6xNFcqLHWWSGdcZDyYEU7QnMIm8WDR_cqGgp3Hmh6a4HrJtezgapY9TmFewvLEIbdfSUpIQXbbVMpc8bHN80pCX8jpNDFSw3IdX_KuwvRCMUOO1-aQMrWV8ldZK57orF47Y-7ZSnB2MbiBVWe1U4uP-nFNDQiZa7AnFQruTYZnKLYMUSrdOpVYaQ3N2krUHsfUXopJmjnRsvsZiXgwOM3luAVmLio0UGRs6VLrXtvGVLLDHko8L-PH89vOLB3Pm5O-ovVomlOtNMllXveC74wKOvjQXRL6Bn3G2iFJPCZemrVKnPVc33iSvmVhySA7UKi4-IfNZ-_ZQGipMXElwxO2UIZmPmdEm-tyjML7I_S5n8HUc3JxBZuLtbLtGHWefWPBRkiFGY2nAn-VtjpI93PFvFEVQ1ZNU1yKulGLxiDiipPN0ANM4by3Ak9PQrMZijUf_IxOlPjXRg1mJVcNW8CzhgLRLq3uf6-UBH31WRHeR1SMMsAaD5qxkEA-AAWp6hQJnUx-zbRmJWPXf5KQgJxGEQg5ABmxLBKvkZ1LWv0sR7pJAA143qo9gfVHhh18t1_ih6rcH662w-VYoow4INErwgdm9M-2PbVFWP2f6WR6vSCyK5x1VsD01IaKbhxk-q93YM4-bbw5uz3I0sBFNSvauwyZnywMNPEtTyMmLEFUQhfxt4UQtOp-hRvdQX6stIwdY9HBgdoNGePvxoYua-jMrj5kRo14p3nyWtMz1hoLEn_76mMMuSKLRGiqInVS4zTXi57bPrTgLxLnfzkfYDT_r3yUtvfQuw9CTNJ0I5cDkYTc32I8vTtnban5wT_B5PYZf32ZZJ17LZ2wroCKi2HNx3csV9O4kcrGAWWC0QQB3mrLZG5bq_OXv5vYWmxBJWsXABhzAMJT_g-loVxljdIA6PBWHW1TkuxRBLtDc7568cJB-Ldbq_4ki63C3tmjVtpnphsG4BrSMqIalNzrboNwfj7uG7PUqTwmJoknXWAutRyYW9A-WeBJ1vtJM4km0MeSIocflxdWKUSYzEoxITjxH8MAKYwn2p-JfUK09-8PV8fr84dBArWRrt7P2MyLxsdZxB8R6MPNQP-LylG596xXNJFLg67kT9CVrzSFfqimkrU3y4nomBO8lLdUFiCZn3hGWvgU0U5xS0KVHrRXq1t1_CZQaJldcfaSmWt4HwnX49Zh61qVoCEwgvcHENU3aIbXj74rdJe56XmmhEPeQsJ2Xsa-KijJMLxLZnYHnvBYdy5gA0yVb3C92QE6w1tIp4F-4CK-A4vDmc3rdpf2jR3ecWI5oWez7X7Y1WTG_h99JilQqRcS_JwHEbqKBKKS4XXIryP6h0v1Uv1BDy3WGssEPmWclruRsvJiibtgjCk3mhu_iwwiR7zjnepWrB8f2Y3ue76cYinkGDUFuQcO7kATe-Qa_xZ2ZcgfpaD3dCraUqCaa5Jd6C_eEf7Wuoj0h5bYqummRyoFwKMQ3G5zO4A1nYtKvnkU7yD8372LmpYvG6q2Q36CCLSM6XLCczSNB2fOrnYaLRRW3iaKuB4VLZF4_1xw-AIf3HYeZljBRQ3a__7UUnGFWOMXnNL8cbj2pkucVchJfcPOdrYjpcCRcOdPZ6UnyPXrec_1eL28sTXJJg0gqAkbCKvRKVvTcyVHhb0HL_1Fc-AvVICyaHX4O9Oa2TmxAxNL6AZpCsorj9M98X5okQpsjoZd8ze9z9qYZYrdpw6G-bWZ0Yr_sNk3blkcb4KwCxhkjCtmyp_on1e-EcEwZVXtyA5H1c5KULXK_VRtISqMB1l0RPgDsQ01AcEDTBhoA2VackXZ7r1MhBdMUlifg2ySnIvX8aRex3k5v4Wak2cUUpnEvIaCS8DHSiAdrGYCOqO3XE1C0_eAbnP7Dmwjfjx1O4xXltHwZBLdmp-2zLzOf-GGR53weVTWPQontRoM6GCeOrP7Pgysir1xRQ1Imk_PVAYRvA1g2hT1PCUwZ5ECiHFiDWi2mfuSUuq2al-YmxR_s0s6KLInIst0YrsHGkJdU9dGdTw8xrqiUC8t3oezNHfk1NJiEboYQZIQ36WPStjKjoFUutTXOu_F56PSxURSoX-i4IxMWXKWp6ra1IEEnY5KURbAk2bWCpS5uIKQTcNDpJ3ICwfOTq4Wuw75amVUP3dGY2rodUiizWLYYUo6NfImEfNunP2l_rfs_To_3Z8n6sA9UdxHJhfGRhDmuK_0qu3lmN-A-GvZhGtvIbJXqwk879CZGkWNXKGlb7jotLnOO98fnTTQoh1kob9t-y0VU55_L4aWT3JzMaC-RE1zggUl6Dhk1mgAf-U-POH14ERG64pQ83lciEsmtei1BFY5XjXWtDf99AAzhu6-1YUJO-ik-7oPMNeE3LCHNxoPmwcLuocxgJ_f21eesYNqGaMq2qEW3f-30_9re6wsQsYXv0rimBguIIRWvTUDiS4ZQkOxeSj3fV5n0tAANipHkMZgXmbNQo1XW6SGPl16Qr0wXXhL2uUnlVBGVnZG96mF6PYAkVwhSOiYNr8hdnuFBBmIPQ7ZeiLgO-VHfSBYe6sxh04w9fyZslCKvSwoxRIf9Hxw4nP9KtjQ8usiM8EPLp2iEh2Y0TqJmlntIUw&cid=CAASJORoC64weYhdgJJsQfBoZ0Mjt2-HDaNataOxJPCdZHxBMz-taA
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3BC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7jEMpUtEYq80pcij2Q_a94awA8P62MxnhK_m7asP6Kq2lYsDEAEgp461SGB9oAG-34C5AsgBBqgDAaoE1wFP0P6DX3WBvGoEoP_NJr_uZIeFCP_JqD4AKby29W9QVSD5it30L26vzdnmOqB95ImqN7pnSj5h93rRc6Zj5flBl_CCbLPyxPLAvrLOuz6MzU9HZshuqA5I8NyFBYlEpVzSTH1ingviLCrbj4liXl3qz4KqVARKQZY8u1CrRsteovzZMIjEaeFazpeDM3BQY4YrxXXCAmLKmaSyAEOUopdFD6LVQciQWItOinFCajXj_wlf9FWn2Gj8dlDM-MQmnuCKPv8i5JcOKmdkr2U5_xmoO9pfhXGT2MAEqYL_n_gD4AQDiAX99JXgOpIFBggDEAEYAZIFBggbEAIYAZIFDQgiEAMYAUjphKoBUAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB6qg_8YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ3sBGGOWvur4B0ggHCIBhEAEYHYAKA8gLAbAT3JnWDsgTzrv73gPQEwDYEwqIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItMjcyNjQyODY4NTAxNTk5Mhj3uRw&sigh=kPihmnBPvuI&uach_m=[UACH]&cid=CAQSOwCNIrLMZ-4UD487bW4cCIxB_MgM-Xv-XUcx_SEd2bhG14722HKeps5ItZTVk1LCSeMzFsfLX-3iwOpw&template_id=509&vt=10
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame A74F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFf52As7UIpZ-lUAIRS4bQr_0LBACE8yx5VDo_Ggel2BwJzlrqiucpNc3T0SqktaMkEmBzStt-WoQ8VF7Q6gFQoGY0nA3MUFWu51ix3-Eg0A-Q-qD82gx5FKRde4dea3ViBNopRTUs5UmsUQKUwE20NYfjyq22tLxzTD8rDJgvXOXzmGZY3lKWOxDtYeNCCV4QE_CLedJkTuRqD1pERdo_82mD52j48c0ASQ64xl27EVT0laDD2Q_epztjcwmyRnD-jfnOiFmmn2OtugzZNwhcFiLrf-3ADLj4i7vi4lFB5S1Zf1RgdM0agSZhYXu7AII9rqScUKkTksQ&sig=Cg0ArKJSzKl5qyK0wGTIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 30 Mar 2022 12:23:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 83D7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
1687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 11:54:55 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A3BF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
72120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Mar 2022 16:21:02 GMT
etag
48472445140208031
expires
Wed, 30 Mar 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3BC0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cce24d312f79a8b04b2c2725db38b0dab2000aafb685d9c0c931106736aad4b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2311 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
39471
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 01:25:11 GMT
expires
Thu, 30 Mar 2023 01:25:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A7D 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1dad72b7f43a44149784ba6c1c3cb54dbe71835977795b64cb1b3b2767194be1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YpSwVwA8agF+xEkgF0gNBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-YpSwVwA8agF+xEkgF0gNBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:02 GMT
expires
Wed, 30 Mar 2022 12:23:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame A74F 		0
0
container.html
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032105.js?cb=31065884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:01 GMT
expires
Thu, 30 Mar 2023 12:23:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 2F79 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11395&pub_id=1777764&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11395&pub_id=1777764
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:02 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
65f88c45-8e98-4767-8f38-963f89422b79
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=320348028423160&bg=!dHeldzPNAAbzJazn0yU7ACkAdvg8WmWWaOVkyuo82NWlgUCnaI4kcWo2GF0fGYlTnqURPFu7Hd_rGAIAAAONUgAAAAhoAQcKAAnExbDZyJGwiWiZAsiaQ0K9fiR834PjT6qep8NobQE823W-IPX2C2hhi_WdYP86yWylWi52QOCkRvptvcZI1wbJE5TtJ9eL5lh23fkuWPrbGkjqPIi2ZK7xba1ACHvVv_hCin3u-H-tEbt9cixO9K05ia-Rjw_146hP7KoPKUFLqLa1xe8JjkB_rP78N8AUh_hzj8KtAyVjw4aYgU6JFUivaYEKRu11m7mtgDpw4IrxoiD2lr0al5u2cFcAF9r0KVXtuPEwus9eL4sp_HoonFWppcQX9aP0668E9ifLRzXaml-41g72sgSPRZwXaKJdRY2nb3cGoU36pa-mJF8P4NmXJn8C7KQ32vtdXmgmCPGEjYyiD1o9wOu-a7PcBTHIKebEsI67w2_C3NyTOg79upIUrB_u9LndrbtdUKFhyydMKxv_-I--0HC3mbu3aO5tFz93eQuypasLg37Di6TKlIUPiVUFkvNGSda7y_h34SPoiuf-0ou7fbPS67ruNff5HD0Po2FBd62QcjrxovBgFwfmL87BDeaP61SsaVZEoqbTxUaxTr4j_mzVezq26ezGOoP3nSHbgHbU6dEer0Wk5YLY5wSltvEo618P5RbffV_TvbhuerTdgD8sZ6KOtLID8UqAEHh7EK-gTVtDcMCXzOwGmrGXjilyr2vKFdfarSdurJXmfvnCNbWCoMduNN_1FzcFBuwJ6Lyfe2DqcIyMRy8Bjz_Or6gHOENHx8fm4EtVSB5gblf5Tyy6u7v03y8RDgA6ErQ0SfxUqqudFDFnA6bJmxl58voHAZHOiDsZKeN7jMkC1ivTTIP7QhkIWO1x6PHBVFbD4EgJAzUYsZGRThXtk79avS1CREccqxkN2MuB2T-fs6sLsry-R5za0nOen479-KTYXXdWe-hQTgNh1_uG94HU3XSX4VgP9Zy6fg3W6X-l6-lHAu5yVXH6081IcR6YBFio
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame 64E3 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F4lpHNx&e=wqT_3QK8CvBMPAUAAAMA1gAFAQijl5GSBhD8mLu4nrKKkhIY_-q7otmTl9wXKjYJ6wCIu3oVvT8RXJrPd78juD8ZAAAAwMzM7D8hXJrPd78juD8p6wAJJNgxAAAA4FG4nj8wiMKPCTiDWUC8CUhlUPK5qKMBWPfiiAFgAGjNjKABeKepBYABAYoBA1VTRJIBAQbwW5gB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCGWh0dHBzOi8vc2hyaW5rZS5tZS80bHBITniAAwCIAwGQAwCYAxegAwGqA58GCugFES_0SQRhZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DUWtGcm8wdEVZdk9WTklQNnp3WFV0b0FJdGRTRW8ybTN2X3pQMFFfNExoQUJJT2FYMWlWZ2ZhQUI3NTdnbGdQSUFRbXBBZ0d0ZC1oVzVLby1xQU1CeUFPYkJLb0UxQUZQME50T0FqRmJHMldMeFdTLXhrOThoTmFpZTcxQzhRVDQxWjZWajRDQkloN3loaWtqbVB0dnNFN0JOSjVNdERySTcyNlJNdzZ4QWYyYWNLX2F1QkVHUGtTZXFGWXhKVHN4SXZYbEp3OWxMVGxzbzNyTnM2a2xPNWswVnhTeFdRMlJlNGVaNFJZNGRJWjNRcHI0Z0tXZkVNdC1GWlZta2p4akVRdzI1NlVhOVo1Q0dxclRFOFlUMHhkTkU1em5NV05PamRraGhrUFdTY3FKLWNBZllRNlZrWVdTN1NQLU9hbHRrTW5nMDBOLVlkV2Y2ejlUOEtNMUVyRkRuWGpkRXR1aGw3TGYzUW84Ylp0NWo3cFdUY0NMSGdOUnc4QUVfcGZNMlA0RDRBUURpQVg3cHV5ZlBKSUZCZ2dkRUFRWUFaSUZCZ2dkRUFFWUFaSUZCZ2dlRUFFWUFaQUdBYUFHVElBSC1lQ2ZhYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTW4zQmhpeXFfREJBZElJQndpQVlSQUJHQl95Q0E1aWFXUmtaWEl0TlRBNU9UYzNOWUFLQk1nTEFiQVRfcGZYRHNnVG12NlMzd1BRRXdEWUV3cUlGQUhZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD1tSGI0VHd4WWZaayZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTQk9Sb1JUTSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxMzA3MjE1NDk4NDY3Nzg5OTQ4IgkzNDI0OTg1NDYqBzExNzA0MzM6CTQwNjU5MDg5OMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAE8rmoowGIBQGYBQCgBYjjiL_17cfEY8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBv5J2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTYxNzI5MTM1MzG6Bw8IABAAGAAgADAAOLQEQADIB6epBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=a8a446017df130636c2d5b68f7aae9e4df57b935&type=nv&nvt=5&jm=1140|1141|1143|1003&px=0&py=0&bw=728&bh=90&sid=2176753881688982605&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19128584&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:02 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d397429f-c359-49e0-9b9a-8121ae9a02ed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBE8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoATEo0tEYpO5GOS4hQbp2onICwAAAAA4AeAEAg&bg=!a2ilaCzNAAbzJazn0yU7ACkAdvg8WtkTNHvIpAEFCEh4B_cKNPAaIJVxDWse7q3IIj8rYrtd8wi-GAIAAAOcUgAAAA1oAQcKAEYRBNvkYdnBfFTQtPXKJ2QcJYM9ey6U_viPtBaUoz42PaDK8DIXpS5K_Ir7A7BE_oE-Vu4XIcxC6q4LBZeZ0XCtV7woC14qmQMP6dRKMyReeNNPniyIWOlMm58Cw_BPZg0vCC65clgAR3NQA7P5GAUFRSiaxtt9BFdHz1_O-Vs1bxLe0ZPM29_g8dbR0FXzS3KvrvQ0zt8e4rQrqmSgCzUR5ZXEnJKU4E3yPJPYAchrtMTNumViVQ0C70bJ-qWge43uspUdNo3icK5pkrcMEjNVp2wsIqxZSEx3X8ggLHDZ6IMWIG8dtgdnBb2jpvo-M-HkihKqIhgm8P9SJqmF2gy2-x2J3rpfNdUIrVeZJrgcrI47gJOn6wa1pZsK6waFECoulM3xr2joYaeg8AFqfPRpMRfoXI5VnnyjqozsyxKHB9QNmkIspOX6P5_4Sie7oCm8g90cfh-3I7SGYMlfTnTcJt-2VWPlEiT7XDfImY7Iqi0rHUJf8fe7GEdkqyitod6q4dcEWiP8Coe92zZiy7-XDcHWswd2hmYqBD2tD0oyRNipvVyhO0MAoNKXg0Xz-ng-3qMO4dLwcQcp32VZq9L9ba-U1RA1KfsCUd12tlJPv1tkkTqJEyJZ95DQz1MQ58pegb4qxcJoA2JlIS9uLu5T75sTwcEheAHVtJt233SZfFM75u2tFhf6mAtCo2lNWSWJPUoWoi87sP_uRgANjE_oeZUZUBIAAfz6FY7ltMQ_QNVBmMrN5VZMI6K2GmTcJmzRs_FOAbzlfmIPJp2GGtDo5W7T9HZoSkk786j7zoSltz6ROq4ksuwjsuSUoGvcYFnoK18inFcON3s3cVBCxDuwO-XLQaxS0cB4rabm-lDtIIKUYTjZprdXoTEOM8GDovln4QABySwXiENP0zTrrEYJsf_6_XEZL0OH5OnDNS9XyBMFIgRdIE0zy6fAAc9fsQSkRVH4kZ_1-OA3kEPY5L8KMuP2SfLhRdImp68Kse7i8LpnF5kkWVsfrf6vM6cWrBS21J-74VYPZDZE4DkZX4iW00UwhuW9A33H1onpLSMfEP68XbT91WOtk9_r2u6_JSyr5cZ9Inutmf_uuW3KqG6sHZaKNaphutHBXpEeAOA5JEJd34sPTkBH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6765 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
deb949f43f61bd695847d1cc9624964ebb50eb954aad1b8219dd6ce40068b2a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5390
x-xss-protection
0
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame F97A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
128840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:35:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B75B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=1355483729956619&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEFPHYjfhBpFaBQeZmbutYuc&google_cver=1&google_push=AYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sO...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw&google_cver=1&google...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw&google_cver=1&google_gid=CAESEFPHYjfhBpFaBQeZmbutYuc&google_hm=UTcwMTkyOTM4MjEzNTk5MjY1Njg=
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AYg5qPJhhsP_0HJeIKOFi0m9M24YHOkT5vUA5ObDS2pWJ3LP415BqiKKAVDRt-vGj59sOfcotpB0fe5p0rtexiYYAUeG92lqPTw&google_cver=1&google_gid=CAESEFPHYjfhBpFaBQeZmbutYuc&google_hm=UTcwMTkyOTM4MjEzNTk5MjY1Njg=
Cache-Control
max-age=86335
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHOlizWzl8BaQgnsxWjDVX4&google_push=AYg5qPI4FzNHIUQdAzcoAgXKMN4seT-UqXt4VIoDx5h_apGDZlNBseN6jZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHOlizWzl8BaQgnsxWjDVX4&google_push=AYg5qPI4FzNHIUQdAzcoAgXKMN4seT-UqXt4VIoDx5h_apGDZlNBseN6jZ05_LXNZv2M0MezAwkD-v7V81GKkoQ2AmJgh5HJb5s
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1648642982.427310,VS0,VE15
x-served-by
cache-yul12830-YUL
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHOlizWzl8BaQgnsxWjDVX4&google_push=AYg5qPI4FzNHIUQdAzcoAgXKMN4seT-UqXt4VIoDx5h_apGDZlNBseN6jZ05_LXNZv2M0MezAwkD-v7V81GKkoQ2AmJgh5HJb5s
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOu2oSqO5xpCYnQKxf10fbA&google_cver=1&google_push=AYg5qPLWdTmUeLk90dltzUxs8TmOzFkrIGRRyqTsNFI1rM2vNNN4FCkgbRAm2tSzCYnCnGSJz4v8ZlQgjPRmLMK1V3...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDdiNGZjY2QtZWVkOS00OGY4LWIwZjgtNGZmNjk0ZGQ3ZmFk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDdiNGZjY2QtZWVkOS00OGY4LWIwZjgtNGZmNjk0ZGQ3ZmFk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDdiNGZjY2QtZWVkOS00OGY4LWIwZjgtNGZmNjk0ZGQ3ZmFk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEJspflqqJt3YViuCDbVIFKM&google_cver=1&google_push=AYg5qPJaQ1Wbta-2HdnsChN6GBcoDUv7xSN85UYzGc5b1BoXwUTHDUPo3VrqYf7Oj70JhvJf1zwSJx8bRtVe71mDMJrDRjt07w
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUFDQzZGNjQyRTQ3MTg5Qw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUFDQzZGNjQyRTQ3MTg5Qw==
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUFDQzZGNjQyRTQ3MTg5Qw==
date
Wed, 30 Mar 2022 12:23:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKYqLYUCqGy1m7JayUppkYVXcmdnhxnSqm3hyCKv3L2ElTr8K22HwoGLXFA2xPfwb4jlnhjsu4n34...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKYqLYUCqGy1m7JayUppkYVXcmdnhxnSqm3hyCKv3L2ElTr8K22HwoGLXFA2xPfwb4jlnhjsu4n34Gx8MrVf4n9e5x8nXY&google_hm=2c420fd2-abd3-4224-930...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKYqLYUCqGy1m7JayUppkYVXcmdnhxnSqm3hyCKv3L2ElTr8K22HwoGLXFA2xPfwb4jlnhjsu4n34Gx8MrVf4n9e5x8nXY&google_hm=2c420fd2-abd3-4224-9303-8a017d8258fb
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-13
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKYqLYUCqGy1m7JayUppkYVXcmdnhxnSqm3hyCKv3L2ElTr8K22HwoGLXFA2xPfwb4jlnhjsu4n34Gx8MrVf4n9e5x8nXY&google_hm=2c420fd2-abd3-4224-9303-8a017d8258fb
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAYaLLDeS4kblmVRgdO-Ce0&google_cver=1&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEAYaLLDeS4kblmVRgdO-Ce0%26google_cver%3D1%26google_push%3DAYg5qPJ6B02TgKp3Piu0XZ...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4400094246947355239&exchange=193&google_gid=CAESEAYaLLDeS4kblmVRgdO-Ce0&google_cver=1&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9q...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MDAwOTQyNDY5NDczNTUyMzk&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MDAwOTQyNDY5NDczNTUyMzk&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph21HUP6q4z3vAq7EBLJ0
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MDAwOTQyNDY5NDczNTUyMzk&google_push=AYg5qPJ6B02TgKp3Piu0XZVx8So-btlfAxBSa4S-EcX9bsgxzB9qTKF_uv3S2fjK8x1R0wu_U2sh19Ph21HUP6q4z3vAq7EBLJ0
Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A3BF
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOaXgztUVNIu5z6sl4MKdRM&google_cver=1&google_push=AYg5qPJ0S7VJdRXeNz0uFnGvYHVGrTAUWwORIYFe-O9RKvQHyh50cI0JBietyx5W1w...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPJ0S7VJdRXeNz0uFnGvYHVGrTAUWwORIYFe-O9RKvQHyh50cI0JBietyx5W1wyCCZjmtmKx-cmCwxat6UacTmXxdJx5XlR8&google_hm=Y41...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPJ0S7VJdRXeNz0uFnGvYHVGrTAUWwORIYFe-O9RKvQHyh50cI0JBietyx5W1wyCCZjmtmKx-cmCwxat6UacTmXxdJx5XlR8&google_hm=Y41L8NbFSA2kh8Q7MLDhILs
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:01 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AYg5qPJ0S7VJdRXeNz0uFnGvYHVGrTAUWwORIYFe-O9RKvQHyh50cI0JBietyx5W1wyCCZjmtmKx-cmCwxat6UacTmXxdJx5XlR8&google_hm=Y41L8NbFSA2kh8Q7MLDhILs
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A3BF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-2UqPOvv94-6AXpUozjSDJRjXpzyecRBduuhWJOK-eUdlbGRsuky7_Rppscpg1SxSBfixyCU
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
footer.png
s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/ Frame 6765 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/footer.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eec2d2339c94267837e4c52a9736a8fc7cc7e2ecb4bc8b2c981b501cdd43ab0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 14:47:02 GMT
x-content-type-options
nosniff
age
164160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 02:50:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Mar 2023 14:47:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1235 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjSytrGATAB&v=APEucNXZ-EL-54SF0iBCQ8eSTB4VjbZs4mg1HRlKWREQEOTOheAZS-SYzYn2ADc9Og9QCmhY1G2ZbsUHvDF_cFGdJLv8-0FoiQ
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D8CA 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoroWM9w3jV9nUTpULGh7eM8qU0GGasAgH30_YykbOaikRUl1sDGpf1aUV-TWDlqshDi4zKQhxunZyJnyMvSxVijB_trtPEmkvzFUuVedxwPxBikqlpPpgQtpQBm4UJGMtTUwEXJIDj_oFans-1gBRosXhNg&dbm_d=AKAmf-Cp98PAWVDYH4D-onfy02hZfwE-Du90zz-B_XV8ufq7h3KvrPSvwNt2igfPzSDOGTw1mz_AAeYJLXHHoGDHCVvVxMykGbin2ex35P3zElFPDnVwS7y233bPBFoenVkW7CIg3_nSr1eBYgnGqw0Nov7pET5t_FnAcqBH6IUApRqAzcbwET6kv7Q8PmnopbuBA36KFoLw-w2r74VTztTtAloIOKDgCFIvgmjrUhcCM8H6gQavpAhWC0fxxUzUqJuZxFuoT18KJDavKClS4xcqeBKkgTQlM1_hOuSu4WYShVF1bQXiqobr8KlLr6eZJpWhJdtaF6s7r2_ttDSKNcc_Y5twKJmWsbpJAdfwvJ00BC0RNfkfdo8GU1SAEU7BPna20Anu_mWSSWsVsZuM85DMOqzCGTlvpkCegSjM3qAORuRyfbl3R_OaGGDpxFPCuzLtYDvxRC1P8pOVJUF0B7KZZL1prfxy4CdVKEjS2cH47ER0QskpnEJwn49RPBQoKwvEM-c5BLyGpxEx2uzPZl6mnXA1UY-AMarOTZ5ArC_mERNXnb8m8CrsATr97suIDKbcDRrkcZP8ergNn70NayDRIHvwz1LItOrd5c0_WLYlp4pCDp6cyzRmWXXEJS_fiQHibfF5ugw7hDoyRRrOsRHX0vRTBzJYTshBKyGwhNM5Zx2boXTc1Ufo45DO24qqrb5ptuo1829PHLt0BByRP_Q_FgEugKvIkJHavHGcJLYtHypV-6WcN5zvvMkFWWifi4PumnjAeUwUIpHGGUX4RyiM4WuYdNQ4oAg3oGr8uu9fJvGgphZEVT6MOr9Zh2mdIGsX1r1clkkHtYAYv_RxzKFhhSqKdCLnettAhjs_7wfD3px9f_3ukYVD2M8x6X6tW8PSD5xwBax4fPV7BMrU-q6M9GPzP5ts8o7IzmoPVi9g4nE4CpViSo2XiMLQoAtOFr2ckmPGH7YXDaanEbEUnERZSBDDnY19RVunPXAKUz_I-QNNbtAkvEMt92PrjKhMF7x-mYkycMeXUd0lE64jWAflxxuV6UyYqY_CU2PVcPlKu-EClQFdWCjVbBG6taQLTu_d3UGWzLDyti6Z7ws7M54zDziw7xOlONjriERryervZanKswre6mLu-XabiYAgXbSTa20WHWzj82Knhf5aRdfveTKsjbw-IumuFGWn1NWeW9Rw1avlu3mhRpB1rNxJ2T05jPU43uxF70I2lWEy4Dobf9lLj8D0bCSHQPX-xNUeARDkNOwF72PUfcsfFWjOhWq6W_Yai2V8n1IWyjOWn4apcJAdm-vuRK0zI88EAK5ic-EsSUNzdFU7h3chybB6SQWJhDK9DKs-KnuWaV6H6PlhCTit2JB5oGWVkHRnlHeV0HMBNhuSRNH7PLkxKos0DSRAkZnlqSkUJpiApA1widOf3B9Nt7aAv8noeA6560Fablrdw2q72UXC6IL9ImAT88h76TvYYv-1qcPByBEJp8NxHh8gk38GS-izVxttz2PLfzsS4j4MyhmSGPL5TrGwzYKcm7rcyfcdNB8UtaMZENlaJZpdtOt-dCMSheA_rVnaUY3P-JH21ahIVLNRoFQMlLCyGoJFgN3bt1jrtYJcNSn8JBhAIjyBI_vFHpwb1p3n8XR6HOV2uUPMSx2SqSSx0qbvwitWGqxMY8orOmBDIy-KLZrK60xiayDd9Fbgy2G3ZQCL8Jahd4qFjNm6_NKYUIMqyvKvBav8edhH-7GNU9zbQhTmdvsfxLkSrNvmFC_RRFz1FTPLH9Z9C5ybMLtAmHqFp9nhPvYQvfnnSfWGdzsMrhrdDOF9E0l7tLUT2MDgSWSyOskFb86nwf8SI0OI74oqwNs9gFPMANP7HxsJOOyHy3Po-mPjOpJFqsLAAYdixEmchHa8h_s_-Y_EcnuIJl2M72cbMSpbckYvWUUa3dHnPBXH5xC2D_mGc2Gm_aQ3geoOsEz53nVkQ1Jpwcnhuei5yZXNgFoyRUgQZJ1kwH1noDst0RJIiS90No-bcTseFQJbVzUkcT1eIIVjYg8T5euH86iM48E9UKKr74Ag_9oOsdgl-Y3p2J0NjkHy70l1LBvVCK8tDYkQhDd9FnpRde85okZHOb6qUE7kpP42K_gdPfKMfJWmOLZQYWAXdxOwmgsGbcmXJxc8qZVKTmkinOQIF55h7Qoz0M_ozC-4fMXRifqykat1WRp8q3vx_RvUJWODOo4McodvgaReKnvrxGRrUlVyOmkocVshyxvyFbHHRAmAR-kc-1MzF41-PwbtNsNvygooIWYiylRdN3Ya455CxlkpDrkOQ5b0a80FqKN4O-JTZKvrkMIFB9C0-IR7_MqmowlKWfG01uprXrp8N5c0dsx_D0a0M11EerYydlZRw98OYvWeJ7b1Zl6mwr8UqwgqbAgaMWQKmNDYJbTA6xr6vg8fqA0-9dF_vHiIQJdSbPsCSnWaiuwGL41UAIH2XOgoaBrMX-qkbDd3tFlR177gNXGloonzBtEf1uHfd6O5nhXkONeUFimE1vToJE_3tqWrfNcndUEMmzRTWCYY1RKxBWgpa3G1hp6udR2k6Ewa9OphD0Q2wNFNqjE9CxS2QqTGWZ0K1HSEJS5qpgBB6o4UuHFRdE1HexOzWORQJ1hLpVMfcsF---_cM0YEtAjZJUufwMLwV07YMXkdSTH-FVC8SzYpON3s0dK2j5SgniyPjX6JiLkxbJASGVLgWZCSbHrnr4PWFXe-2oyfGX-WWWZtaVpBDH2eeS5THtc88_tN9hX-91iIjkUyLEuPL2q3ACiK9StjfLWm3N2raLzb5L7FhHmDAeUlU7D6IVcVJ7kNh4TiQzMAdeoyvTXz5O1taRnGtr0bE8a_B6QrUxgUG2IvOa_0UxLB_OCt4uczO22XFQ53kTMQ68bgBQoKRglSaSG6wY8xDOYJR10sa437qCRGBmu7wpP0gYe4IQSUD1ldBonMjCVA3d04zOWU5CjCNb19Z0uptCyi5YXxXQjb0HJXjI0lShWD-nOXpnloM-f8oFMJMlvxjXEaj6eCCrP6qLI7rYNKzIV7W6kFeCZvwY5a5yKCcIesPrxvvHVS9Bo5GnUogXr_H_GC4MmwjMzLjTIiL6M26sQSj7mbt9WSHCNH0ToDG7Qo8fyM_deJOCrDZtnXo5dcUQ&cid=CAASJORo2ZqEcQrHIb_2X3zzxJYsbpYnqGKhYfbyDpBm-dgkw6v7AA&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Requested by
Host: shrinke.me
URL: https://shrinke.me/4lpHNx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777c06e7b18ce8d0f09f93f987a5bfda49a71869bca31d12c3026f6ca7d58f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18902
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D8CA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWKtw4yYe9HNfnh8mugKv3pofKLx_ZTPW5LSPgGsFeV9t6dTL1FJl8pN73t60TPMncQIGNn8ZOnLGpcqOhPHcEgaWknBqmKuVpw5msvCyE86qB7Uo
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame D8CA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/window_focus_fy2019.js
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:15:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D8CA 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648494235360460"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/ Frame D8CA 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220328/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:22:25 GMT
l
www.google.com/ads/measurement/ Frame D8CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP1HIzeuyYyZutgaujKPbHn0KDMNuQGAdj6C3s0Xy_4t59Im-k91vYFLhQK0Ba9tXOpVrSWqhHXF2gEJCswwdxdrJODA
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 83D7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
URL: https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:02 GMT
expires
Wed, 30 Mar 2022 12:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F1B9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmqrqo0tEYsK-BdPphQaBkL3gCgAAAAA4AeAEAg&bg=!e3ileDzNAAbzJazn0yU7ACkAdvg8WlsarIP26dv6Uz1hFDwXoCxnS04HPvzNhE9AnV8vhLDKyBYG0wIAAASlUgAAAANoAQeZA2nCQqNpp3eiKDDHN0DFtY7KawkLl4nkuFsMILxkXC1tebY15Bj9hf9nVdubp8QWmJ-Wqu7PKSNkfzkGoF5swBErkX-qkeKh4CIDpxexvnZgdwFpkJaVH1JHLDND5GS5usx6DdJpFcwbxDx0nBfkrlwDdT9RCMOXESpAth4DvUy3Ng9kzO8BDzKv4QJmh-MBdim1zCqNezt8KljTHIuC5ejFmiyeXI3KxujNSX5J__wRHTgLXbeQSSQsYbVV9H4VYSp-iTvfFRaa5Ii1P1hXs-yU24Z-pvlRzkRPqs_1S98HVajUdh0mUsdngQm1yzd5mLwVIUBNy23lUxhNB27t12WQ8grp1mKJccvxKncqHcNAmCXcIsJ30PmWRuFtHqUCCNdoYT3xAUNjMj8lIxMR4VgJ8WsVpOF5uLK63-Go9YVfck4rbPwR28BnBCcSh-uqK0Ps4rXWsuAqlTKAwQHhR9-od9WoCr3c14bifq8NuvQwjZCo1kSdV5qYF0Ik5MCbqnZcFi_rjB5e6r2b7CrzoUyg7k5yYFY3uKPH5p0g2qT6k-anWsc5mLaGGtOia9VjQfZ5G9Wkq7HkRaYHojWrXPmnyNaThMBuGuP1zYyAH6be9UYOnafG-TWe3sHaebYS1qwx3VpTTw7_x4B8Vvs-O_CeBErCUlre-Shx6u9zF0YP9f3v8heVIi0FdKaaLM-uVgZ1SSfqS7LwFlDa0T2b7OTSmrOR72tVm0CwnP3mzx7LVJAVD9Ja8LammJzZQo1Hh-b6uRQRn6YVl6yjeIi49RcLnoklJrRnFHgSyjM3qoFM2bS9Kfc5e24lRY5aB8A8fhn4dkvVonYpGefOQAGE1Wbz8E-tcYAVMRyj65h7UjNrxKektrrzGIBjf7PM5j4ythAesLOw7lQMvxAKh38P1hB_YQRwn9V4APd2uPy4Uwusg5PC2UkbvrE5raxOYZ1OELfRVS1lDOPEU6ohYrc5DFeu8YRwOwBIGV6Oab_3ca9WmzeV-W42e-kJSbL56U7fu6we7tbWS9SiVUUjGJo8mzQIIqCX3K2JKrrXUUzTR2kID4wHVyb3COE-QsZnoAZS3T84LuqxdYSsinX08B1vR7mcI0g_V_6A15d4nnzV5ElueI0pEp8vVO_Y4OAAv65tpMXnW1t3gm4yMPI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame 3344 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
128840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:35:42 GMT
file.mp4
r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 6765
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/sign...
  • https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,it...
240 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FC68630A99C3F7481153BC2029B76FA70883B0B.5C0E003F46D78E1C8842D8EC0685E7DEDCE1F477/key/cms1/cms_redirect/yes/mh/jU/mip/2607:5300:60:7867::3/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1648642611/mv/m/mvi/5/pl/32/file/file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16 Feb 2022 17:04:31 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
application/octet-stream
Content-Range
bytes 0-245803/245804
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
245804
Expires
Wed, 30 Mar 2022 12:23:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FC68630A99C3F7481153BC2029B76FA70883B0B.5C0E003F46D78E1C8842D8EC0685E7DEDCE1F477/key/cms1/cms_redirect/yes/mh/jU/mip/2607:5300:60:7867::3/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1648642611/mv/m/mvi/5/pl/32/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6765 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 12:23:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032105&jk=3699867477367657&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame 2311 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
128840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:35:42 GMT
prod_studio_01_247_videomodule.js
s0.2mdn.net/879366/ Frame 6765 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10786821004335573954/1645031070487/index.html?e=69&leftOffset=0&topOffset=0&c=x9BzEyatOg&t=4&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5003
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:38:10 GMT
sync
partners.tremorhub.com/ Frame 1235
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEJO41OGQPQ6m7ZwSpHpOQLw&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEJO41OGQPQ6m7ZwSpHpOQLw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjSytrGATAB&v=APEucNXZ-EL-54SF0iBCQ8eSTB4VjbZs4mg1HRlKWREQEOTOheAZS-SYzYn2ADc9Og9QCmhY1G2ZbsUHvDF_cFGdJLv8-0FoiQ
Protocol
H2
Server
2600:1f18:612b:4264:5fd:edb0:5599:8b67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEJO41OGQPQ6m7ZwSpHpOQLw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 1235
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM4z2PWltnMA4_yNwhhYtks&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM4z2PWltnMA4_yNwhhYtks&google_cver=1&__user_check__=1&sync_id=24f40636-b024-11ec-bf3a-16765c7f0403
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM4z2PWltnMA4_yNwhhYtks&google_cver=1&__user_check__=1&sync_id=24f40636-b024-11ec-bf3a-16765c7f0403
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjSytrGATAB&v=APEucNXZ-EL-54SF0iBCQ8eSTB4VjbZs4mg1HRlKWREQEOTOheAZS-SYzYn2ADc9Og9QCmhY1G2ZbsUHvDF_cFGdJLv8-0FoiQ
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
316
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEM4z2PWltnMA4_yNwhhYtks&google_cver=1&__user_check__=1&sync_id=24f40636-b024-11ec-bf3a-16765c7f0403
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
174
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1235
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjRmNDA1ZjktYjAyNC0xMWVjLWJmM2EtMTY3NjVjN2YwNDAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjRmNDA1ZjktYjAyNC0xMWVjLWJmM2EtMTY3NjVjN2YwNDAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjSytrGATAB&v=APEucNXZ-EL-54SF0iBCQ8eSTB4VjbZs4mg1HRlKWREQEOTOheAZS-SYzYn2ADc9Og9QCmhY1G2ZbsUHvDF_cFGdJLv8-0FoiQ
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjRmNDA1ZjktYjAyNC0xMWVjLWJmM2EtMTY3NjVjN2YwNDAz
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
209
Connection
keep-alive
Content-Length
0
writead.html
googleads.g.doubleclick.net/pagead/s/xfa/ Frame D36A 		75 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoroWM9w3jV9nUTpULGh7eM8qU0GGasAgH30_YykbOaikRUl1sDGpf1aUV-TWDlqshDi4zKQhxunZyJnyMvSxVijB_trtPEmkvzFUuVedxwPxBikqlpPpgQtpQBm4UJGMtTUwEXJIDj_oFans-1gBRosXhNg&dbm_d=AKAmf-Cp98PAWVDYH4D-onfy02hZfwE-Du90zz-B_XV8ufq7h3KvrPSvwNt2igfPzSDOGTw1mz_AAeYJLXHHoGDHCVvVxMykGbin2ex35P3zElFPDnVwS7y233bPBFoenVkW7CIg3_nSr1eBYgnGqw0Nov7pET5t_FnAcqBH6IUApRqAzcbwET6kv7Q8PmnopbuBA36KFoLw-w2r74VTztTtAloIOKDgCFIvgmjrUhcCM8H6gQavpAhWC0fxxUzUqJuZxFuoT18KJDavKClS4xcqeBKkgTQlM1_hOuSu4WYShVF1bQXiqobr8KlLr6eZJpWhJdtaF6s7r2_ttDSKNcc_Y5twKJmWsbpJAdfwvJ00BC0RNfkfdo8GU1SAEU7BPna20Anu_mWSSWsVsZuM85DMOqzCGTlvpkCegSjM3qAORuRyfbl3R_OaGGDpxFPCuzLtYDvxRC1P8pOVJUF0B7KZZL1prfxy4CdVKEjS2cH47ER0QskpnEJwn49RPBQoKwvEM-c5BLyGpxEx2uzPZl6mnXA1UY-AMarOTZ5ArC_mERNXnb8m8CrsATr97suIDKbcDRrkcZP8ergNn70NayDRIHvwz1LItOrd5c0_WLYlp4pCDp6cyzRmWXXEJS_fiQHibfF5ugw7hDoyRRrOsRHX0vRTBzJYTshBKyGwhNM5Zx2boXTc1Ufo45DO24qqrb5ptuo1829PHLt0BByRP_Q_FgEugKvIkJHavHGcJLYtHypV-6WcN5zvvMkFWWifi4PumnjAeUwUIpHGGUX4RyiM4WuYdNQ4oAg3oGr8uu9fJvGgphZEVT6MOr9Zh2mdIGsX1r1clkkHtYAYv_RxzKFhhSqKdCLnettAhjs_7wfD3px9f_3ukYVD2M8x6X6tW8PSD5xwBax4fPV7BMrU-q6M9GPzP5ts8o7IzmoPVi9g4nE4CpViSo2XiMLQoAtOFr2ckmPGH7YXDaanEbEUnERZSBDDnY19RVunPXAKUz_I-QNNbtAkvEMt92PrjKhMF7x-mYkycMeXUd0lE64jWAflxxuV6UyYqY_CU2PVcPlKu-EClQFdWCjVbBG6taQLTu_d3UGWzLDyti6Z7ws7M54zDziw7xOlONjriERryervZanKswre6mLu-XabiYAgXbSTa20WHWzj82Knhf5aRdfveTKsjbw-IumuFGWn1NWeW9Rw1avlu3mhRpB1rNxJ2T05jPU43uxF70I2lWEy4Dobf9lLj8D0bCSHQPX-xNUeARDkNOwF72PUfcsfFWjOhWq6W_Yai2V8n1IWyjOWn4apcJAdm-vuRK0zI88EAK5ic-EsSUNzdFU7h3chybB6SQWJhDK9DKs-KnuWaV6H6PlhCTit2JB5oGWVkHRnlHeV0HMBNhuSRNH7PLkxKos0DSRAkZnlqSkUJpiApA1widOf3B9Nt7aAv8noeA6560Fablrdw2q72UXC6IL9ImAT88h76TvYYv-1qcPByBEJp8NxHh8gk38GS-izVxttz2PLfzsS4j4MyhmSGPL5TrGwzYKcm7rcyfcdNB8UtaMZENlaJZpdtOt-dCMSheA_rVnaUY3P-JH21ahIVLNRoFQMlLCyGoJFgN3bt1jrtYJcNSn8JBhAIjyBI_vFHpwb1p3n8XR6HOV2uUPMSx2SqSSx0qbvwitWGqxMY8orOmBDIy-KLZrK60xiayDd9Fbgy2G3ZQCL8Jahd4qFjNm6_NKYUIMqyvKvBav8edhH-7GNU9zbQhTmdvsfxLkSrNvmFC_RRFz1FTPLH9Z9C5ybMLtAmHqFp9nhPvYQvfnnSfWGdzsMrhrdDOF9E0l7tLUT2MDgSWSyOskFb86nwf8SI0OI74oqwNs9gFPMANP7HxsJOOyHy3Po-mPjOpJFqsLAAYdixEmchHa8h_s_-Y_EcnuIJl2M72cbMSpbckYvWUUa3dHnPBXH5xC2D_mGc2Gm_aQ3geoOsEz53nVkQ1Jpwcnhuei5yZXNgFoyRUgQZJ1kwH1noDst0RJIiS90No-bcTseFQJbVzUkcT1eIIVjYg8T5euH86iM48E9UKKr74Ag_9oOsdgl-Y3p2J0NjkHy70l1LBvVCK8tDYkQhDd9FnpRde85okZHOb6qUE7kpP42K_gdPfKMfJWmOLZQYWAXdxOwmgsGbcmXJxc8qZVKTmkinOQIF55h7Qoz0M_ozC-4fMXRifqykat1WRp8q3vx_RvUJWODOo4McodvgaReKnvrxGRrUlVyOmkocVshyxvyFbHHRAmAR-kc-1MzF41-PwbtNsNvygooIWYiylRdN3Ya455CxlkpDrkOQ5b0a80FqKN4O-JTZKvrkMIFB9C0-IR7_MqmowlKWfG01uprXrp8N5c0dsx_D0a0M11EerYydlZRw98OYvWeJ7b1Zl6mwr8UqwgqbAgaMWQKmNDYJbTA6xr6vg8fqA0-9dF_vHiIQJdSbPsCSnWaiuwGL41UAIH2XOgoaBrMX-qkbDd3tFlR177gNXGloonzBtEf1uHfd6O5nhXkONeUFimE1vToJE_3tqWrfNcndUEMmzRTWCYY1RKxBWgpa3G1hp6udR2k6Ewa9OphD0Q2wNFNqjE9CxS2QqTGWZ0K1HSEJS5qpgBB6o4UuHFRdE1HexOzWORQJ1hLpVMfcsF---_cM0YEtAjZJUufwMLwV07YMXkdSTH-FVC8SzYpON3s0dK2j5SgniyPjX6JiLkxbJASGVLgWZCSbHrnr4PWFXe-2oyfGX-WWWZtaVpBDH2eeS5THtc88_tN9hX-91iIjkUyLEuPL2q3ACiK9StjfLWm3N2raLzb5L7FhHmDAeUlU7D6IVcVJ7kNh4TiQzMAdeoyvTXz5O1taRnGtr0bE8a_B6QrUxgUG2IvOa_0UxLB_OCt4uczO22XFQ53kTMQ68bgBQoKRglSaSG6wY8xDOYJR10sa437qCRGBmu7wpP0gYe4IQSUD1ldBonMjCVA3d04zOWU5CjCNb19Z0uptCyi5YXxXQjb0HJXjI0lShWD-nOXpnloM-f8oFMJMlvxjXEaj6eCCrP6qLI7rYNKzIV7W6kFeCZvwY5a5yKCcIesPrxvvHVS9Bo5GnUogXr_H_GC4MmwjMzLjTIiL6M26sQSj7mbt9WSHCNH0ToDG7Qo8fyM_deJOCrDZtnXo5dcUQ&cid=CAASJORo2ZqEcQrHIb_2X3zzxJYsbpYnqGKhYfbyDpBm-dgkw6v7AA&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0db1f99730ce36725892ee85b10c16e8d10ed3e315ae69becbf47a7473928cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
42621
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=6048000
content-encoding
gzip
content-length
87
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 00:32:41 GMT
etag
3536584868236156801
expires
Wed, 08 Jun 2022 00:32:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/ Frame D8CA 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoroWM9w3jV9nUTpULGh7eM8qU0GGasAgH30_YykbOaikRUl1sDGpf1aUV-TWDlqshDi4zKQhxunZyJnyMvSxVijB_trtPEmkvzFUuVedxwPxBikqlpPpgQtpQBm4UJGMtTUwEXJIDj_oFans-1gBRosXhNg&dbm_d=AKAmf-Cp98PAWVDYH4D-onfy02hZfwE-Du90zz-B_XV8ufq7h3KvrPSvwNt2igfPzSDOGTw1mz_AAeYJLXHHoGDHCVvVxMykGbin2ex35P3zElFPDnVwS7y233bPBFoenVkW7CIg3_nSr1eBYgnGqw0Nov7pET5t_FnAcqBH6IUApRqAzcbwET6kv7Q8PmnopbuBA36KFoLw-w2r74VTztTtAloIOKDgCFIvgmjrUhcCM8H6gQavpAhWC0fxxUzUqJuZxFuoT18KJDavKClS4xcqeBKkgTQlM1_hOuSu4WYShVF1bQXiqobr8KlLr6eZJpWhJdtaF6s7r2_ttDSKNcc_Y5twKJmWsbpJAdfwvJ00BC0RNfkfdo8GU1SAEU7BPna20Anu_mWSSWsVsZuM85DMOqzCGTlvpkCegSjM3qAORuRyfbl3R_OaGGDpxFPCuzLtYDvxRC1P8pOVJUF0B7KZZL1prfxy4CdVKEjS2cH47ER0QskpnEJwn49RPBQoKwvEM-c5BLyGpxEx2uzPZl6mnXA1UY-AMarOTZ5ArC_mERNXnb8m8CrsATr97suIDKbcDRrkcZP8ergNn70NayDRIHvwz1LItOrd5c0_WLYlp4pCDp6cyzRmWXXEJS_fiQHibfF5ugw7hDoyRRrOsRHX0vRTBzJYTshBKyGwhNM5Zx2boXTc1Ufo45DO24qqrb5ptuo1829PHLt0BByRP_Q_FgEugKvIkJHavHGcJLYtHypV-6WcN5zvvMkFWWifi4PumnjAeUwUIpHGGUX4RyiM4WuYdNQ4oAg3oGr8uu9fJvGgphZEVT6MOr9Zh2mdIGsX1r1clkkHtYAYv_RxzKFhhSqKdCLnettAhjs_7wfD3px9f_3ukYVD2M8x6X6tW8PSD5xwBax4fPV7BMrU-q6M9GPzP5ts8o7IzmoPVi9g4nE4CpViSo2XiMLQoAtOFr2ckmPGH7YXDaanEbEUnERZSBDDnY19RVunPXAKUz_I-QNNbtAkvEMt92PrjKhMF7x-mYkycMeXUd0lE64jWAflxxuV6UyYqY_CU2PVcPlKu-EClQFdWCjVbBG6taQLTu_d3UGWzLDyti6Z7ws7M54zDziw7xOlONjriERryervZanKswre6mLu-XabiYAgXbSTa20WHWzj82Knhf5aRdfveTKsjbw-IumuFGWn1NWeW9Rw1avlu3mhRpB1rNxJ2T05jPU43uxF70I2lWEy4Dobf9lLj8D0bCSHQPX-xNUeARDkNOwF72PUfcsfFWjOhWq6W_Yai2V8n1IWyjOWn4apcJAdm-vuRK0zI88EAK5ic-EsSUNzdFU7h3chybB6SQWJhDK9DKs-KnuWaV6H6PlhCTit2JB5oGWVkHRnlHeV0HMBNhuSRNH7PLkxKos0DSRAkZnlqSkUJpiApA1widOf3B9Nt7aAv8noeA6560Fablrdw2q72UXC6IL9ImAT88h76TvYYv-1qcPByBEJp8NxHh8gk38GS-izVxttz2PLfzsS4j4MyhmSGPL5TrGwzYKcm7rcyfcdNB8UtaMZENlaJZpdtOt-dCMSheA_rVnaUY3P-JH21ahIVLNRoFQMlLCyGoJFgN3bt1jrtYJcNSn8JBhAIjyBI_vFHpwb1p3n8XR6HOV2uUPMSx2SqSSx0qbvwitWGqxMY8orOmBDIy-KLZrK60xiayDd9Fbgy2G3ZQCL8Jahd4qFjNm6_NKYUIMqyvKvBav8edhH-7GNU9zbQhTmdvsfxLkSrNvmFC_RRFz1FTPLH9Z9C5ybMLtAmHqFp9nhPvYQvfnnSfWGdzsMrhrdDOF9E0l7tLUT2MDgSWSyOskFb86nwf8SI0OI74oqwNs9gFPMANP7HxsJOOyHy3Po-mPjOpJFqsLAAYdixEmchHa8h_s_-Y_EcnuIJl2M72cbMSpbckYvWUUa3dHnPBXH5xC2D_mGc2Gm_aQ3geoOsEz53nVkQ1Jpwcnhuei5yZXNgFoyRUgQZJ1kwH1noDst0RJIiS90No-bcTseFQJbVzUkcT1eIIVjYg8T5euH86iM48E9UKKr74Ag_9oOsdgl-Y3p2J0NjkHy70l1LBvVCK8tDYkQhDd9FnpRde85okZHOb6qUE7kpP42K_gdPfKMfJWmOLZQYWAXdxOwmgsGbcmXJxc8qZVKTmkinOQIF55h7Qoz0M_ozC-4fMXRifqykat1WRp8q3vx_RvUJWODOo4McodvgaReKnvrxGRrUlVyOmkocVshyxvyFbHHRAmAR-kc-1MzF41-PwbtNsNvygooIWYiylRdN3Ya455CxlkpDrkOQ5b0a80FqKN4O-JTZKvrkMIFB9C0-IR7_MqmowlKWfG01uprXrp8N5c0dsx_D0a0M11EerYydlZRw98OYvWeJ7b1Zl6mwr8UqwgqbAgaMWQKmNDYJbTA6xr6vg8fqA0-9dF_vHiIQJdSbPsCSnWaiuwGL41UAIH2XOgoaBrMX-qkbDd3tFlR177gNXGloonzBtEf1uHfd6O5nhXkONeUFimE1vToJE_3tqWrfNcndUEMmzRTWCYY1RKxBWgpa3G1hp6udR2k6Ewa9OphD0Q2wNFNqjE9CxS2QqTGWZ0K1HSEJS5qpgBB6o4UuHFRdE1HexOzWORQJ1hLpVMfcsF---_cM0YEtAjZJUufwMLwV07YMXkdSTH-FVC8SzYpON3s0dK2j5SgniyPjX6JiLkxbJASGVLgWZCSbHrnr4PWFXe-2oyfGX-WWWZtaVpBDH2eeS5THtc88_tN9hX-91iIjkUyLEuPL2q3ACiK9StjfLWm3N2raLzb5L7FhHmDAeUlU7D6IVcVJ7kNh4TiQzMAdeoyvTXz5O1taRnGtr0bE8a_B6QrUxgUG2IvOa_0UxLB_OCt4uczO22XFQ53kTMQ68bgBQoKRglSaSG6wY8xDOYJR10sa437qCRGBmu7wpP0gYe4IQSUD1ldBonMjCVA3d04zOWU5CjCNb19Z0uptCyi5YXxXQjb0HJXjI0lShWD-nOXpnloM-f8oFMJMlvxjXEaj6eCCrP6qLI7rYNKzIV7W6kFeCZvwY5a5yKCcIesPrxvvHVS9Bo5GnUogXr_H_GC4MmwjMzLjTIiL6M26sQSj7mbt9WSHCNH0ToDG7Qo8fyM_deJOCrDZtnXo5dcUQ&cid=CAASJORo2ZqEcQrHIb_2X3zzxJYsbpYnqGKhYfbyDpBm-dgkw6v7AA&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:21:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/ Frame D8CA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220328/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoroWM9w3jV9nUTpULGh7eM8qU0GGasAgH30_YykbOaikRUl1sDGpf1aUV-TWDlqshDi4zKQhxunZyJnyMvSxVijB_trtPEmkvzFUuVedxwPxBikqlpPpgQtpQBm4UJGMtTUwEXJIDj_oFans-1gBRosXhNg&dbm_d=AKAmf-Cp98PAWVDYH4D-onfy02hZfwE-Du90zz-B_XV8ufq7h3KvrPSvwNt2igfPzSDOGTw1mz_AAeYJLXHHoGDHCVvVxMykGbin2ex35P3zElFPDnVwS7y233bPBFoenVkW7CIg3_nSr1eBYgnGqw0Nov7pET5t_FnAcqBH6IUApRqAzcbwET6kv7Q8PmnopbuBA36KFoLw-w2r74VTztTtAloIOKDgCFIvgmjrUhcCM8H6gQavpAhWC0fxxUzUqJuZxFuoT18KJDavKClS4xcqeBKkgTQlM1_hOuSu4WYShVF1bQXiqobr8KlLr6eZJpWhJdtaF6s7r2_ttDSKNcc_Y5twKJmWsbpJAdfwvJ00BC0RNfkfdo8GU1SAEU7BPna20Anu_mWSSWsVsZuM85DMOqzCGTlvpkCegSjM3qAORuRyfbl3R_OaGGDpxFPCuzLtYDvxRC1P8pOVJUF0B7KZZL1prfxy4CdVKEjS2cH47ER0QskpnEJwn49RPBQoKwvEM-c5BLyGpxEx2uzPZl6mnXA1UY-AMarOTZ5ArC_mERNXnb8m8CrsATr97suIDKbcDRrkcZP8ergNn70NayDRIHvwz1LItOrd5c0_WLYlp4pCDp6cyzRmWXXEJS_fiQHibfF5ugw7hDoyRRrOsRHX0vRTBzJYTshBKyGwhNM5Zx2boXTc1Ufo45DO24qqrb5ptuo1829PHLt0BByRP_Q_FgEugKvIkJHavHGcJLYtHypV-6WcN5zvvMkFWWifi4PumnjAeUwUIpHGGUX4RyiM4WuYdNQ4oAg3oGr8uu9fJvGgphZEVT6MOr9Zh2mdIGsX1r1clkkHtYAYv_RxzKFhhSqKdCLnettAhjs_7wfD3px9f_3ukYVD2M8x6X6tW8PSD5xwBax4fPV7BMrU-q6M9GPzP5ts8o7IzmoPVi9g4nE4CpViSo2XiMLQoAtOFr2ckmPGH7YXDaanEbEUnERZSBDDnY19RVunPXAKUz_I-QNNbtAkvEMt92PrjKhMF7x-mYkycMeXUd0lE64jWAflxxuV6UyYqY_CU2PVcPlKu-EClQFdWCjVbBG6taQLTu_d3UGWzLDyti6Z7ws7M54zDziw7xOlONjriERryervZanKswre6mLu-XabiYAgXbSTa20WHWzj82Knhf5aRdfveTKsjbw-IumuFGWn1NWeW9Rw1avlu3mhRpB1rNxJ2T05jPU43uxF70I2lWEy4Dobf9lLj8D0bCSHQPX-xNUeARDkNOwF72PUfcsfFWjOhWq6W_Yai2V8n1IWyjOWn4apcJAdm-vuRK0zI88EAK5ic-EsSUNzdFU7h3chybB6SQWJhDK9DKs-KnuWaV6H6PlhCTit2JB5oGWVkHRnlHeV0HMBNhuSRNH7PLkxKos0DSRAkZnlqSkUJpiApA1widOf3B9Nt7aAv8noeA6560Fablrdw2q72UXC6IL9ImAT88h76TvYYv-1qcPByBEJp8NxHh8gk38GS-izVxttz2PLfzsS4j4MyhmSGPL5TrGwzYKcm7rcyfcdNB8UtaMZENlaJZpdtOt-dCMSheA_rVnaUY3P-JH21ahIVLNRoFQMlLCyGoJFgN3bt1jrtYJcNSn8JBhAIjyBI_vFHpwb1p3n8XR6HOV2uUPMSx2SqSSx0qbvwitWGqxMY8orOmBDIy-KLZrK60xiayDd9Fbgy2G3ZQCL8Jahd4qFjNm6_NKYUIMqyvKvBav8edhH-7GNU9zbQhTmdvsfxLkSrNvmFC_RRFz1FTPLH9Z9C5ybMLtAmHqFp9nhPvYQvfnnSfWGdzsMrhrdDOF9E0l7tLUT2MDgSWSyOskFb86nwf8SI0OI74oqwNs9gFPMANP7HxsJOOyHy3Po-mPjOpJFqsLAAYdixEmchHa8h_s_-Y_EcnuIJl2M72cbMSpbckYvWUUa3dHnPBXH5xC2D_mGc2Gm_aQ3geoOsEz53nVkQ1Jpwcnhuei5yZXNgFoyRUgQZJ1kwH1noDst0RJIiS90No-bcTseFQJbVzUkcT1eIIVjYg8T5euH86iM48E9UKKr74Ag_9oOsdgl-Y3p2J0NjkHy70l1LBvVCK8tDYkQhDd9FnpRde85okZHOb6qUE7kpP42K_gdPfKMfJWmOLZQYWAXdxOwmgsGbcmXJxc8qZVKTmkinOQIF55h7Qoz0M_ozC-4fMXRifqykat1WRp8q3vx_RvUJWODOo4McodvgaReKnvrxGRrUlVyOmkocVshyxvyFbHHRAmAR-kc-1MzF41-PwbtNsNvygooIWYiylRdN3Ya455CxlkpDrkOQ5b0a80FqKN4O-JTZKvrkMIFB9C0-IR7_MqmowlKWfG01uprXrp8N5c0dsx_D0a0M11EerYydlZRw98OYvWeJ7b1Zl6mwr8UqwgqbAgaMWQKmNDYJbTA6xr6vg8fqA0-9dF_vHiIQJdSbPsCSnWaiuwGL41UAIH2XOgoaBrMX-qkbDd3tFlR177gNXGloonzBtEf1uHfd6O5nhXkONeUFimE1vToJE_3tqWrfNcndUEMmzRTWCYY1RKxBWgpa3G1hp6udR2k6Ewa9OphD0Q2wNFNqjE9CxS2QqTGWZ0K1HSEJS5qpgBB6o4UuHFRdE1HexOzWORQJ1hLpVMfcsF---_cM0YEtAjZJUufwMLwV07YMXkdSTH-FVC8SzYpON3s0dK2j5SgniyPjX6JiLkxbJASGVLgWZCSbHrnr4PWFXe-2oyfGX-WWWZtaVpBDH2eeS5THtc88_tN9hX-91iIjkUyLEuPL2q3ACiK9StjfLWm3N2raLzb5L7FhHmDAeUlU7D6IVcVJ7kNh4TiQzMAdeoyvTXz5O1taRnGtr0bE8a_B6QrUxgUG2IvOa_0UxLB_OCt4uczO22XFQ53kTMQ68bgBQoKRglSaSG6wY8xDOYJR10sa437qCRGBmu7wpP0gYe4IQSUD1ldBonMjCVA3d04zOWU5CjCNb19Z0uptCyi5YXxXQjb0HJXjI0lShWD-nOXpnloM-f8oFMJMlvxjXEaj6eCCrP6qLI7rYNKzIV7W6kFeCZvwY5a5yKCcIesPrxvvHVS9Bo5GnUogXr_H_GC4MmwjMzLjTIiL6M26sQSj7mbt9WSHCNH0ToDG7Qo8fyM_deJOCrDZtnXo5dcUQ&cid=CAASJORo2ZqEcQrHIb_2X3zzxJYsbpYnqGKhYfbyDpBm-dgkw6v7AA&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Apr 2022 12:13:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D8CA 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst__hrA8Pji01S1pTy0k4wl3uietWToDi0N7Wuh7wWH5P9huzpVBiHTmB--4_PiBzIBBxD27jIg9T9Sg1hoJrAi47WSCj5mKRF0Rk0eBdKQxHFczcJQ9DiY88mkBp9TQOXvFJCJ_ryzg1PR9JRRW8gVoTnK3TG4DGsBfBrm12ix9xwOWiwLDXhxqvZE5Tis8cnMKHwtqOKgkRJMKgsmN63wxKnX2lwbmJgvkzyLlmh9q9VqooCC_oTTducSfM6glAXfxZGtCqPWxEF69MQIupJoujEoxP6E5ExB1eakU7cTOckGLi9bUd4_uNBk0auO5ymNo8D20afgPEwLHAUxct1b07ihgoJEb7tGfU4xca5lK5bQeQItWMC3S2nt76LGR7qle2_w3LMPhGpEavaXa6FpfURwqWQ4RazVd9YhWPSU5tvkMJlPx8pYmTuRl-7WmDBemU4rsimhKyLOKrVyzjJ7ElBGuoCr2yPDUWsumsXdy9KNDEbXYVCpU-TD6NnL9xPlFzt8bbKaRSFN068R_CDcCEQeiWYgkT4zE7a5saEd8iid4yR3p4_rYnqZKvfv9nBOSOTg4Qpfr_b8Eb-3iw0UPIvqNrqAWR_kjtcMemqcLHKYquiac5kCdMFRDnoUrwTCwAjjpEo78ig5R6jN5q6ZIc8FcW5mbxXsnOOsGfqXpw9sGtoVU648sDS7HaGKWzGuppI619OQl7TwxczEa5Ox-0CXq1jpBWQgBRchZn4vU_Bn4in9xlqwBVdAL9lwqPSbNZdDKfKngb3OuplMQ76nIww2CdlHtrjlrBh5ZCF2UDqjK_ewMo6tSiPeIUCXvF0NXXANHo22en6Dls9fEX28TgTTxEL8hnRGfkA9L_DcmUqDgpdYXFQd1tD1ZS1BIaq6T5tarORm7j_JRhuvza6-ZQrXsrPcdWAsl06MikIsjNlAdm11fevK_pjOQJvTOivVl1M5sHItg75bRu4bUdCRwQ_Pp8G7TXDVylogkOn8UqD-d47GsfUGx9JRhwzKb_ADGm3McKRyTJdpJNuaM30nCMGOR_q_QknoMixK3oMBAAvPh815ajv3Y378rnQVKTDhRnS4Z_q2E3g5gwT8WQVYYFM1XoB0VmBYs1KbBwEXoq1RpBYWIt5FbXc0cSon2TOTz2hdQo8iSuJVr16aSJB3frkdqo8WmVpA36oZinlszu4bcJBFayRnTJsSVEdyAFTBdW-5frv8GBd0rBuAlpRtfU5swgk&sai=AMfl-YTyu99dZg8SGCQv1XNAM1_eN4s-gI-ahq2y5raYZT1_nybv_pxQdmYVO9bOT5WefRczCiiKDaFs9I1wJG8XYw0l3_EZ0F9y26xfzNoQJzMzoXQ9VKWwWAhiAfYfCF0h_Jly-NptTLk9h0xTz0J5ee0iPU9oFKWKfe4w0Rkf0UkklxNYqPE5O-Wx6L09FcjwiCBDkGQtEqupPlp_uzeXng&sig=Cg0ArKJSzJZ62weL1WAPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=2&dett=2&cstd=0&cisv=r20220328.75672&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoroWM9w3jV9nUTpULGh7eM8qU0GGasAgH30_YykbOaikRUl1sDGpf1aUV-TWDlqshDi4zKQhxunZyJnyMvSxVijB_trtPEmkvzFUuVedxwPxBikqlpPpgQtpQBm4UJGMtTUwEXJIDj_oFans-1gBRosXhNg&dbm_d=AKAmf-Cp98PAWVDYH4D-onfy02hZfwE-Du90zz-B_XV8ufq7h3KvrPSvwNt2igfPzSDOGTw1mz_AAeYJLXHHoGDHCVvVxMykGbin2ex35P3zElFPDnVwS7y233bPBFoenVkW7CIg3_nSr1eBYgnGqw0Nov7pET5t_FnAcqBH6IUApRqAzcbwET6kv7Q8PmnopbuBA36KFoLw-w2r74VTztTtAloIOKDgCFIvgmjrUhcCM8H6gQavpAhWC0fxxUzUqJuZxFuoT18KJDavKClS4xcqeBKkgTQlM1_hOuSu4WYShVF1bQXiqobr8KlLr6eZJpWhJdtaF6s7r2_ttDSKNcc_Y5twKJmWsbpJAdfwvJ00BC0RNfkfdo8GU1SAEU7BPna20Anu_mWSSWsVsZuM85DMOqzCGTlvpkCegSjM3qAORuRyfbl3R_OaGGDpxFPCuzLtYDvxRC1P8pOVJUF0B7KZZL1prfxy4CdVKEjS2cH47ER0QskpnEJwn49RPBQoKwvEM-c5BLyGpxEx2uzPZl6mnXA1UY-AMarOTZ5ArC_mERNXnb8m8CrsATr97suIDKbcDRrkcZP8ergNn70NayDRIHvwz1LItOrd5c0_WLYlp4pCDp6cyzRmWXXEJS_fiQHibfF5ugw7hDoyRRrOsRHX0vRTBzJYTshBKyGwhNM5Zx2boXTc1Ufo45DO24qqrb5ptuo1829PHLt0BByRP_Q_FgEugKvIkJHavHGcJLYtHypV-6WcN5zvvMkFWWifi4PumnjAeUwUIpHGGUX4RyiM4WuYdNQ4oAg3oGr8uu9fJvGgphZEVT6MOr9Zh2mdIGsX1r1clkkHtYAYv_RxzKFhhSqKdCLnettAhjs_7wfD3px9f_3ukYVD2M8x6X6tW8PSD5xwBax4fPV7BMrU-q6M9GPzP5ts8o7IzmoPVi9g4nE4CpViSo2XiMLQoAtOFr2ckmPGH7YXDaanEbEUnERZSBDDnY19RVunPXAKUz_I-QNNbtAkvEMt92PrjKhMF7x-mYkycMeXUd0lE64jWAflxxuV6UyYqY_CU2PVcPlKu-EClQFdWCjVbBG6taQLTu_d3UGWzLDyti6Z7ws7M54zDziw7xOlONjriERryervZanKswre6mLu-XabiYAgXbSTa20WHWzj82Knhf5aRdfveTKsjbw-IumuFGWn1NWeW9Rw1avlu3mhRpB1rNxJ2T05jPU43uxF70I2lWEy4Dobf9lLj8D0bCSHQPX-xNUeARDkNOwF72PUfcsfFWjOhWq6W_Yai2V8n1IWyjOWn4apcJAdm-vuRK0zI88EAK5ic-EsSUNzdFU7h3chybB6SQWJhDK9DKs-KnuWaV6H6PlhCTit2JB5oGWVkHRnlHeV0HMBNhuSRNH7PLkxKos0DSRAkZnlqSkUJpiApA1widOf3B9Nt7aAv8noeA6560Fablrdw2q72UXC6IL9ImAT88h76TvYYv-1qcPByBEJp8NxHh8gk38GS-izVxttz2PLfzsS4j4MyhmSGPL5TrGwzYKcm7rcyfcdNB8UtaMZENlaJZpdtOt-dCMSheA_rVnaUY3P-JH21ahIVLNRoFQMlLCyGoJFgN3bt1jrtYJcNSn8JBhAIjyBI_vFHpwb1p3n8XR6HOV2uUPMSx2SqSSx0qbvwitWGqxMY8orOmBDIy-KLZrK60xiayDd9Fbgy2G3ZQCL8Jahd4qFjNm6_NKYUIMqyvKvBav8edhH-7GNU9zbQhTmdvsfxLkSrNvmFC_RRFz1FTPLH9Z9C5ybMLtAmHqFp9nhPvYQvfnnSfWGdzsMrhrdDOF9E0l7tLUT2MDgSWSyOskFb86nwf8SI0OI74oqwNs9gFPMANP7HxsJOOyHy3Po-mPjOpJFqsLAAYdixEmchHa8h_s_-Y_EcnuIJl2M72cbMSpbckYvWUUa3dHnPBXH5xC2D_mGc2Gm_aQ3geoOsEz53nVkQ1Jpwcnhuei5yZXNgFoyRUgQZJ1kwH1noDst0RJIiS90No-bcTseFQJbVzUkcT1eIIVjYg8T5euH86iM48E9UKKr74Ag_9oOsdgl-Y3p2J0NjkHy70l1LBvVCK8tDYkQhDd9FnpRde85okZHOb6qUE7kpP42K_gdPfKMfJWmOLZQYWAXdxOwmgsGbcmXJxc8qZVKTmkinOQIF55h7Qoz0M_ozC-4fMXRifqykat1WRp8q3vx_RvUJWODOo4McodvgaReKnvrxGRrUlVyOmkocVshyxvyFbHHRAmAR-kc-1MzF41-PwbtNsNvygooIWYiylRdN3Ya455CxlkpDrkOQ5b0a80FqKN4O-JTZKvrkMIFB9C0-IR7_MqmowlKWfG01uprXrp8N5c0dsx_D0a0M11EerYydlZRw98OYvWeJ7b1Zl6mwr8UqwgqbAgaMWQKmNDYJbTA6xr6vg8fqA0-9dF_vHiIQJdSbPsCSnWaiuwGL41UAIH2XOgoaBrMX-qkbDd3tFlR177gNXGloonzBtEf1uHfd6O5nhXkONeUFimE1vToJE_3tqWrfNcndUEMmzRTWCYY1RKxBWgpa3G1hp6udR2k6Ewa9OphD0Q2wNFNqjE9CxS2QqTGWZ0K1HSEJS5qpgBB6o4UuHFRdE1HexOzWORQJ1hLpVMfcsF---_cM0YEtAjZJUufwMLwV07YMXkdSTH-FVC8SzYpON3s0dK2j5SgniyPjX6JiLkxbJASGVLgWZCSbHrnr4PWFXe-2oyfGX-WWWZtaVpBDH2eeS5THtc88_tN9hX-91iIjkUyLEuPL2q3ACiK9StjfLWm3N2raLzb5L7FhHmDAeUlU7D6IVcVJ7kNh4TiQzMAdeoyvTXz5O1taRnGtr0bE8a_B6QrUxgUG2IvOa_0UxLB_OCt4uczO22XFQ53kTMQ68bgBQoKRglSaSG6wY8xDOYJR10sa437qCRGBmu7wpP0gYe4IQSUD1ldBonMjCVA3d04zOWU5CjCNb19Z0uptCyi5YXxXQjb0HJXjI0lShWD-nOXpnloM-f8oFMJMlvxjXEaj6eCCrP6qLI7rYNKzIV7W6kFeCZvwY5a5yKCcIesPrxvvHVS9Bo5GnUogXr_H_GC4MmwjMzLjTIiL6M26sQSj7mbt9WSHCNH0ToDG7Qo8fyM_deJOCrDZtnXo5dcUQ&cid=CAASJORo2ZqEcQrHIb_2X3zzxJYsbpYnqGKhYfbyDpBm-dgkw6v7AA&rfl=2%2Chttps%253A%252F%252Fshrinke.me%242%2Chttps%253A%252F%252Fshrinke.me%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 30 Mar 2022 12:23:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync.html
acdn.adnxs.com/dmp/ Frame 29EE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24530
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:02 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 70359
X-Served-By
cache-lga21963-LGA, cache-yul12832-YUL
X-Timer
S1648642983.630598,VS0,VE0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0DFE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=96224
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:02 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Thu, 31 Mar 2022 15:06:46 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 16E2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24530
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:02 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 70360
X-Served-By
cache-lga21963-LGA, cache-yul12832-YUL
X-Timer
S1648642983.644137,VS0,VE0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 39BC 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=96224
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:02 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Thu, 31 Mar 2022 15:06:46 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame 26D0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
128840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Mar 2023 00:35:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F275 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
72120
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Mar 2022 16:21:02 GMT
etag
48472445140208031
expires
Wed, 30 Mar 2022 16:21:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mraid.js
googleads.g.doubleclick.net/pagead/s/xfa/ Frame D36A 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/s/xfa/mraid.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 15:12:11 GMT
x-content-type-options
nosniff
server
cafe
age
76251
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 30 Mar 2022 15:12:11 GMT
new-tag.min.js
cdn.somplo.com/prod/test/251119/ Frame D36A 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0d85574c533947b60b67e6106be5e9e15c976f75d015f7896cc897b987a211ce

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:02 GMT
via
1.1 9463f100725b8b17da2d778617835760.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
content-length
34802
last-modified
Tue, 15 Mar 2022 18:33:12 GMT
server
nginx
etag
"47fbf6f9d13fa26aa7366fb251ac3bad"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-15T18:34:26+00:00, 2022-03-27T18:34:43+00:00
x-amz-cf-id
RR5B7ToAtLpchzpjkiqg5_ZFuBvDdnrdxfGMQol5STEkPdmm578x5Q==
expires
Sun, 03 Apr 2022 12:23:02 GMT
async_usersync
ib.adnxs.com/ Frame 29EE 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:02 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4c78a5ee-db84-4fb9-a6b1-e561de5c8d83
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0DFE 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62295009&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7d3983b40d23336b14d5557faa3990c20ead964bfe040fdbd54db59bf2a9333a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:01 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 16E2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:02 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
38c814c6-07c8-4028-8545-a4e5a6921e5d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame D8CA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99fb7ce12720d6e4a03ce10cce389a795c8016b229d6d118661ecd66696e254c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 64E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWINOaK5u39RPj2wWm5ebl0IroALFCTJS_s5nTwpCZCtmfzW0kU15qf3aYS030wmXPAmTf5wFPcMpgmYjZ7_YrVxgRBiVn6vY&sig=Cg0ArKJSzG1jq5R5hMaLEAE&id=lidar2&mcvt=1137&p=0,0,90,728&mtos=1137,1137,1137,1137,1137&tos=1137,0,0,0,0&v=20220328&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648642980225&rpt=1571&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame F275
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFJbeR19Pv2knJVe0KZ_mos&google_cver=1&google_push=AYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJbeR19Pv2knJVe0KZ_mos&google_cver=1&google_push=AYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0...
43 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJbeR19Pv2knJVe0KZ_mos&google_cver=1&google_push=AYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f40d0769a4c7157-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
197
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f40d074ba9e4bc5-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFJbeR19Pv2knJVe0KZ_mos&google_cver=1&google_push=AYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLyeyPlhbqLoNSuayzqx9Q_WFQ4UgFbarfWN2orl93uN05LJIg6grDdAIDGBjQfD0bD6o-QqXTM4EdiLHMP_AODMjGenX0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F275 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC05rX_1SdJzrBN9TLQXVuU&google_cver=1&google_push=AYg5qPLxMvkx7t314jLOEHOhQPlVnsbdOIwEu1Jy7YFPg1XQ1KENoeuH2ctrYGtnVAPd0YJEjvc5ZItfqCVu_P-pvZHl7PeA4OA
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame F275
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEMEfMFHCorVjbaxjvbCcLmo&google_cver=1&google_push=AYg5qPI0kbiv9JAwR2XYJJwamW5tEdblwOZF5G5YQatNpsz0-0Jpw6Vgj6MtCXmqPk-Rqk673NJcV_V65W52...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPI0kbiv9JAwR2XYJJwamW5tEdblwOZF5G5YQatNpsz0-0Jpw6Vgj6MtCXmqPk-Rqk673NJcV_V65W52eT4PW6cquctsiA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPI0kbiv9JAwR2XYJJwamW5tEdblwOZF5G5YQatNpsz0-0Jpw6Vgj6MtCXmqPk-Rqk673NJcV_V65W52eT4PW6cquctsiA
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPI0kbiv9JAwR2XYJJwamW5tEdblwOZF5G5YQatNpsz0-0Jpw6Vgj6MtCXmqPk-Rqk673NJcV_V65W52eT4PW6cquctsiA
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
192
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F275
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAz-rP8VjC8uaUCf1lE0GHg&google_cver=1&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAz-rP8VjC8uaUCf1lE0GHg&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g2-Z7XTABd21Eg&google_hm=SVhzZ2FwUkZHQXlJWlg4WW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g2-Z7XTABd21Eg&google_hm=SVhzZ2FwUkZHQXlJWlg4WWEwWmM=
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPIIjfz6OXYA_ceDISMoYZtTbfkZ00D-CWCEwN0yv-XGrwyJ1IznuBdY5J2Ifnu4DfLu7EkQZcVRwD32g2-Z7XTABd21Eg&google_hm=SVhzZ2FwUkZHQXlJWlg4WWEwWmM=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
234
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F275
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIE8k7s2SF8mqLKotgAWGNA&google_cver=1&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4e...
0
0
pixel
cm.g.doubleclick.net/ Frame F275
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECpyuiuW3MDdSXRtgNDTy-I&google_cver=1&google_push=AYg5qPLJHQKfEomGUXGNYCO-BrFCbraJ7imBGd3sApnBuUf6QReKd89dUj397hcWUVNZ9PNZDT8P9f2UOBKUkLfguU6w-1yAmQ
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&mn_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLJHQKfEomGUXGNYCO-BrFCbra...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&mn_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLJHQKfEomGUXGNYCO-BrFCbraJ7imBGd3sApnBuUf6QReKd89dUj397hcWUVNZ9PNZDT8P9f2UOBKUkLfguU6w-1yAmQ&gdpr=&gdpr_consent=
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&mn_hm=MjkxNjQ0NTgzMTQ1NTUxMDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLJHQKfEomGUXGNYCO-BrFCbraJ7imBGd3sApnBuUf6QReKd89dUj397hcWUVNZ9PNZDT8P9f2UOBKUkLfguU6w-1yAmQ&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Wed, 30 Mar 2022 12:23:03 GMT
pixel
cm.g.doubleclick.net/ Frame F275
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMhJBUedy-Ooh3B1bT2nVKA&google_cver=1&google_push=AYg5qPK3gnkT7kZenza09zsRILEYKZ59IVN3EL44H-dGCiTJFSVs3yTmSn4PxlVX0XOgAdO3B0lKvxeI85hKkCvKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDMwNmE2MjktMGQ5Ni00NmUyLWE1NzItNDMyMmMxOGQ5OTFl&google_push=AYg5qPK3gnkT7kZenza09zsRILEYKZ59IVN3EL44H-dGCiTJFSVs3yTmSn4PxlVX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDMwNmE2MjktMGQ5Ni00NmUyLWE1NzItNDMyMmMxOGQ5OTFl&google_push=AYg5qPK3gnkT7kZenza09zsRILEYKZ59IVN3EL44H-dGCiTJFSVs3yTmSn4PxlVX0XOgAdO3B0lKvxeI85hKkCvKkCZlXmhPKNZH
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZDMwNmE2MjktMGQ5Ni00NmUyLWE1NzItNDMyMmMxOGQ5OTFl&google_push=AYg5qPK3gnkT7kZenza09zsRILEYKZ59IVN3EL44H-dGCiTJFSVs3yTmSn4PxlVX0XOgAdO3B0lKvxeI85hKkCvKkCZlXmhPKNZH
date
Wed, 30 Mar 2022 12:23:03 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F275 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITYkg6ZJyizJ0tm3lEg93O9gOgdt2JP9FCsR3SR9Lwjc0c4x5tEXaL0nkfqCGoLqEARNmF5g
Requested by
Host: 71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
URL: https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
match
c1.adform.net/serving/cookie/ Frame B6F5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=647E2670-BF81-4393-9BFF-FE4D71412F90
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 90F7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkRLpgAEsiXZUAA-&gdpr=0&gdpr_consent=
1 B
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkRLpgAEsiXZUAA-&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug007:0:453

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 30 Mar 2022 12:23:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YkRLpgAEsiXZUAA-&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12830-YUL
x-timer
S1648642983.145397,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 57A7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug016:0:578

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 30 Mar 2022 12:23:03 GMT
Expires
Wed, 30 Mar 2022 12:23:02 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4320 2f2dfe5 master zrh-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F51D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCanNVN0VpSmNBQURIYm1OMEk4QQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABjsU7EiJcAADHbmN0I8A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABjsU7EiJcAADHbmN0I8A&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABjsU7EiJcAADHbmN0I8A&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABjsU7EiJcAADHbmN0I8A
42 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABjsU7EiJcAADHbmN0I8A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 10:49:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug007:0:3473

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 30 Mar 2022 12:23:03 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABjsU7EiJcAADHbmN0I8A
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3258
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=254de68e-b024-11ec-bbca-3d3cd1174a24
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=254de68e-b024-11ec-bbca-3d3cd1174a24
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug003:0:615

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 30 Mar 2022 12:23:03 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=254de68e-b024-11ec-bbca-3d3cd1174a24
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-9
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 3376
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 05:51:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug026:0:439

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 12:23:02 GMT
expires
Wed, 30 Mar 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1971990
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 01CA 		0
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length
0
content-type
image/gif
date
Wed, 30 Mar 2022 12:23:02 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 6D85
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=659618076813
42 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=659618076813
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 10:39:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug029:0:302

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=659618076813
i.match
s.tribalfusion.com/z/ Frame 50DB
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6f40d0755b344bc5-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6f40d074ba9c4bc5-YUL
content-type
text/html
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
97
Pug
simage2.pubmatic.com/AdServer/ Frame E876
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ae5hhDkq1NzxlR5&gdpr=0&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ae5hhDkq1NzxlR5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 06:33:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug024:0:431

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Mar 2022 12:23:02 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ae5hhDkq1NzxlR5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0506aa39cb7e45a89@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5DA3
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7019293821359926568P
42 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7019293821359926568P
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug012:0:524

Redirect headers

Cache-Control
max-age=9997
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7019293821359926568P
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame 8D0D
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=db260b88-6210-4169-9720-e61665ce5cb5
1 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=db260b88-6210-4169-9720-e61665ce5cb5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 10:49:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug018:0:555

Redirect headers

content-length
0
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=db260b88-6210-4169-9720-e61665ce5cb5
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1A14
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=A21DF2CDF4B34C7C8E43AAE9B595FC54
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=CFFE420CC0514E92A5FD115137623FE3
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a82006e7-ec88-46b8-b0b8-c2ef3527abca
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a82006e7-ec88-46b8-b0b8-c2ef3527abca
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug015:0:814

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 30 Mar 2022 12:23:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a82006e7-ec88-46b8-b0b8-c2ef3527abca
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 94E6
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=64d0b1ae-ca68-45af-a756-71ed697dbece
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=64d0b1ae-ca68-45af-a756-71ed697dbece
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 06:34:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug028:0:644

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Mar 2022 12:23:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=64d0b1ae-ca68-45af-a756-71ed697dbece
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 1BB5
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=7d691154-004e-4252-9e0a-d9d99806fd73&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=647E2670-BF81-4393-9BFF-FE4D71412F90
42 B
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.71.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-71-171.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length
42
content-type
image/gif
date
Wed, 30 Mar 2022 12:23:03 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 30 Mar 2022 07:21:14 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=647E2670-BF81-4393-9BFF-FE4D71412F90
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug025:0:427
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZH4mcL-BQ5Ob__5NcUEvkA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48820
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 31 Mar 2022 01:56:43 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 0DFE
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=647E2670-BF81-4393-9BFF-FE4D71412F90
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY0N0UyNjcwLUJGODEtNDM5My05QkZGLUZFNEQ3MTQxMkY5MBAAGg0Ip5eRkgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=086cd4229cadc1fb98f865b2246e67e9e70e8f230d6686e1a8006f1e5eb9e9f6791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwODZjZDQyMjljYWRjMWZiOThmODY1YjIyNDZlNjdlOWU3MGU4ZjIzMGQ2Njg2ZTFhODAwNmYxZTVlYjllOWY2NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwODZjZDQyMjljYWRjMWZiOThmODY1YjIyNDZlNjdlOWU3MGU4ZjIzMGQ2Njg2ZTFhODAwNmYxZTVlYjllOWY2NzkxNDI2YjU0MTdkY2UyMRAAGgwIp5eRkgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=cf686836-2d6b-4bf8-9fc5-fb66f03651ec
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=cf686836-2d6b-4bf8-9fc5-fb66f03651ec
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=cf686836-2d6b-4bf8-9fc5-fb66f03651ec
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 30 Mar 2022 12:23:03 GMT
Server
MT3 4320 2f2dfe5 master zrh-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Mar 2022 12:23:02 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQ3RTI2NzAtQkY4MS00MzkzLTlCRkYtRkU0RDcxNDEyRjkw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:49:19 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug012:0:325
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:25:55 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug010:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPDPyyegXU7j_5wciga8cvo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
42 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:49:37 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug008:0:578
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 30 Mar 2022 12:23:03 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 29 Mar 2022 12:23:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4460801092495011935&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4460801092495011935&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug015:0:1226
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4460801092495011935&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
42 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:32:32 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug021:0:568
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
647E2670-BF81-4393-9BFF-FE4D71412F90
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0DFE 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/647E2670-BF81-4393-9BFF-FE4D71412F90?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f3b:68bb:44b5:b695 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=647E2670-BF81-4393-9BFF-FE4D71412F90&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=647E2670-BF81-4393-9BFF-FE4D71412F90&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OuaV7odE2uWHP5IUbWxd4zujoubZJK4-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OuaV7odE2uWHP5IUbWxd4zujoubZJK4-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:58:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OuaV7odE2uWHP5IUbWxd4zujoubZJK4-~A&gdpr=0&gdpr_consent=
date
Wed, 30 Mar 2022 12:23:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2550dbcc-b024-11ec-ab6a-758556ee574a&gdpr=0&gdpr_consent=
1 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2550dbcc-b024-11ec-ab6a-758556ee574a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug018:0:550
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=2550dbcc-b024-11ec-ab6a-758556ee574a&gdpr=0&gdpr_consent=
Date
Wed, 30 Mar 2022 12:23:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
2550dbcd-b024-11ec-ab6a-758556ee574a
Pug
image2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1709217890454926719&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1709217890454926719&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:49:19 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug012:0:414
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
76bdad33-55dd-45ef-b81e-b2c16e2a32fe
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1709217890454926719&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=db570c61-a535-4c8c-81be-3c051b4d09b7-62444ba7-4341&gdpr=0&gdpr_consent=
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=db570c61-a535-4c8c-81be-3c051b4d09b7-62444ba7-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:49:33 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug011:0:617
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=db570c61-a535-4c8c-81be-3c051b4d09b7-62444ba7-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=22c7fe0d74a5121a&is_secure=true&networkId=17100&version=1&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblm2ylRjuANlcfL5AAAAAAA&expiration=1648729383&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&...
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblm2ylRjuANlcfL5AAAAAAA&expiration=1648729383&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug009:0:523
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGblm2ylRjuANlcfL5AAAAAAA&expiration=1648729383&nuid=647E2670-BF81-4393-9BFF-FE4D71412F90&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=fb4a059bc9ca4adda6fd8d27518e29df&ssp=pubmatic&bsw_param=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug002:0:544
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 30 Mar 2022 12:23:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz
42 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:57:57 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug005:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668821410471988469
42 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668821410471988469
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:3265
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4668821410471988469
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame 0DFE
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_ED8B39E5_108963CB&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
204.2.255.233 Newark, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-331629784; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-331629784; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug016:0:579
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0DFE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1709217890454926719
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1709217890454926719
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug004:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
74af8a7a-006f-4b79-b5e5-a3686c04ec84
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tag.js
adserve.somplo.com/tag/js/771528730/ Frame D36A 		113 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserve.somplo.com/tag/js/771528730/tag.js?cd=3157444968
Requested by
Host: cdn.somplo.com
URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
344c796739dcd2426dfe76ed610d76d4f577a7b4d0c9067c49f5683cb500f071

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
td2-up-gc11
date
Wed, 30 Mar 2022 12:23:03 GMT
content-encoding
gzip
server
nginx
x-cached-since
2022-03-30T11:37:32+00:00
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Wed, 30 Mar 2022 12:33:03 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://shrinke.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Mar 2022 12:23:02 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1518
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		102 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=https://shrinke.me/4lpHNx&u=https://shrinke.me/4lpHNx&v=6.14.0&vg=vlipb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe50ff32c53a2874ead6bd9f27057816dabc408947934357371f4fce50baa1f0

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VkvyUiNvl%2BA2KHGsR9jkpqWyDyrsusAPQxs%2BNr4P1pQEQaxKjCxCe4Nzai86I1qEgP5Te3G6Mv6Z64o%2FaN4cJgj63AD7k92TdH7NXFlZlzE6k3rP2f7exivMg2U2DANonAHHKQ8bHnZnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
6f40d075abf67139-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fshrinke.me%2F&domain=shrinke.me&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=dN4FaXxKc1h3cFVYMXYvZ3FSSWRvdXYvVGVuVkhJMVVSTjdmY3kzS1VCRWp2UGtaNVBiTGRRUHZFb0dpVEJIUUgrbmFOYlh1ZUo2Y25iOW56NTR4d25kNWN2VXlnRXRtQVE0eUNCeTFFNG1ZUDlFcDJlV1VUSnl1c1R4Tj...
408 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dN4FaXxKc1h3cFVYMXYvZ3FSSWRvdXYvVGVuVkhJMVVSTjdmY3kzS1VCRWp2UGtaNVBiTGRRUHZFb0dpVEJIUUgrbmFOYlh1ZUo2Y25iOW56NTR4d25kNWN2VXlnRXRtQVE0eUNCeTFFNG1ZUDlFcDJlV1VUSnl1c1R4TjZjbmwxQ25nc2szRHdYS21CaVo1bkVjdGwrWlFDYU1jMmJmUWk5Vzg5WnQvQ3Q5UEZySzEzem9wWHBac0EvaCtyVSsrUno5WHJaQmhUUGlJTXg5WjlDaEhqUmJoUXpwMGhSOFp2bVlWOGlXMjFQUkt3dzNMbTJHVWNMRTlhMjM0cXlTdnY0WWdLUERVY0JWeG9NMllOR0U2VEs4OVQ2Zz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
d51c647e7e0c51a44bb40880e7dacd96c1d2a82e8e94c34c1fdfa3266a5c8a9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3561
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:02 GMT
location
https://mug.criteo.com/sid?cpp=dN4FaXxKc1h3cFVYMXYvZ3FSSWRvdXYvVGVuVkhJMVVSTjdmY3kzS1VCRWp2UGtaNVBiTGRRUHZFb0dpVEJIUUgrbmFOYlh1ZUo2Y25iOW56NTR4d25kNWN2VXlnRXRtQVE0eUNCeTFFNG1ZUDlFcDJlV1VUSnl1c1R4TjZjbmwxQ25nc2szRHdYS21CaVo1bkVjdGwrWlFDYU1jMmJmUWk5Vzg5WnQvQ3Q5UEZySzEzem9wWHBac0EvaCtyVSsrUno5WHJaQmhUUGlJTXg5WjlDaEhqUmJoUXpwMGhSOFp2bVlWOGlXMjFQUkt3dzNMbTJHVWNMRTlhMjM0cXlTdnY0WWdLUERVY0JWeG9NMllOR0U2VEs4OVQ2Zz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2008
content-length
541
expires
0
696.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p37.id5-sync.com
Software
/
Resource Hash
5236118325eded43426e4435b034cdd0e66e2fe4cd71c6aa372843121169973b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Mar 2022 12:23:02 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://shrinke.me
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
quantumdex
sync.quantumdex.io/usersync/ Frame 95D7 		3 KB
831 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1c3101226cb29a2e6dfad91819319e2fbef01da1281dcf7be7803daa961b26

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f40d075db4b7151-YUL
content-encoding
gzip
content-type
text/html
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
quantumdex
sync.quantumdex.io/usersync/ Frame 1BE0 		3 KB
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94552076b727c245dcc751c0c87613dc8ca8c65653b73214d519ba4936477399

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f40d075db467151-YUL
content-encoding
gzip
content-type
text/html
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame E616 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24530
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:03 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 70365
X-Served-By
cache-lga21963-LGA, cache-yul12832-YUL
X-Timer
S1648642983.298959,VS0,VE0
/
csync.smilewanted.com/ Frame 7467 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145fc61993b2b5df29d62b5788c4459d1a85342d9048919ea74ba12f26fd000e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d075bec319e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A955 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1648642979984
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D951 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48820
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame BC8A 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d5afeb530119a46b8e3b94c1a61de84e96e0691b466fe9f8e2d051999231ae
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11367
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
Fri, 01 Apr 2022 12:23:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
/
csync.smilewanted.com/ Frame 7C26 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145fc61993b2b5df29d62b5788c4459d1a85342d9048919ea74ba12f26fd000e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d075bec219e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 77C8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
age
4942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
6f40d0761fb0ca67-YUL
content-encoding
br
content-type
text/html
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HILEhCc3QkOrGU7%2B2v8T5I0%2FOS6kaPBN8oYua7hJovVW4uKzLBNSXhcui8dhz9Zg%2BlzyFs%2BszkbDE2r7RqFjIIiVYuv4KpLvGCcLe%2B07Ob7%2BlmYjwM3GCzJWt4YMM1k2ZUrOcFRFX%2FZ%2FfJejZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1AB2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24530
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:03 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 70236
X-Served-By
cache-lga21963-LGA, cache-yul12820-YUL
X-Timer
S1648642983.304622,VS0,VE0
/
onetag-sys.com/usync/ Frame 8767 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1648642980260
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame C966 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1648642979987
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5004 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48820
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
quantumdex
sync.quantumdex.io/usersync/ Frame 9394 		3 KB
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9282456b5c1f6f5eb22a1b86e425d2ea5481ee0b2365597e49afc877ad7ee7d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f40d075db4a7151-YUL
content-encoding
gzip
content-type
text/html
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
checksync.php
contextual.media.net/ Frame 7F8E 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d5afeb530119a46b8e3b94c1a61de84e96e0691b466fe9f8e2d051999231ae
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11367
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
Fri, 01 Apr 2022 12:23:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
cdn.aralego.net/ucfad/cookie/ Frame A494 		2 KB
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
age
4942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
6f40d0761fb1ca67-YUL
content-encoding
br
content-type
text/html
date
Wed, 30 Mar 2022 12:23:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRwgVR3X%2FoO5184mRChZDarM8JO2RyYvsIhu0X15eQ1GKzdYDmOetdsSgatF0VTQ4cVjNjgJySBS6HMiQGAeoGI3EqSUCYQe7RXdG8u7CcYVVjhaAD8%2BzN%2FPB6pzK%2BN7Pa2xIsBVUjPw%2FWsxzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame EB8B 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03d5afeb530119a46b8e3b94c1a61de84e96e0691b466fe9f8e2d051999231ae
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11367
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
Fri, 01 Apr 2022 12:23:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0701 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
24530
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:03 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 26 Mar 2022 16:06:07 GMT
Fastly-Original-Body-Size
17053
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 70237
X-Served-By
cache-lga21963-LGA, cache-yul12820-YUL
X-Timer
S1648642983.335377,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A4F1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.14.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48820
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L1DJGPPP-L-EKUO&gdpr=0&us_privacy=1---
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L1DJGPPP-L-EKUO&gdpr=0&us_privacy=1---
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L1DJGPPP-L-EKUO&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Expires
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=cb2ae4c7-d9df-47c6-98fb-6f374336e3fa
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
date
Wed, 30 Mar 2022 12:23:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=3b67e1ec-d7a4-487f-ad63-04aa2bc4361b
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A&gdpr=0&gdpr_consent=
date
Wed, 30 Mar 2022 12:23:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F481%3FA%3D3b67e1ec-d7a4-487f-ad63-04aa2bc4361b%26bidder%3Dappnexus%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---...
  • https://prebid.a-mo.net/cchain/1/481?A=3b67e1ec-d7a4-487f-ad63-04aa2bc4361b&bidder=appnexus&cbx=&gdpr=0&gdpr_consent=&us_privacy=1---&uid=1709217890454926719
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F481%3FA%3D3b67e1ec-d7a4-487f-ad63-04aa2bc4361b%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F481%3FA%3D3b67e1ec-d7a4-487f-ad63-04aa2bc4361b%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.92.190.68 Charlotte, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Mar 2022 12:23:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F481%3FA%3D3b67e1ec-d7a4-487f-ad63-04aa2bc4361b%26bidder%3Dsovrn%26cbx%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID
date
Wed, 30 Mar 2022 12:23:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
um
u-iad04.e-planning.net/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dbc58cd0af3e05b8a%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=bc58cd0af3e05b8a&uid=2c420fd2-abd3-4224-9303-8a017d8258fb
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=bc58cd0af3e05b8a&uid=2c420fd2-abd3-4224-9303-8a017d8258fb
Protocol
H2
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-13
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=bc58cd0af3e05b8a&uid=2c420fd2-abd3-4224-9303-8a017d8258fb
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BC0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSXzxfLOpB0s6xyP538LXWPnIThFKAlF53vAJ2PaGxe66DO7lHMVomzDONpgFf85H7cXLHRZjyxEsUWcthdKBK3zt8MO9P8TOI5ndG_QRSPyPmeWs&sai=AMfl-YRQDZc9jXxo1WUYGVyCyISBb2QP5q3Mo2lvHvJ3jfVj89YboxYOyBDUnak6JaKXOmf6ts0a7q3Z2KnurDy5rEQiD8kzlzs2ksznyCggGxlFO866deSvc1K83WA&sig=Cg0ArKJSzNTiFv12BfpbEAE&cid=CAASJORoC64weYhdgJJsQfBoZ0Mjt2-HDaNataOxJPCdZHxBMz-taA&id=lidar2&mcvt=1187&p=912,641,963.0625,733&mtos=0,1187,1187,1187,1187&tos=0,1187,0,0,0&v=20220328&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=9&adk=3180898069&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648642981388&rpt=779&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 3344 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?t2QRBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
vevent
nym1-ib.adnxs.com/ Frame 64E3 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshrinke.me%2F4lpHNx&e=wqT_3QK8CvBMPAUAAAMA1gAFAQijl5GSBhD8mLu4nrKKkhIY_-q7otmTl9wXKjYJ6wCIu3oVvT8RXJrPd78juD8ZAAAAwMzM7D8hXJrPd78juD8p6wAJJNgxAAAA4FG4nj8wiMKPCTiDWUC8CUhlUPK5qKMBWPfiiAFgAGjNjKABeKepBYABAYoBA1VTRJIBAQbwW5gB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAoHiVuoCGWh0dHBzOi8vc2hyaW5rZS5tZS80bHBITniAAwCIAwGQAwCYAxegAwGqA58GCugFES_0SQRhZHguZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2Fkdmlldz9haT1DUWtGcm8wdEVZdk9WTklQNnp3WFV0b0FJdGRTRW8ybTN2X3pQMFFfNExoQUJJT2FYMWlWZ2ZhQUI3NTdnbGdQSUFRbXBBZ0d0ZC1oVzVLby1xQU1CeUFPYkJLb0UxQUZQME50T0FqRmJHMldMeFdTLXhrOThoTmFpZTcxQzhRVDQxWjZWajRDQkloN3loaWtqbVB0dnNFN0JOSjVNdERySTcyNlJNdzZ4QWYyYWNLX2F1QkVHUGtTZXFGWXhKVHN4SXZYbEp3OWxMVGxzbzNyTnM2a2xPNWswVnhTeFdRMlJlNGVaNFJZNGRJWjNRcHI0Z0tXZkVNdC1GWlZta2p4akVRdzI1NlVhOVo1Q0dxclRFOFlUMHhkTkU1em5NV05PamRraGhrUFdTY3FKLWNBZllRNlZrWVdTN1NQLU9hbHRrTW5nMDBOLVlkV2Y2ejlUOEtNMUVyRkRuWGpkRXR1aGw3TGYzUW84Ylp0NWo3cFdUY0NMSGdOUnc4QUVfcGZNMlA0RDRBUURpQVg3cHV5ZlBKSUZCZ2dkRUFRWUFaSUZCZ2dkRUFFWUFaSUZCZ2dlRUFFWUFaQUdBYUFHVElBSC1lQ2ZhYWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0tFTW4zQmhpeXFfREJBZElJQndpQVlSQUJHQl95Q0E1aWFXUmtaWEl0TlRBNU9UYzNOWUFLQk1nTEFiQVRfcGZYRHNnVG12NlMzd1BRRXdEWUV3cUlGQUhZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD1tSGI0VHd4WWZaayZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTQk9Sb1JUTSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxMzA3MjE1NDk4NDY3Nzg5OTQ4IgkzNDI0OTg1NDYqBzExNzA0MzM6CTQwNjU5MDg5OMADrALIAwDYA57XugHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ5LjU2LjE1My4xODeoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAE8rmoowGIBQGYBQCgBYjjiL_17cfEY8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaME-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBv5J2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTYxNzI5MTM1MzG6Bw8IABAAGAAgADAAOLQEQADIB6epBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHxP8HiggCEAA.&s=a8a446017df130636c2d5b68f7aae9e4df57b935&type=pv&jm=1140|1141|1143|1003&px=0&py=0&bw=728&bh=90&sf=1&sid=2176753881688982605&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=19128584&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c2f513dd-1c20-4ab1-95bf-1d57a852f2c7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.vlitag.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swiper.min.css
cdn.somplo.com/prod/Swiper_Scripts/ Frame 7106 		17 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/prod/Swiper_Scripts/swiper.min.css
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dc9af8b2d9159d5bf217d24dd77eb50a978813885c306d785a826fd260b32c2b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc89, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:03 GMT
via
1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
content-length
17773
last-modified
Mon, 29 Nov 2021 11:53:50 GMT
server
nginx
etag
"98e9e6cb8824066472bc03be0bf518b8"
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=345600
cache
MISS, HIT
accept-ranges
bytes
x-cached-since
2022-03-30T01:10:29+00:00
x-amz-cf-id
VxmOfxOcl2AN1nRp07_CNau4KxjcjKb0Khba-_X9tTj1Vm4bZqmVRw==
expires
Sun, 03 Apr 2022 12:23:03 GMT
swiper.min.js
cdn.somplo.com/prod/Swiper_Scripts/ Frame 7106 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/prod/Swiper_Scripts/swiper.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8ea4ea3e5514608153c01ec00cc8a9daf4b5cd944ec6d3096fb97a1b3b57487b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:03 GMT
via
1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
x-amz-request-id
K9TMMZC4HYNQMYS3
x-cache
Miss from cloudfront
content-length
96436
x-amz-id-2
3Ez+sKF/Y+v1set+DRkxxOFpLU5Hz4SaMGGop8kRztLGogJBN9wrHwlDabTssqAfVWHDgWzMl6w=
last-modified
Mon, 29 Nov 2021 11:53:50 GMT
server
nginx
etag
"287fddcfd4fafa535460d88594a6bffb"
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
x-cached-since
2022-03-23T13:45:59+00:00, 2022-03-27T19:48:42+00:00
x-amz-cf-id
HouFrIryecgvJMxuhgGXA26kbjIbzVFDs-NkVAU9JUOl4hSf3o4XFA==
expires
Sun, 03 Apr 2022 12:23:03 GMT
jquery-3.4.1.js
cdn.somplo.com/prod/JQuery-2.1.1/ Frame 7106 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/prod/JQuery-2.1.1/jquery-3.4.1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc87, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:03 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
88147
aaa
odessa
last-modified
Mon, 29 Nov 2021 11:53:50 GMT
server
nginx
etag
"a6b6350ee94a3ea74595c065cbf58af0"
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-04T19:29:56+00:00, 2022-03-28T22:03:49+00:00
x-amz-cf-id
GoMCaw1fQACphm4qXHA4Gk9s85OvuIXj76CyfgvdXzOO4tu2Uk6_Sw==
expires
Sun, 03 Apr 2022 12:23:03 GMT
1_macan-semibold.d147812_1640711150.otf
cdn.somplo.com/assets/130/ Frame 7106 		99 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/assets/130/1_macan-semibold.d147812_1640711150.otf
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
11f3e1afe7023102ed0b88b3c78bb69884783d7b0ae203cf04d888141acbb390

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
101616
last-modified
Tue, 22 Feb 2022 07:45:40 GMT
server
nginx
etag
"9a83dae8535567cb6e757af6a62269bc"
vary
Origin
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
cache
MISS, MISS
accept-ranges
bytes
x-amz-cf-id
XFZp64pn_x2_a_XIXBQ_C9HJu0E8-ngN9UZeEIDX6OT_o-RDHWvbXA==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1037676_somplo_22_1545928755.png
cdn.somplo.com/assets/1/ Frame 7106 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/1/1037676_somplo_22_1545928755.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
617678b45724683243adc9608e3d5eb2629c7e6c5482c0569eb359d1e2c00c02

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
35860
last-modified
Thu, 11 Nov 2021 15:58:41 GMT
server
nginx
etag
"1a9a60c16144999f0d44039d957f58a7"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-19T02:10:29+00:00, 2022-03-27T22:07:49+00:00
x-amz-cf-id
DHKIarN8SKefZ1Mbb_UMnmvw7A4hcatdRx0bA4GsWGqE9BJ7V9Rsuw==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_BG-min_1647956703.png
cdn.somplo.com/assets/130/ Frame 7106 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_BG-min_1647956703.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
03e66aca1f57af6b92823dbe7cc2c00466aa77d1c77a5d8b1e48da9d73236263

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc88, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 b75b06741e5146585057681bd60737b2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
1484
last-modified
Tue, 22 Mar 2022 13:44:57 GMT
server
nginx
etag
"e46c951953e20b140b7bcbb8ae4202bb"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:38+00:00
x-amz-cf-id
hUZdNu4OZ1JLDLyAKFpDqDmS6vvUpaxfq2rJqYShHcC7KpINcmc-eQ==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG1-min_1647956850.png
cdn.somplo.com/assets/130/ Frame 7106 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG1-min_1647956850.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d2a81385147ba72dd3f4cdec306c79528a2ba48c60b0ff12d5528a4692163e20

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 d8eda9c0624a1440c2abb8a202a3d3ba.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-cache
Miss from cloudfront
content-length
50672
last-modified
Tue, 22 Mar 2022 13:47:25 GMT
server
nginx
etag
"ff80b0bf54891f2adfb9a16186bcc042"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:48+00:00
x-amz-cf-id
vC5QpyfW8EzueX9vCIWVd_tpwr6HmM8Or4aI10iXI1sbDmX4o6l5hQ==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_TXT1-min_1647956873.png
cdn.somplo.com/assets/130/ Frame 7106 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_TXT1-min_1647956873.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bb61b67637c2099f9b27db2e73e6508e280b7f03bbb0175ef7b69fc320f6fb98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc88, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
5292
last-modified
Tue, 22 Mar 2022 13:47:48 GMT
server
nginx
etag
"8f4898eb6d5aa8e27be00acadcbbf945"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:35+00:00
x-amz-cf-id
wkDNCiOZIpfHos_H1pcPuQTLN9fDJfDEfPY3HpLZ6oNbYvvOaf-1sQ==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG1_1-min_1647956907.png
cdn.somplo.com/assets/130/ Frame 7106 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG1_1-min_1647956907.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3d5df0add09a4c5acb42b804caf297dc5b99dd255c3d43e75b81436ed6e1c6fa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc88, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
2631
last-modified
Tue, 22 Mar 2022 13:48:22 GMT
server
nginx
etag
"a16c3be45a38ac912b0275401829886e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-28T18:04:11+00:00
x-amz-cf-id
7yt17NkQrIoN_CW5PLtdgaqIQe8LwxizUlEtoCphU_jGsMWm7GBO9w==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_BG-min_1647956726.png
cdn.somplo.com/assets/130/ Frame 7106 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_BG-min_1647956726.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
03e66aca1f57af6b92823dbe7cc2c00466aa77d1c77a5d8b1e48da9d73236263

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 161da0b4a35876d11292625c13ca0f50.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-cache
Miss from cloudfront
content-length
1484
last-modified
Tue, 22 Mar 2022 13:45:21 GMT
server
nginx
etag
"e46c951953e20b140b7bcbb8ae4202bb"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:06+00:00
x-amz-cf-id
WfDtuVuUjAcx0XVaEQgRfxvqXeopSV4KxZnDHhdSfJt1UgArVj0N3g==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_TXT2-min_1647956938.png
cdn.somplo.com/assets/130/ Frame 7106 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_TXT2-min_1647956938.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f0267f1cc60e7ea24ef3b75c9f447520422b63b2700f7442663d017afbcbcac0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 092181c1408243a2d64abd4021876cf0.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-cache
Miss from cloudfront
content-length
4528
last-modified
Tue, 22 Mar 2022 13:48:53 GMT
server
nginx
etag
"90ed5558bb387f2d12e468798734eac7"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:39+00:00
x-amz-cf-id
eE0CzYef6erfiKZec3iY_Vxlm5FEBAYoz-eUE5ZCxfQ5nm9tKHiySQ==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG2-min_1647956963.png
cdn.somplo.com/assets/130/ Frame 7106 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG2-min_1647956963.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e32fee93e3513b1228c7d43a92469a1765d299ab279d4a60b527e607e177734b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc88, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfec.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
51755
last-modified
Tue, 22 Mar 2022 13:49:17 GMT
server
nginx
etag
"c15fca0074b7a216cafbe5da4f696160"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:47+00:00
x-amz-cf-id
UJAX8krZksPuxgwY0TRzYj-t3AG1fHcPQTmWISDEHzZ4qrR_xXU5tg==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG1_2-min_1647956973.png
cdn.somplo.com/assets/130/ Frame 7106 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG1_2-min_1647956973.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
930ee978ee006a184d81a585f44f728e478779b168a96ce4c1f16920bc24aa35

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc89, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-length
4601
last-modified
Tue, 22 Mar 2022 13:49:27 GMT
server
nginx
etag
"0dd27fa907b83457a071a11fa469ce7c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:06+00:00
x-amz-cf-id
dm3iBaNBP_2nTGSQNxETqIIfNk7B2LA3dS9SAt5FYQcyFJk4hmB_zw==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG1_3-min_1647957049.png
cdn.somplo.com/assets/130/ Frame 7106 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG1_3-min_1647957049.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
49e4e2e518084a312e9fd77bb0b06840bbec3f6256f05b74a787a296f65d87ed

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc88, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-length
15753
last-modified
Tue, 22 Mar 2022 13:50:44 GMT
server
nginx
etag
"cf0e5507e6a0b43c4b44a394f03541ae"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:35+00:00
x-amz-cf-id
NToblaD5At4-uUENcffAvOqLFIzf_H81kNs51TZC4WLzcmz7hauafA==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG1_3right-min_1647957067.png
cdn.somplo.com/assets/130/ Frame 7106 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG1_3right-min_1647957067.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2e2a121074df0e8f74e31f108a44c91c0f87b8ee89b1afa506863bc1cbb1a236

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc89, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-length
17918
last-modified
Tue, 22 Mar 2022 13:51:02 GMT
server
nginx
etag
"88c6ba8b79cfcf5b2b167bdbfa19734c"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:06+00:00
x-amz-cf-id
SKOpwdk2-_k0J2ht_A6BfroXskxbE9tsV4zMIAFUWqn5inTuAa2z_g==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG3-min_1647957084.png
cdn.somplo.com/assets/130/ Frame 7106 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG3-min_1647957084.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7beb3d4b288a72273293bd84328144c3c7b46ff8d7b9d2a28bf122528928a193

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc88, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-length
40715
last-modified
Tue, 22 Mar 2022 13:51:18 GMT
server
nginx
etag
"3a6c551b19d38ecb1bf31b8bf5f39ba1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:06+00:00
x-amz-cf-id
GpK4BWK8rUhwyilzO2cic64IYhikJEXVaufsCOEnNBEvbzEQkL7wZA==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_BG-min_1647956757.png
cdn.somplo.com/assets/130/ Frame 7106 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_BG-min_1647956757.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
03e66aca1f57af6b92823dbe7cc2c00466aa77d1c77a5d8b1e48da9d73236263

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc89, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-length
1484
last-modified
Tue, 22 Mar 2022 13:45:52 GMT
server
nginx
etag
"e46c951953e20b140b7bcbb8ae4202bb"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:40+00:00
x-amz-cf-id
KzpHmEFeiVChPhxRHEUELbhyCFVbSQArFO1Ya_FEAozJI2UyKoVxGw==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_TXT3-min_1647957139.png
cdn.somplo.com/assets/130/ Frame 7106 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_TXT3-min_1647957139.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9b57c75f4153bf780615f6c13de14ee77ef86b3bc02c0703bbc269df4c333775

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 54a27c79959049456f9f990ce9651fa2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-cache
Miss from cloudfront
content-length
4527
last-modified
Tue, 22 Mar 2022 13:52:13 GMT
server
nginx
etag
"189b56b4b134951682c913eb440daac7"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:35+00:00
x-amz-cf-id
2CQle4DRE5eUtz6-6-m3ekZtQlKqgcBZUyMsRpkV19vd6szE77bjsw==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_IMG4-min_1647957201.png
cdn.somplo.com/assets/130/ Frame 7106 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_IMG4-min_1647957201.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
47d0d8076a90b14ab4c6a82327a13eee300c91f079ce301f25b71414209b3397

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc89, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-length
1724
last-modified
Tue, 22 Mar 2022 13:53:15 GMT
server
nginx
etag
"3d2daeef5e315d7725cb7bfa648c4285"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-27T16:53:07+00:00
x-amz-cf-id
GFzm17u5e_w3-PC_HhdQFSVX0DSrsOaoiV2WHv_WC57oLn2MZLYdLw==
expires
Sun, 03 Apr 2022 12:23:04 GMT
1_300x250_TXT4-min_1647957208.png
cdn.somplo.com/assets/130/ Frame 7106 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.somplo.com/assets/130/1_300x250_TXT4-min_1647957208.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3f3e281a9d9a419fbeb4dc6ccf11cf81f7f3c58733b3f7df48e94b2903b1ceb3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 161da0b4a35876d11292625c13ca0f50.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-cache
Miss from cloudfront
content-length
3203
last-modified
Tue, 22 Mar 2022 13:53:22 GMT
server
nginx
etag
"4a3697c847b82b872608b0b74053dcca"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=345600
cache
HIT, HIT
accept-ranges
bytes
x-cached-since
2022-03-27T08:38:10+00:00, 2022-03-29T02:20:45+00:00
x-amz-cf-id
WxxaFzJmjRcSZgybliCTZ3yn1d_qaaS7SZNSiuPrPKP8Yc5aWd2GGQ==
expires
Sun, 03 Apr 2022 12:23:04 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dN4FaXxKc1h3cFVYMXYvZ3FSSWRvdXYvVGVuVkhJMVVSTjdmY3kzS1VCRWp2UGtaNVBiTGRRUHZFb0dpVEJIUUgrbmFOYlh1ZUo2Y25iOW56NTR4d25kNWN2VXlnRXRtQVE0eUNCeTFFNG1ZUDlFcDJlV1VUSnl1c1R4TjZjbmwxQ25nc2szRHdYS21CaVo1bkVjdGwrWlFDYU1jMmJmUWk5Vzg5WnQvQ3Q5UEZySzEzem9wWHBac0EvaCtyVSsrUno5WHJaQmhUUGlJTXg5WjlDaEhqUmJoUXpwMGhSOFp2bVlWOGlXMjFQUkt3dzNMbTJHVWNMRTlhMjM0cXlTdnY0WWdLUERVY0JWeG9NMllOR0U2VEs4OVQ2Zz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Mar 2022 12:23:03 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1126
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 2311 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CA9zRw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel.png
pixel.somplo.com/ Frame D36A 		119 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.somplo.com/pixel.png?e=0&tag_id=771528730&val=&order=5&tech=3&pix_cb=6152170509941
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
last-modified
Sun, 01 Jan 2017 13:05:22 GMT
server
nginx
etag
"f359db62f64d21:0"
content-type
image/png
cache-control
max-age=0
cache
MISS
accept-ranges
bytes
content-length
119
expires
Wed, 30 Mar 2022 12:23:04 GMT
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07b6af27151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5e3f54a9-eeea-46f7-9abf-397c3fc06a32
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07afa4a7151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
date
Wed, 30 Mar 2022 12:23:03 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07d6d3a7151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 30 Mar 2022 12:23:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c5c1e7151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Date
Wed, 30 Mar 2022 12:23:03 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=0f411552-cefc-2b92-8009-fe3e305493e9
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=0f411552-cefc-2b92-8009-fe3e305493e9
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07d5d307151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=0f411552-cefc-2b92-8009-fe3e305493e9
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07beb947151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
date
Wed, 30 Mar 2022 12:23:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 1BE0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:4a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
K8sjmmFiH0uCrqx2mtCSm0sJUGbbtzQdsfImifCUhH52fiwRDbERQw==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 1BE0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07beb917151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07cac777151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07b6af17151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ecda7f55-bcc1-4df2-93e3-f62760117a66
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c0bc37151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
date
Wed, 30 Mar 2022 12:23:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07d7d557151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 30 Mar 2022 12:23:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c5c217151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Date
Wed, 30 Mar 2022 12:23:03 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=9bc802c3-41d8-147f-3a77-38f511b69757
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=9bc802c3-41d8-147f-3a77-38f511b69757
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07d5d337151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=9bc802c3-41d8-147f-3a77-38f511b69757
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 9394
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c0bc57151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
date
Wed, 30 Mar 2022 12:23:04 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 9394 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:4a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
ORdOEVkdEOlBjTPE3BcnqHxbwf-y8JWojt6UFrUQa0AcPc3GVWueXg==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=565702ff-0dd2-abb5-0aec-87c71cde3ce8
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=565702ff-0dd2-abb5-0aec-87c71cde3ce8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07cac787151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=565702ff-0dd2-abb5-0aec-87c71cde3ce8
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07b6af07151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-uV9_7PxE2uEPVBa9SP3UNSwpkiTEWOWvsOlTxP8-~A
date
Wed, 30 Mar 2022 12:23:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
s.ad.smaato.net/c/ Frame 95D7 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:4a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
YUL62-C2
x-amz-cf-id
rfakmqG87kwYUE2PQcSsvvfcC04_fqbkLnF-Sgm6OAVXwhW_r2O2Ew==
x-cache
FunctionGeneratedResponse from cloudfront
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c5c1b7151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9b1a8518-0278-5359-91f6-4224f3b20983
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c5c1c7151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9660267-e8f9-49fb-b0df-3a5fc646fd8a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07c5c147151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d306a629-0d96-46e2-a572-4322c18d991e
date
Wed, 30 Mar 2022 12:23:04 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07d7d567151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 30 Mar 2022 12:23:04 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=8dfcb9d28e05f6f8bb51f33d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 95D7
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07cdcab7151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOSrEDN8qS-udX1ktiAYyFnVPtXVLpEhgPMlvf9g
Date
Wed, 30 Mar 2022 12:23:03 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
async_usersync
ib.adnxs.com/ Frame E616 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ee88239a-4ea6-44b2-93dc-21fd5353dc61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1AB2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e413ba9-10a4-4d99-95ac-3a9a4f954d29
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0701 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fe785e2a-4f12-40fc-a9da-768557318f85
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 29EE 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
12fcc0b5-956e-432f-b42c-aabdcd465ff4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 16E2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9adc796e-6a73-4957-8e77-825e3c691fed
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F97A 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPvDEpEtEYrrwNe2RoPwP6omiqAcAAAAAOAHgBAI&bg=!iIuli8_NAAbzJazn0yU7ACkAdvg8WlaTBFx7lZ9Jis1Mjhlk2vMuNJGwHwCzBuMaulfF1gQ00eXeOQIAAASrUgAAAANoAQcKAJSWpx9OOFohz0S3uyjMrl0oQr9l6qkg7zMHwx5-i3IxzFRCcGrrglh76ZNPZg2IytQ5qfgF5DK8zwIwC_KGOkZSx4olOORWr0V4TA2D7WA-Y4SAXUZBRLym641ji8wVZI6BgGmIkuHK1WavJdM--sdQO4AyiLyx96WN_ZE0UG-_ViDegjl18rm5eR8LdCDcYT3GTzFhmQL-asJHYUonj3cJTja7jHdXswfmsjI0nerQ3l65mfdfq0FhFigs1l3daXiam3QXtRCzwWRiZYJmgzNG0muZTra38zzkbYhVVjjiu2-pt8ZxpvbfacEcS-yioJP47YcNCSU7JmmqUOVjo4iHwuO4bdeAH2fxaIzXO0Onj9nqXJC31YTtSGRDjYyHUjUiZwwmVEDTbhpWXp8INd8oZhrCkj1tU0xgq0Kx4PjKfJ6cW6z4pmcCv9W0qj7MZSciRn6vhL7kltplvACan-TO5tiW3Ym7N5JHj5-eq6xWxm30zRDmkGOqwlWvTioUnaJetX7et2KidQIsIGWBiaYU5B70aVbXH-nW1cVfC2FgtY2aH_nSdYrMOblgdHelR4sbgwvpxylw6fou8bt9V6c2yELwzTlRuITYJdrIKn20Yg4le1oZNgWx5em_XNGP9JCrlVCrMkFCnRIaN8Iv1jVi69c0ygeIifJfjd806PT5UWdQsD9rRrWiBnW9ROU2J-KwBr-PcfAODm-aWjCQvHi3PP7BE8Z1yNzTCl4rf6ngTrMt8XnN94H0-O5Zpbwa1SaBOOhFn8eBKmpOpLBwQBcW2U2kqhO0e3yPPilbpyO4CBveaYhS14oJLuUz-Akn7PBkKwoEFSxdxSnfGdsDXUoSAHQaYMwtLEahhtkpJczLhUpO3banoZesCMqGdW_2IQsj4Ull5mIOl-w3rUWN1vTX9l5HP4OZQCBFDgt8f1QQaUoKcIl4XppReC3CGqiPv1wHS7qW7dPDT_z3iXKifn1KKzePjqPb_P5Q3IjfnIqouPj0NMbVlUM-QdsJDpVec3yyW1GXTUuZLJUB2B5aivceDSDuvM8ziIZsJHke0tBW3czGizVtsoLHakTc43lj3eQ3d2XzLeWXTLnSNPOgdTIE1zwtw0qJA5zKHRltPihnJt3U-EUKP-vVuwS3w7zAzLFIly57BYYIju7pC37qP-9y8CGRejpX-jFKjFd2NuuWoUODJkdu_un0qdf6iRtR0n9rcYHuaQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idsync
sync.aralego.com/ Frame 77C8
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
0
0
idsync
sync.aralego.com/ Frame A494
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/19cb30df-33d9-424f-a2e6-42032a39dd2f?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-fPr3oVZE2oUeXwtfNfflZt8gPSLpT6zFcgQ1.ZI-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
0
0
usermatch
ssum-sec.casalemedia.com/ Frame EB18 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
648a8202920b3e9ab1561e1316929fc7c402042db6014f3bbcd6f09e2775ca8b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1454
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:04 GMT
Dropped-Udsids
39|230|241|46|51|8|130|26
Expires
Wed, 30 Mar 2022 12:23:04 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pbsync
usermatch.targeting.unrulymedia.com/ Frame 51E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 496F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48819
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C36F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 2CDC 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 0D55 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1c868bf3110b588e3f94f7c44fd29e29f007af3ad5a9819076bcc214291560e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1671
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:04 GMT
Dropped-Udsids
241|230|39|46|221|111|195|26
Expires
Wed, 30 Mar 2022 12:23:04 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pbsync
usermatch.targeting.unrulymedia.com/ Frame 9141 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0351 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48819
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame D8CA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNlWVyaoq3BMkfP932FvrGJWqd6ntxsg9AwDJnk2IlkWOG5JjJGE-qXhZWqv_UPfsNdR6ZDZe8Y1qt5-U-XNOmWfZdYbtIhnGAh4no_7glhqu5WZ8&sai=AMfl-YTqXnTmdUM_WX7x3qicPye7iydLmohVcp58p5oVnjO1JR0oRoPvweOv32sTG9FOobvcKLWA-Lkc6J17ZcNzpDxHVlXhjLx-Mcn8Qsnn23QsyfS7qy40_-8sa9U&sig=Cg0ArKJSzGcXt7w57H4MEAE&cid=CAASJORo2ZqEcQrHIb_2X3zzxJYsbpYnqGKhYfbyDpBm-dgkw6v7AA&id=lidar2&mcvt=1189&p=464,663,718,963&mtos=0,1189,1189,1189,1189&tos=0,1189,0,0,0&v=20220328&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2929720836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648642982208&rpt=648&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7304 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48819
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 1D39 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b53811e134206aa8bf1578f34ca4afd7d4531875ef7c31a351daa13a70317e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1495
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:04 GMT
Dropped-Udsids
39|230|241|46|47|41|196|57
Expires
Wed, 30 Mar 2022 12:23:04 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pbsync
usermatch.targeting.unrulymedia.com/ Frame AD6C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Tengine
/
onetag-sys.com/usync/ Frame 73E2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7C26 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
156574
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6f40d07c3f3b19e7-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7467 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
156574
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6f40d07c3f3919e7-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
dc_oe=ChMIutLy2ent9gIV7QiICR3qhAh1EAAYACDTxblPQhMIs_Oz2ent9gIVA_2zCh1UGwAB;met=1;&timestamp=1648642984447;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=2;eid3=14;ecn3=1;etm3=0;eid5=11;ecn5=1;etm5=0;...
ade.googlesyndication.com/ddm/activity/ Frame 64E3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIutLy2ent9gIV7QiICR3qhAh1EAAYACDTxblPQhMIs_Oz2ent9gIVA_2zCh1UGwAB;met=1;&timestamp=1648642984447;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=2;eid3=14;ecn3=1;etm3=0;eid5=11;ecn5=1;etm5=0;eid7=12;ecn7=1;etm7=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1_macan-semibold.d147812_1640711150.otf
cdn.somplo.com/assets/130/ Frame 7106 		99 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.somplo.com/assets/130/1_macan-semibold.d147812_1640711150.otf
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
11f3e1afe7023102ed0b88b3c78bb69884783d7b0ae203cf04d888141acbb390

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
am3-up-gc81, td2-up-gc11
date
Wed, 30 Mar 2022 12:23:04 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-length
101616
last-modified
Tue, 22 Feb 2022 07:45:40 GMT
server
nginx
etag
"9a83dae8535567cb6e757af6a62269bc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=345600
cache
MISS, MISS
accept-ranges
bytes
x-amz-cf-id
XM7Hsp5QiFAA81dfi40Tc4UlJzs2kgh-E8vTG6gPagoBfebLChbanw==
expires
Sun, 03 Apr 2022 12:23:04 GMT
dcm
s.amazon-adsystem.com/ Frame 0D55 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
63NNTH48TKHA6QH7G9SF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 0D55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0D55
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 0D55
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
62f6292b-6ea5-4383-8244-2f309f5f79c1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 0D55 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YkRLpGvaMGh5Cualmm8-mQAA%26983&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.144
content-type
image/gif
content-length
49
expires
0
crum
dsum-sec.casalemedia.com/ Frame 0D55
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852584
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852584
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852584
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 0D55
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-db1caf0a-08da-4f53-84f5-b78730852d02
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-db1caf0a-08da-4f53-84f5-b78730852d02
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-db1caf0a-08da-4f53-84f5-b78730852d02
date
Wed, 30 Mar 2022 12:23:04 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 0D55
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8-mQAA%26983
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1c3433f9-6113-47c0-96f8-d357f2153ca5-tuct93dd128
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1c3433f9-6113-47c0-96f8-d357f2153ca5-tuct93dd128
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1c3433f9-6113-47c0-96f8-d357f2153ca5-tuct93dd128
date
Wed, 30 Mar 2022 12:23:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17304
setuid
sync.quantumdex.io/ Frame 0D55 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07e4e647151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame EB18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame EB18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EB18 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R1R0E50XGHTGYY8CEHM5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EB18
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6a952dd-0dd5-4f74-ba41-4d24992b6e10
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame EB18
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_027a5590-d9b7-4b79-bbc1-0d5bf2a394e9&bsw_param=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&expires=10
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:05 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Date
Wed, 30 Mar 2022 12:23:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame EB18
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=620e860e-a79d-4ef1-806a-f64d9a847145&expiration=1680178984
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=620e860e-a79d-4ef1-806a-f64d9a847145&expiration=1680178984
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=620e860e-a79d-4ef1-806a-f64d9a847145&expiration=1680178984
date
Wed, 30 Mar 2022 12:23:04 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EB18
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852584
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852584
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852584
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame EB18
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8-mQAA%26983
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
date
Wed, 30 Mar 2022 12:23:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17304
setuid
sync.quantumdex.io/ Frame EB18 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07e5e727151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
tag.js
serve.somplo.com/pixtag/js/771528730/ Frame 7106 		387 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://serve.somplo.com/pixtag/js/771528730/tag.js?
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.159.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-159-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5ac66c29f0c4f23fbc429158c9b55167a92113848a77f91c7382b2923aa349ef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:04 GMT
Connection
keep-alive
Content-Length
387
content-type
application/javascript
rum
dsum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&expiration=1651234984&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHp7N4m4Wpii8tKJgvTcewc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1D39 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B4Z0YMJQQ9CMMXD3MJVG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4f0dd89-b96e-4771-9d3a-96be23c0ddd7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1709217890454926719
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ae5hhDkq1NzxlR5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ae5hhDkq1NzxlR5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:03 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0541a9887dcb6226c@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ae5hhDkq1NzxlR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=254de68e-b024-11ec-bbca-3d3cd1174a24
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=254de68e-b024-11ec-bbca-3d3cd1174a24
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=254de68e-b024-11ec-bbca-3d3cd1174a24
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-9
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_62444ba8c1e5a&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62444ba8c1e5a
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62444ba8c1e5a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

date
Wed, 30 Mar 2022 12:23:04 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_62444ba8c1e5a
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 1D39
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751679036070747
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751679036070747
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:04 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=969751679036070747
Date
Wed, 30 Mar 2022 12:23:04 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
sync.quantumdex.io/ Frame 1D39 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d07e5e757151-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
collect
analytics.google.com/g/ Frame 8F51 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe3n1&_p=486690825&sr=1600x1200&ul=en-us&cid=1332967654.1648642979&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&dt=&sid=1648642979&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 6765 		16 KB
16 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/3242a4300e334bad/itag/15/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1680178980/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4FC68630A99C3F7481153BC2029B76FA70883B0B.5C0E003F46D78E1C8842D8EC0685E7DEDCE1F477/key/cms1/cms_redirect/yes/mh/jU/mip/2607:5300:60:7867::3/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1648642611/mv/m/mvi/5/pl/32/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5893623d9547b77763b0df3378cb7952c49076348ce648b16c14733f9c095b2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=229376-

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 17:04:31 GMT
server
gvs 1.0
vary
Origin
content-type
application/octet-stream
Content-Range
bytes 229376-245803/245804
client-protocol
quic
cache-control
private, max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
16428
expires
Wed, 30 Mar 2022 12:23:04 GMT
collect
analytics.google.com/g/ Frame 81BA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-0DTZ6LRDBJ&gtm=2oe3n1&_p=1048015990&sr=1600x1200&ul=en-us&cid=1332967654.1648642979&dl=https%3A%2F%2Fshrinke.me%2F4lpHNx&dt=&sid=1648642979&sct=1&seg=1&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shrinke.me/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.png
pixel.somplo.com/ Frame D36A 		119 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.somplo.com/pixel.png?e=2&tag_id=771528730&val=&order=7&tech=3&pix_cb=6542907620084
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
td2-up-gc10
date
Wed, 30 Mar 2022 12:23:04 GMT
last-modified
Sun, 01 Jan 2017 13:05:22 GMT
server
nginx
etag
"f359db62f64d21:0"
content-type
image/png
cache-control
max-age=0
cache
MISS
accept-ranges
bytes
content-length
119
expires
Wed, 30 Mar 2022 12:23:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D36A 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst__hrA8Pji01S1pTy0k4wl3uietWToDi0N7Wuh7wWH5P9huzpVBiHTmB--4_PiBzIBBxD27jIg9T9Sg1hoJrAi47WSCj5mKRF0Rk0eBdKQxHFczcJQ9DiY88mkBp9TQOXvFJCJ_ryzg1PR9JRRW8gVoTnK3TG4DGsBfBrm12ix9xwOWiwLDXhxqvZE5Tis8cnMKHwtqOKgkRJMKgsmN63wxKnX2lwbmJgvkzyLlmh9q9VqooCC_oTTducSfM6glAXfxZGtCqPWxEF69MQIupJoujEoxP6E5ExB1eakU7cTOckGLi9bUd4_uNBk0auO5ymNo8D20afgPEwLHAUxct1b07ihgoJEb7tGfU4xca5lK5bQeQItWMC3S2nt76LGR7qle2_w3LMPhGpEavaXa6FpfURwqWQ4RazVd9YhWPSU5tvkMJlPx8pYmTuRl-7WmDBemU4rsimhKyLOKrVyzjJ7ElBGuoCr2yPDUWsumsXdy9KNDEbXYVCpU-TD6NnL9xPlFzt8bbKaRSFN068R_CDcCEQeiWYgkT4zE7a5saEd8iid4yR3p4_rYnqZKvfv9nBOSOTg4Qpfr_b8Eb-3iw0UPIvqNrqAWR_kjtcMemqcLHKYquiac5kCdMFRDnoUrwTCwAjjpEo78ig5R6jN5q6ZIc8FcW5mbxXsnOOsGfqXpw9sGtoVU648sDS7HaGKWzGuppI619OQl7TwxczEa5Ox-0CXq1jpBWQgBRchZn4vU_Bn4in9xlqwBVdAL9lwqPSbNZdDKfKngb3OuplMQ76nIww2CdlHtrjlrBh5ZCF2UDqjK_ewMo6tSiPeIUCXvF0NXXANHo22en6Dls9fEX28TgTTxEL8hnRGfkA9L_DcmUqDgpdYXFQd1tD1ZS1BIaq6T5tarORm7j_JRhuvza6-ZQrXsrPcdWAsl06MikIsjNlAdm11fevK_pjOQJvTOivVl1M5sHItg75bRu4bUdCRwQ_Pp8G7TXDVylogkOn8UqD-d47GsfUGx9JRhwzKb_ADGm3McKRyTJdpJNuaM30nCMGOR_q_QknoMixK3oMBAAvPh815ajv3Y378rnQVKTDhRnS4Z_q2E3g5gwT8WQVYYFM1XoB0VmBYs1KbBwEXoq1RpBYWIt5FbXc0cSon2TOTz2hdQo8iSuJVr16aSJB3frkdqo8WmVpA36oZinlszu4bcJBFayRnTJsSVEdyAFTBdW-5frv8GBd0rBuAlpRtfU5swgk&sai=AMfl-YTyu99dZg8SGCQv1XNAM1_eN4s-gI-ahq2y5raYZT1_nybv_pxQdmYVO9bOT5WefRczCiiKDaFs9I1wJG8XYw0l3_EZ0F9y26xfzNoQJzMzoXQ9VKWwWAhiAfYfCF0h_Jly-NptTLk9h0xTz0J5ee0iPU9oFKWKfe4w0Rkf0UkklxNYqPE5O-Wx6L09FcjwiCBDkGQtEqupPlp_uzeXng&sig=Cg0ArKJSzJZ62weL1WAPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/s/xfa/writead.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 30 Mar 2022 12:23:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
drop_cookie_sw.php
csync.smilewanted.com/ Frame F450 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d07edb4119e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 0AD4 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d07eeb4f19e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame A3A8
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=56556349b41d6e6ed36cd22856d99d09
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=56556349b41d6e6ed36cd22856d99d09
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

AN-X-Request-Uuid
ab8804eb-7538-46cd-b72f-8276935e5aa7
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Mar 2022 12:23:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d07efb5719e7-EWR
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=56556349b41d6e6ed36cd22856d99d09
server
cloudflare
setuid
ib.adnxs.com/prebid/ Frame 81E9
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d6c6648ec2213f27e48c7426e30741a6
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d6c6648ec2213f27e48c7426e30741a6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

AN-X-Request-Uuid
3a17b1b8-01b0-4eef-8fae-894d0d682ba9
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Mar 2022 12:23:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d07efb5b19e7-EWR
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d6c6648ec2213f27e48c7426e30741a6
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 7A1B 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f40d07fbe767157-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 6D70 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f40d07fbe777157-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
c.adskeeper.co.uk/pv/ Frame F49E 		0
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1648642984825712684540&uniqId=0a18b&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cxurl=https%3A%2F%2Fshrinke.me%2F4lpHNx&lu=https%3A%2F%2Fshrinke.me%2F4lpHNx&sessionId=62444ba9-02658&pageView=1&pvid=17fdac78b7c8bc2d6f5&site=630298&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6f40d07f5f39a222-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD50 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=1355483729956619&bg=!NzSlNHDNAAbzJazn0yU7ACkAdvg8WuvpJY00Jar24nllQ_qr8NeQclBMmWvHbaYi2GiN8A-iT6dxJQIAAAXcUgAAAAVoAQeZAu-uuG1-ZR7yE0kwQRHT9seJD2IQOLnXrdHa-mv2th8jS9h55H6XZKklo9iGCuHOX9Rmo0BPfvf3RFMPQr70Kjm1yZovWOzWGfw2YCOPKwFx-L1xoy1Z40zPnw7UAYXjOSnc1x_-_OwqVS4-n7k5J7w6Si02axKxP4jfJ-lT3A9_v3nT5l2r_Nrfp7OEdeNh8fg4BgiFF1yuj8iyh1T1sDUy45Vp9r4_5EHDKForo9C6xnteLWoljSxeDAOGqjbXBB9MONg-xmXQTLrfXRAt0Ma4CPFvpilXloTwYqxtohBLO8gRCTglziaOezKB7wXsLiQY19TdaDkQ_6IUtBRDf7pneynR19Z15LeJ6tKMYt3dFYD2wvDrWpezJPGKDnYLmjPOOAYHqtucC2kB5PwLh_IoUJqJSE9zAdCGMI_YwBMOESDHJvznU3UOkZ1KSeloRQLIlF41upZkK0ZJnOcLps6lDOx1M_-KMjyjEpbj8O6SgcFaEaHmpxhc9CRbWH2nCjovE77ECgMLSYekrgUVnZxcvYXpS4G_2pY1h3I4ABsxSfEWziRVRFV0mCRxWxmq0Xz-uL-yEFW6DknPsCrpeI79VTvArJlnh2cy_VXaaHfIalp3G9-hhKp6SXxtVEiTT6OnpvWaMrc83sIQxjj11U26se7Z0s7mE5v-kQZNM2l9zUB3w1HZC42VoztkW8K9N9l7EmqoXOWNz0KiPdHDHNiJlSjlSpfNimqwDl30rPY7M2--sI1crHYCDlEQrA85zZFEZ5HA2BPlt23T3_utnCjM4Q2emKSqpff1xIgj9Mq6C3h2zQXoXmYewJ-ws47f5gcxJvbN1lrffdyeENMzlcI0z0unjFEvCPR1mimqyzHO2-7tMavL7sdr0oLG0x7Z7NYZOvepjNAC07eMaD3usus4bhd080wdofrM1I6JAJs6u3Ug6epKQFd90w0mfbfLnBnEeJoPnIiUik7BMh0ttsGE_29BKv0cjdrHg5oKWPkE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9207548265241888747
csync.smilewanted.com/set_partner_userid_get/smart/ Frame BEC6
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/9207548265241888747
0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/9207548265241888747
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0816e9419e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Wed, 30 Mar 2022 12:23:04 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/9207548265241888747
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
3410955970430486413
csync.smilewanted.com/set_partner_userid_get/smart/ Frame F9B0
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/3410955970430486413
0
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/3410955970430486413
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d081aee819e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Wed, 30 Mar 2022 12:23:04 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/3410955970430486413
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame F49E 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
content-encoding
br
cf-cache-status
HIT
age
4089
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G6D9XKGR80NBQYK6
x-amz-id-2
V5RIsGFpAcll/hbf9k+MppfT5qECWQMeAX12brxGQjTtG2bhHCL7frwM9uAnuPLjjJbt2hq3VmM=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f40d0800fe3a222-YYZ
expires
Wed, 30 Mar 2022 16:23:04 GMT
f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 36EA
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
0
101 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0808d7819e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 2F54
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
0
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0808d7a19e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/f1965ea8-b3dd-417e-970c-fdaecfc86aed&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
widget-ssp-performance
c.adskeeper.co.uk/ Frame F49E 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.co.uk/widget-ssp-performance?time=68
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f40d0801ec9f989-YYZ
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
L1DJGPPP-L-EKUO
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 102B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
0
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0809d8219e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
content-length
0
async_usersync
ib.adnxs.com/ Frame E616 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1e0e457-b438-418b-88af-3f1c5e0518c4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
L1DJGPPP-L-EKUO
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame D514
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d080cdca19e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L1DJGPPP-L-EKUO?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
content-length
0
async_usersync
ib.adnxs.com/ Frame 1AB2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
48531696-308c-4231-b02d-112cfe815819
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9A9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48818
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F15D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48818
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 0701 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.133 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb82dbb3-8d7f-472f-9060-9b7bc9852d06
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1
servicer.adskeeper.co.uk/994618/ Frame F49E 		1 KB
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.co.uk/994618/1?pv=5&cbuster=1648642985045387606297&uniqId=0a18b&niet=4g&nisd=false&jsv=es6&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Fshrinke.me%2F4lpHNx&cxurl=https%3A%2F%2Fshrinke.me%2F4lpHNx&lu=https%3A%2F%2Fshrinke.me%2F4lpHNx&sessionId=62444ba9-02658&pageView=1&pvid=17fdac78b7c8bc2d6f5&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c846df94b13b540f85af1a81ac2f7bebacbc2fd132535695a6640efd2d4779bf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f40d080b896a222-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8407 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032105&jk=3699867477367657&bg=!PzylPHjNAAbzJazn0yU7ACkAdvg8WlEtBy9FeIQSJh_O4dVsBV8ukLzEVWMFEsYWRAIbEkDpWLg_aAIAAAZbUgAAAANoAQeZAulNrXTq2CSPyMgm-MTZUpdtlRInV4tzrmcACz-eJG6e_NxKf7t-zSg2w1lateQYHa1Fhpiu0AiRfR1Y0PWPG8b5nWJPkUi1jpcKoIBQfZx3OVk8-0NfqK902ZFNIs9c9x6DGVpJkVrjKwGmntwEGRdut5zMw0uhrFtS5NQxQ5hLBjBP0UDWvHXNyV5uheB_ASok2ixT49_UdleLIL4gEBqF7_U6jc5-oX_3V4CQkz4r2rrnCJLd6J4WQvnJpo7aQlJ6hALFeltARHuDoAVtaqNq1FFGypgkHONteDVMg8lsEtf5zc-FI2-v7XltM60NCb6rFyv1ReLnZA3ir2PY-OPQt3nlwj0PJ3XkOVvuRA-5Rt-s7udaaHSwF4W-OHIh2JNXYDAYcjkTEJqxBzy-5mt1BBG5atkV70hoxRd49dy3yNgJVr9j0T3TTms_e-IOiCz9gIi1_jHog9E81DPl3fcjxAO3sG_OE2MDAbRF2kpzB_qqGh-b-uRGmwHRlQs0l1uRHH8FLd5IYN-PmsvDot6u_CZUpC1r2axJYP6f2RPA103i7jqlH1QqLQoQHSw78OlruZybf7_x0Gkv4hTOeHZe0SZRV6zbz8YkVECo3ttz73KkBhKJp1QedplErg6x23Nj2_rdI3ZqPlUr-ksTQQe_woxMcMWm6OeACSczONPowmaAnMVdfj-NEDR1rr7xJBVqZccMUUFY0i2ojG_blAiyRpr5dPT-FHJHlZjfpkuPONKsQIpYpWhDjp5D2or0vuYEvsZ1tfYdDRzIwHot5bWne0SsfuqtvCoS87e-QSzl47hD91EJ-9HPFnMcuuncUhOYHY3YAylyTlc9ylaLiuS4Wzly3eOd711wI48CBwcOXwoVUYrrr18E_yBAJjmU6inRkrkcK-S7AHRg5tvUe-_66bWsvRhrE4xP-1oBKWf936U3E6OWo0Zt9a7E_fKlvf0jacdKF8pELXm3srJqTAcz6QywFWsArfsd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YkRLpGvaMGh5Cualmm8-mQAA%26983
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame C8C7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0812e4819e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 30 Mar 2022 12:23:05 GMT
Expires
Wed, 30 Mar 2022 12:23:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
YkRLpGvaMGh5Cualmm8-mQAA%26983
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 58C1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0811e3f19e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 30 Mar 2022 12:23:05 GMT
Expires
Wed, 30 Mar 2022 12:23:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YkRLpGvaMGh5Cualmm8-mQAA%26983
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
24f405f9-b024-11ec-bf3a-16765c7f0403
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 4B95
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
0
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0814e6919e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Wed, 30 Mar 2022 12:23:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Server
nginx
X-fe
43
24f405f9-b024-11ec-bf3a-16765c7f0403
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame B963
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0814e7619e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Wed, 30 Mar 2022 12:23:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/24f405f9-b024-11ec-bf3a-16765c7f0403
Server
nginx
X-fe
65
1
sync-eu.connectad.io/syncer/ Frame DA48 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157183ffbe0c479d95cc13b7f02abc1dd8307395ecb569a8581448c10d7e5ec3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d08138b97157-YUL
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
cloudflare
vary
Accept-Encoding
via
1.1 google
SPug
simage4.pubmatic.com/AdServer/ Frame 0DFE 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
IXsgapRFGAyIZX8Ya0Zc
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 1C75
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebidtest?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://stags.bluekai.com/site/23178?id=IXsgapRFGAyIZX8Ya0Zc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3Q...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3QMFZHI3TFOJPXK43FOJUWIX3HMV2C633VORRHEYLJNYXUSWDTM5QXAUSGI5AXSSK2LA4FSYJQLJRT6ZLYMNUGC...
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
0
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d08399fc19e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Mar 2022 12:23:05 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
IXsgapRFGAyIZX8Ya0Zc
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 8305
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebidtest?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://stags.bluekai.com/site/23178?id=IXsgapRFGAyIZX8Ya0Zc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3Q...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TPFXGGLTTNVUWYZLXMFXHIZLEFZRW63JPONSXIX3QMFZHI3TFOJPXK43FOJUWIX3HMV2C633VORRHEYLJNYXUSWDTM5QXAUSGI5AXSSK2LA4FSYJQLJRT6ZLYMNUGC...
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d083ca6819e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Mar 2022 12:23:05 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/IXsgapRFGAyIZX8Ya0Zc?gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
90afede6-bab8-44b4-b1c1-757dc58fdde2
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 72E4
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/90afede6-bab8-44b4-b1c1-757dc58fdde2?gdpr_consent=null&gdpr=0
0
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/90afede6-bab8-44b4-b1c1-757dc58fdde2?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d083fa9919e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/90afede6-bab8-44b4-b1c1-757dc58fdde2?gdpr_consent=null&gdpr=0
server
_
dfbb7acd-029d-498d-be5b-e9b25c4664a7
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 32D5
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/dfbb7acd-029d-498d-be5b-e9b25c4664a7?gdpr_consent=null&gdpr=0
0
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/dfbb7acd-029d-498d-be5b-e9b25c4664a7?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0845b0519e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/dfbb7acd-029d-498d-be5b-e9b25c4664a7?gdpr_consent=null&gdpr=0
server
_
widget-ssp-performance
c.adskeeper.co.uk/ Frame F49E 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.co.uk/widget-ssp-performance?time=89
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f40d081efbaf989-YYZ
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6ECE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-202.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=48818
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 31 Mar 2022 01:56:43 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
1
sync-eu.connectad.io/pixel/ Frame F388
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=YZA023WAgM7n9zSjlebRZsXID3jTuFy5p2CyzeY9&gdpr=0
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drtaplus%26bsw_param%3D7f6e77c9-14a3-4120-bf1a-82d1a5a5429...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=41b86244-4ba6-4d00-ae4c-0c44c15dcc35&expires=30&ssp=rtaplus&bsw_param=7f6e77c9-14a3-4120-bf1a-82d1a5a54293&gdpr=0&gdpr_consent=
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d0841f047138-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Mar 2022 12:23:05 GMT
Location
//sync-eu.connectad.io/pixel/1?dataid=data3&uuid=7f6e77c9-14a3-4120-bf1a-82d1a5a54293
Server
nginx
1
sync.connectad.io/umatch/ Frame 9B24
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=4668821410471988469
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=4668821410471988469
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d0851ffc7138-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=4668821410471988469
server
nginx
1
sync.connectad.io/umatch/ Frame F802
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%24%7BUID%7D
  • https://sync.connectad.io/umatch/1?dataid=data5&uuid=9c285c05-4cbb-4fd0-a219-b9cf06f70326
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?dataid=data5&uuid=9c285c05-4cbb-4fd0-a219-b9cf06f70326
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d0831b067157-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
null
access-control-expose-headers
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache, must-revalidate
content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://sync.connectad.io/umatch/1?dataid=data5&uuid=9c285c05-4cbb-4fd0-a219-b9cf06f70326
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
Cowboy
vary
Origin
via
1.1 google
x-request-id
0f00ts1q0mbv4vegvt7q59vpevtolt4u
1
sync.connectad.io/umatch/ Frame FA18
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=connectad
  • https://creativecdn.com/cm-notify?pi=connectad&tc=1
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=qbJtu5hjs3huaNl8uTN9&pi=connectad&tc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=qbJtu5hjs3huaNl8uTN9&pi=connectad&tc=1
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d08588877138-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT Wed, 30 Mar 2022 12:23:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=qbJtu5hjs3huaNl8uTN9&pi=connectad&tc=1
pragma
no-cache
1
sync.connectad.io/umatch/ Frame 6A7B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dappnexus%26dataid%3Ddata11%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=appnexus&dataid=data11&uuid=1709217890454926719
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=appnexus&dataid=data11&uuid=1709217890454926719
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d0830af07157-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

AN-X-Request-Uuid
d1869d8d-aa98-4484-a871-a41a8c7ccd6d
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Mar 2022 12:23:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.connectad.io/umatch/1?bidder=appnexus&dataid=data11&uuid=1709217890454926719
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.187; 149.56.153.187; 571.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
1
sync.connectad.io/umatch/ Frame 9F18
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=8dfcb9d28e05f6f8bb51f33d
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=8dfcb9d28e05f6f8bb51f33d
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d0831b077157-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Connection
close
Date
Wed, 30 Mar 2022 12:23:05 GMT
Location
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=8dfcb9d28e05f6f8bb51f33d
X-Sovrn-Pod
ad_ap2ewr1
usermatch
ssum.casalemedia.com/ Frame 0F79 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b6dc40e8450a3b7b026d428f21150b6f802b8af15e807638c88f946d6c321ed7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1397
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:05 GMT
Dropped-Udsids
73|4|130|3|111|17|26|5
Expires
Wed, 30 Mar 2022 12:23:05 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
/
onetag-sys.com/usync/ Frame 9A94 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
YZA023WAgM7n9zSjlebRZsXID3jTuFy5p2CyzeY9
csync.smilewanted.com/set_partner_userid_get/connectad/ Frame 2A8C 		0
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/connectad/YZA023WAgM7n9zSjlebRZsXID3jTuFy5p2CyzeY9
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d082c8b119e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame F49E 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
content-encoding
br
cf-cache-status
HIT
age
4090
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G6D9XKGR80NBQYK6
x-amz-id-2
V5RIsGFpAcll/hbf9k+MppfT5qECWQMeAX12brxGQjTtG2bhHCL7frwM9uAnuPLjjJbt2hq3VmM=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f40d082e834f989-YYZ
expires
Wed, 30 Mar 2022 16:23:05 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.adskeeper.co.uk/g/8164912/492x277/0x0x1081x720/ Frame F49E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1648642985-xd7c2yZOUFrnSW3CVEa2xwzFR1Hu9N46hjb954QPHaE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.131.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b74fba6e8c57f559811311390a0137d43db05b8327f3288291d412c84badc6b

Request headers

Referer
https://shrinke.me/
Origin
https://shrinke.me
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:46:14 GMT
x-mg-request-uuid
c138ace8-7f51-459e-94de-25f10d7b868d
age
108291
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f40d0834f0b53e3-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11540
server
cloudflare
PugMaster
image6.pubmatic.com/AdServer/ Frame 6ECE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12253317&p=156077&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
08f043cf14ee319f265959a9ecb1bf2cb0cafaeca9affad94d863d607934bc94

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1778
content-type
text/html; charset=UTF-8
YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0F79 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YkRLpGvaMGh5Cualmm8_mQAAA9cAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:1f3b:68bb:44b5:b695 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 0F79
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4460801092495011935
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4460801092495011935
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4460801092495011935
pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 0F79
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852585
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852585
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABjsU7EiJcAADHbmN0I8A&expiration=1649852585
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 0F79
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:05 GMT

Redirect headers

Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
MT3 4320 2f2dfe5 master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=41b86244-4ba6-4d00-ae4c-0c44c15dcc35
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Mar 2022 12:23:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 0F79
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852585
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852585
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:05 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4668821410471988469&expiration=1649852585
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 0F79
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=IXsgapRFGAyIZX8Ya0Zc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SKYONTWC...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=IXsgapRFGAyIZX8Ya0Zc
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=IXsgapRFGAyIZX8Ya0Zc
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:06 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=IXsgapRFGAyIZX8Ya0Zc
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0F79
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YkRLpGvaMGh5Cualmm8-mQAA%26983
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
HTTP/1.1
Server
104.118.9.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-118-9-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 30 Mar 2022 12:23:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
date
Wed, 30 Mar 2022 12:23:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18368
ix
ad4m.at/ad/sim/ Frame 0F79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
1
sync.connectad.io/umatch/ Frame 0F79 		0
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.connectad.io/umatch/1?bidder=idx&dataid=data13&uuid=YkRLpGvaMGh5Cualmm8-mQAA%26983
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
6f40d084efde7138-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame C45E
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 10:39:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug029:2:276

Redirect headers

content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame AF69
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1648642986.828376,VS0,VE100

Redirect headers

accept-ranges
bytes
content-length
0
date
Wed, 30 Mar 2022 12:23:05 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=a9163071-a894-456e-8679-f988c19e3124-tuct93dd128&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1648642986.755915,VS0,VE12
x-vcl-time-ms
12
Pug
simage2.pubmatic.com/AdServer/ Frame 6D8C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1648642985835
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug003:0:469

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Wed, 30 Mar 2022 12:23:05 GMT
ETag
OPTOUT
Expires
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 82E9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 12:23:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug017:0:435

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Wed, 30 Mar 2022 12:23:05 GMT
expires
Tue, 29 Mar 2022 12:23:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 1616
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=57imGiyUDF6-8nLhqktEYg
42 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=57imGiyUDF6-8nLhqktEYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 10:58:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug005:0:602

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 12:23:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=57imGiyUDF6-8nLhqktEYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 9827
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vOMZ0imARIRUmMUOJp9Co5U4mbs
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vOMZ0imARIRUmMUOJp9Co5U4mbs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Mar 2022 12:23:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug008:0:692

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Mar 2022 12:23:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vOMZ0imARIRUmMUOJp9Co5U4mbs
1
sync.connectad.io/umatch/ Frame EF73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?dataid=data1&uuid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
6f40d084efd07138-YUL
date
Wed, 30 Mar 2022 12:23:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
33141
tags.bluekai.com/site/ Frame 6ECE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=647E2670-BF81-4393-9BFF-FE4D71412F90
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=9954fd9372cf31f8
62 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=9954fd9372cf31f8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
HTTP/1.1
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:06 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=9954fd9372cf31f8
content-length
0
p.gif
visitor.fiftyt.com/ Frame 6ECE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=&fbounce=1
0
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=&fbounce=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Server
35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
via
1.1 google
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
clear
content-length
0
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date
Wed, 30 Mar 2022 12:23:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=&fbounce=1
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
144
info2
uipglob.semasio.net/pubmatic/1/ Frame 6ECE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=647E2670-BF81-4393-9BFF-FE4D71412F90&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=647E2670-BF81-4393-9BFF-FE4D71412F90&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=647E2670-BF81-4393-9BFF-FE4D71412F90&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Frontend-ID
2
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Mar 2022 12:23:05 GMT
Frontend-ID
4
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=647E2670-BF81-4393-9BFF-FE4D71412F90&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 6ECE 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21a2:8a00:1a:609a:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
YUL62-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
sxT1HjschRazMwiLCDJkH9omtmBxRECJTxEA3wHrkvIDJTu_U0JnCA==
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 6ECE 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.80.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-80-231.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:05 GMT
content-length
0
content-type
text/plain
d1ba4609
rtb.gumgum.com/getuid/ Frame 6ECE 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.225.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-225-144.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
i.js
cm.adskeeper.co.uk/ Frame F49E 		113 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i.js?&cbuster=1648642985756849136298
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f4b213e63945d8b55131656acde8f13a89a2a563ed2463e2f98b9d30035f97

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f40d0852ce1a222-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.adskeeper.co.uk/ Frame 3058 		0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.adskeeper.co.uk/i-noref.js?cbuster=1648642985888499052498
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f40d085ea10f989-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
cm.steepto.com/setmuidn/ Frame F49E 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.steepto.com/setmuidn/?muidf=m2u4UG_bjun5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f40d0869937cab8-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 39BC 		428 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97316746&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4ea3a9219fe30f23026b1e83d76df34e122894957d1d75e1514738f892668094

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
428
content-type
text/html; charset=UTF-8
/
io.narrative.io/ Frame 39BC
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:647E2670-BF81-4393-9BFF-FE4D71412F90
  • https://io.narrative.io/?io.narrative.guid.v2=270457b0-b024-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:647E2670-BF81-4393-9BFF-FE4D71412F90
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=270457b0-b024-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:647E2670-BF81-4393-9BFF-FE4D71412F90
Protocol
HTTP/1.1
Server
34.226.0.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-0-144.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:06 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=270457b0-b024-11ec-8734-065a0b8073db&companyId=673&id=pubmatic_id:647E2670-BF81-4393-9BFF-FE4D71412F90
Date
Wed, 30 Mar 2022 12:23:06 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 39BC 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=647E2670-BF81-4393-9BFF-FE4D71412F90&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.82.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-82-126.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.178
content-type
image/gif
content-length
49
expires
0
3096
stags.bluekai.com/site/ Frame 39BC 		62 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/3096?id=REPLACE_WITH_PUBMATIC_UNIQUE_USER_ID&limit=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.205.90 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 12:23:06 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
IIQUniversalID.js
cdn.adskeeper.co.uk/js/ Frame F49E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adskeeper.co.uk/js/IIQUniversalID.js
Requested by
Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.shrinke.me.994618.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd827cefb683f31d3f80a74d6c79a9b131297b855a5be4b629aca982b71c410

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:06 GMT
content-encoding
br
cf-cache-status
HIT
age
7061
cf-polished
origSize=13640
last-modified
Thu, 20 Jan 2022 08:57:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Y5G1R9G1NDE8EQVZ
x-amz-id-2
mYlKjdrKStJBdGUOPUo7t49bng6r4max48iOlDqEPs9xfShDzP47XGM/TfmvCS3OiPQuNNi1x6U=
cf-bgj
minify
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1642669050/ctime:1642669050/gid:0/gname:root/md5:cad33ec288fc150fe49675086fd1ce43/mode:33206/mtime:1642669050/uid:0/uname:root
etag
W/"cad33ec288fc150fe49675086fd1ce43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f40d0873ae5f989-YYZ
expires
Wed, 30 Mar 2022 16:23:06 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F49E 		40 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1548712036&pt=17&dpn=1&jsver=4&iiqidtype=2&iiqpcid=d4bbc0dc-a557-487d-b298-df516efdcab8&iiqpciddate=1648642986138&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=0&tsrnd=27_1648642986139&cttl=43200000
Requested by
Host: cdn.adskeeper.co.uk
URL: https://cdn.adskeeper.co.uk/js/IIQUniversalID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-60.yul62.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
1f5f85c03b32c29914eb1d136fcfea793078788bce67c236dbdcf57f997e6b70

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:06 GMT
via
1.1 1ae294433a6f4b338a8136481c1a3232.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://shrinke.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
-qL2ERWjxom0l_mI-CNN925GSfuGQHiMelpXzvgcrc6kG846HYnkvA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame F49E 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1048688155&rnd=995029&iiqidtype=2&iiqpcid=d4bbc0dc-a557-487d-b298-df516efdcab8&iiqpciddate=1648642986138&tsrnd=171_1648642986140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.223.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-71.jfk51.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://shrinke.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:06 GMT
via
1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
8DKCRet0DelLFKn-sDyjh3g96L-nRd5OezjUAhZk_9l3PqIJIm3sww==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.png
pixel.somplo.com/ Frame D36A 		119 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.somplo.com/pixel.png?e=20&tag_id=771528730&val=&order=25&tech=3&pix_cb=3630884173072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:9996::9996 , United States, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
td2-up-gc10
date
Wed, 30 Mar 2022 12:23:06 GMT
last-modified
Sun, 01 Jan 2017 13:05:22 GMT
server
nginx
etag
"f359db62f64d21:0"
content-type
image/png
cache-control
max-age=0
cache
MISS
accept-ranges
bytes
content-length
119
expires
Wed, 30 Mar 2022 12:23:06 GMT
setuid
sync.quantumdex.io/ Frame C423 		43 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f40d090de787151-YUL
content-length
43
content-type
image/gif
date
Wed, 30 Mar 2022 12:23:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
setuid
sync.quantumdex.io/ Frame 439C 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f40d0910ee97151-YUL
content-length
43
content-type
image/gif
date
Wed, 30 Mar 2022 12:23:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
setuid
sync.quantumdex.io/ Frame 7C1F 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
6f40d0913f817151-YUL
content-length
43
content-type
image/gif
date
Wed, 30 Mar 2022 12:23:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
SPug
simage4.pubmatic.com/AdServer/ Frame 6ECE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156077&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:23:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
647E2670-BF81-4393-9BFF-FE4D71412F90
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame CDF1 		0
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d09429f219e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
647E2670-BF81-4393-9BFF-FE4D71412F90
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 033E 		0
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/647E2670-BF81-4393-9BFF-FE4D71412F90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
6f40d0945a2a19e7-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Mar 2022 12:23:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
dc_oe=ChMIutLy2ent9gIV7QiICR3qhAh1EAAYACDTxblPQhMIs_Oz2ent9gIVA_2zCh1UGwAB;met=1;&timestamp=1648642988652;eid1=2;ecn1=0;etm1=4;eid2=12;ecn2=0;etm2=4;eid4=16;ecn4=1;etm4=0;eid6=960584;ecn6=1;etm6=0;...
ade.googlesyndication.com/ddm/activity/ Frame 64E3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIutLy2ent9gIV7QiICR3qhAh1EAAYACDTxblPQhMIs_Oz2ent9gIVA_2zCh1UGwAB;met=1;&timestamp=1648642988652;eid1=2;ecn1=0;etm1=4;eid2=12;ecn2=0;etm2=4;eid4=16;ecn4=1;etm4=0;eid6=960584;ecn6=1;etm6=0;eid8=18;ecn8=1;etm8=0;eid10=960585;ecn10=1;etm10=0;eid12=13;ecn12=1;etm12=0;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgpyF2ent9gIV03TBCh0BSA-sEAEYACCY4f9P;met=1;&timestamp=1648642990821;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 914D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgpyF2ent9gIV03TBCh0BSA-sEAEYACCY4f9P;met=1;&timestamp=1648642990821;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 12:23:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
shrinke.me
URL
https://shrinke.me/sw.js?S2N2UWkQQUFoW3laT3NFaUFacw96BUUyUCpQW2YLfltbZVsoWltpXC5TWzVQKlVPMFp%2EUBJgUGlPVGNdcgJAZllzTkU3XX9OQmQMKU5OaFAvTkE3DSoAQWZafFFHYEtnQQUmS2dBFTkGJAEfPwYkAR9%2ECiQOVH1LelNYZEtnBRc9Gi5PEDAFOAZaNwgnEBMM
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshoPHw18ZnUlasucNhfE8W529_5zsKyNTYEUAhPIIaOzOi1vaGW51mXu-Yx321l7OdV8PwDL6UkIO9wVIoH45rK0GMHm0kbyvrx5pXSfyM4IpXWVcl&sig=Cg0ArKJSzHx1RXVWheMeEAE&id=lidartos&mcvt=0&p=464,328,464,328&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220328&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2929720836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1648642981686&rpt=245&isd=0&lsd=0&ec=0&met=ce&wmsd=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| s function| j8MM function| M1gg function| q8MM string| F3UU number| LAST_CORRECT_EVENT_TIME number| _2348562587 number| _3919546766 function| fa object| e object| __cfQR function| generateCb number| adtrue_time number| adtrue_cb object| adtrue_rtb object| adtrue_tags number| iinf function| E6ff function| f2AA function| H1ww function| B1ww function| i2oo function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| addDictionary function| getRandomNumber function| showInPopup function| showInNewTab function| showBlog object| vitag function| t8b function| e6QQ boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| f8MM object| googletag object| q object| qs string| js_code string| k object| google_tag_data string| GoogleAnalyticsObject function| ga object| app_vars object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| WOW function| ClipboardJS object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue boolean| fanfilnfjkdsabfhjdsbfkljsvmjhdfb undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| __cfRLUnblockHandlers object| _VLIOBJ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| GoogleGcLKhOms object| recaptcha object| closure_lm_968713 function| getEidsByVLI string| tagApi object| viAPItag object| observeElementInViewport object| ampInaboxIframes object| ampInaboxPendingMessages object| $sf function| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google boolean| apstagLOADED object| apstag object| Criteo object| sas object| apntag object| _ADAGIO object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests boolean| _mgPageViewEndPoint630298 string| _mgPvid boolean| _mgPageView630298

228 Cookies

Domain/Path Name / Value
shrinke.me/ Name: lang
Value: en_US
shrinke.me/ Name: AppSession
Value: f1c7e6ad6436fd45bbd94828a748a7c6
shrinke.me/ Name: csrfToken
Value: e5e5f133d7e76937494aa8935263036737321671c97d73b81e3b108b1ecf0f1799650dc1593820690c62037d92e312891e8c3bf5f776b773ffbd0ea3ad836820
freychang.fun/ Name: csu
Value: 1164179586884806@1@1648642978
shrinke.me/ Name: ab
Value: 2
.shrinke.me/ Name: _gid
Value: GA1.2.308436159.1648642979
.shrinke.me/ Name: _gat_gtag_UA_137383949_1
Value: 1
shrinke.me/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.shrinke.me/ Name: pbjs-pubCommonId
Value: 753a6f3d-e314-4a6a-b777-c835a73b6e3f
shrinke.me/ Name: __ppIdCC
Value: agribje_ne21048046.7.336
.adnxs.com/ Name: uuid2
Value: 1709217890454926719
.shrinke.me/ Name: _gat_UA-177299981-5
Value: 1
.shrinke.me/ Name: _ga_0DTZ6LRDBJ
Value: GS1.1.1648642979.1.1.1648642979.60
shrinke.me/ Name: ucf_uid
Value: 19cb30df-33d9-424f-a2e6-42032a39dd2f
.shrinke.me/ Name: _ga
Value: GA1.2.1332967654.1648642979
pbjs.e-planning.net/ Name: CT
Value: 1
.aralego.com/ Name: sspid
Value: 19cb30df-33d9-424f-a2e6-42032a39dd2f
.quantumdex.io/ Name: uid
Value: 6957b90c-a978-46cb-b372-6c87eb8ee86a
.e-planning.net/ Name: E
Value: AHsjrz81JFA9fDR9
.a-mo.net/ Name: amuid2
Value: 3b67e1ec-d7a4-487f-ad63-04aa2bc4361b
.doubleclick.net/ Name: IDE
Value: AHWqTUn6rg844CM1V_3Mi8QNjJYNyyoguaOVENYxp_aqrg87eH-AKQCRPTvFr_6K
.adnxs.com/ Name: icu
Value: ChgIz5I0EAoYASABKAEwo5eRkgY4AUABSAEKGAjkwGwQChgBIAEoATCjl5GSBjgBQAFIAQoYCKe6cRAKGAEgASgBMKSXkZIGOAFAAUgBEKSXkZIGGAI.
prebid.a-mo.net/ Name: __amc
Value: 2_1648642979_1648642980
.6sc.co/ Name: 6suuid
Value: ce78466886220000a44b4462170100008f2e1400
.amazon-adsystem.com/ Name: ad-id
Value: A9icZHqXeEmcuZHUmUFLSfQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: YkRLpGvaMGh5Cualmm8-mQAA
.casalemedia.com/ Name: CMPS
Value: 469
.openx.net/ Name: i
Value: 765aec93-5ca3-43ce-9343-b132e38bf256|1648642980
shrinke.me/ Name: cto_bidid
Value: YVncLF83cTZYc0xSJTJGNzZZMnVEZGtFcFBZJTJCN21xdFZ3dyUyRnpFZ3JHYUg2ZUdhcWZmQ0x5bVI1V3NsTFp3R3FVOUExWTZ3YnpQVnRuVElhTU5PUndna21oc0VadyUzRCUzRA
shrinke.me/ Name: cto_bundle
Value: zhWiBF9LOUFJUjlpZk8yS2VNaTIxNEF3QUR4MDVwbDBWYVZjRVVGVkdnb3RQN3Q3b0JxdlAlMkJhWk1zdHdsa243UTdtTWZLNzBYJTJCQXN5WUlqZlpMNEplVkRBZ3UlMkZhUjVEc1g1TER6NDNCbnJSbXVkcWxLUzFKM2dsenFHalhRUjFqamdsSw
.casalemedia.com/ Name: CMPRO
Value: 983
.teads.tv/ Name: tt_viewer
Value: 7418da20-b89d-499d-9b1f-7334974d32f2
.criteo.com/ Name: uid
Value: 8d1db476-30ff-4fc7-b3b1-c632bb52f33a
.shrinke.me/ Name: _gat_gtag_UA_212001089_1
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: d306a629-0d96-46e2-a572-4322c18d991e
.simpli.fi/ Name: suid
Value: A21DF2CDF4B34C7C8E43AAE9B595FC54
.yieldmo.com/ Name: yieldmo_id
Value: g280a6d00ad7be33ee03%7C1648642980918%7C0%7C
.3lift.com/ Name: tluid
Value: 2350325416479113524649
.rubiconproject.com/ Name: khaos
Value: L1DJGPPP-L-EKUO
.contextweb.com/ Name: V
Value: MSSYBpbIiPIQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f39a7e5eb860cb67
.adsrvr.org/ Name: TDID
Value: d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
.bidswitch.net/ Name: tuuid
Value: 7f6e77c9-14a3-4120-bf1a-82d1a5a54293
.bidswitch.net/ Name: c
Value: 1648642981
.bidswitch.net/ Name: tuuid_lu
Value: 1648642981
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bce319d2-2980-4484-5498-c50e269f42a3.mhAKj2ir92LSQqfU%2BrrDLVcTx18TKOZdceJhlyF%2F7IQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvOMZ0imARIRUmMUOJp9Co5U4mbs.DlZwV7fizgS0Jjq6xDF1kkoIROy6TDlIr1VQTSdDvFw
shrinke.me/ Name: _lr_retry_request
Value: true
shrinke.me/ Name: _lr_env_src_ats
Value: false
.shrinke.me/ Name: __gads
Value: ID=6cc800b230009e1f:T=1648642979:S=ALNI_MbPhFrjkg9m0OEGvOGpFQOp17t9jQ
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 4d47d48b23e408856e7093f345c464f3
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEkxMU8xsUgyMk41MbCwMDVLNTewNE4zNjFNNjEzSTNmAIIkF%2B%2BlIBoKADuJCck%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIcvFeCqSgAAATfQGX"
.ads.yieldmo.com/ Name: ptrpp
Value: MSSYBpbIiPIQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPDPyyegXU7j_5wciga8cvo&KRTB&16514-CAESEPDPyyegXU7j_5wciga8cvo&KRTB&23025-CAESEPDPyyegXU7j_5wciga8cvo
.ads.yieldmo.com/ Name: ptrt
Value: d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
.ads.yieldmo.com/ Name: ptrstk
Value: vOMZ0imARIRUmMUOJp9Co5U4mbs
.shrinke.me/ Name: _cc_id
Value: 4d47d48b23e408856e7093f345c464f3
.shrinke.me/ Name: panoramaId
Value: 2e180ec455555e150ebc7cabb68816d53938e373d9b2d909b53baa4a2ce16aa5
shrinke.me/ Name: pubmatic-unifiedid
Value: %7B%22TDID%22%3A%22d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-02-28T12%3A23%3A01%22%7D
.shrinke.me/ Name: panoramaId_expiry
Value: 1649247781513
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 647E2670-BF81-4393-9BFF-FE4D71412F90
.mookie1.com/ Name: id
Value: 10610269616472883662
.mookie1.com/ Name: mdata
Value: 1|10610269616472883662|1648642981606
.mookie1.com/ Name: ov
Value: 17ccdb800436eed0785d0e0a32a74f57
.agkn.com/ Name: ab
Value: 0001%3A9v2XnDjlwacnVJAzuJflyTk64VglrmwT
.agkn.com/ Name: u
Value: C|0EAgp1wglKdcIJQAAAAAAAgAsAViNXAIAAC0BB-agAgABAAcAAAAAAZ-8cP__HgAAAAAALw4vAAAAABOSkp8AAAAACe5i0wAAAAAfDHQ4AA
.tapad.com/ Name: TapAd_TS
Value: 1648642981719
.tapad.com/ Name: TapAd_DID
Value: dbafd45a-3cc0-4902-9597-3c81aff2d313
.33across.com/ Name: 33x_ps
Value: u%3D117602199111697%3As1%3D1648642981802%3Ats%3D1648642981802
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
shrinke.me/ Name: id5_storage
Value: %7B%22created_at%22%3A%222022-03-30T12%3A23%3A01.774207Z%22%2C%22id5_consent%22%3Atrue%2C%22original_uid%22%3A%22ID5*CAGazXRhhN8RcVNREkz9o8Mh9WMO61FOHyMO6JzmKMEMznn5aANKp6lv0zRqn9gaDM9gZFWt_PbpC_lgj0U0iwzQKpljbrmUsVGYSuA5zD8M0e9RcRqCuKcBGqjXnK6_DNIYzJpumw45UvWiCen4tAzTf0tJJ8n51cDFzAlQgHQM1PbeZllUI_pdn-_7iF6YDNV1ArP_A762aegZwo9KTwzW3zDkANi4g-OVsMLKZkAM129DYxxA2hc6v48AD89pDNhsYbHALssdOugN6l1Q4QzZsf_HygEbZbyHrE3oG38M2oCuYd5LYC-ephZBA1UyDNvpUAAt5NxDITZAg-2IZAzcoOqCEmAUAcJSonthANgM3Rr2TWWt9oh28fh9XO2oDN6ChWA32hUZHI4pMVXhrAzfKQGDqTtJpHGYmhOFkDEM4MHRZmklTM2d4P4ytnw7DOG1dvfK8PSlABtjbqEKjwzi6TEQnsnp1uK2C5bwwqYM4885IDAuYJemIEceTi0eDOTgf9M5RTzxfBQIiLGa8Azlj1yGsCCB4G8YB3D8HcMM5juLT_yB2NcD-cdMl5MfDOd4u2nOM7wzvUm5lQQdwQzoJyIdhuX8r6fSJkhdy_QM6R7r4AWbkQrhJMXGTBGDDOrloUNK1BSxVurxyhMNbQ%22%2C%22universal_uid%22%3A%22ID5*qdMRcLkqXwg5CabYpE0XXfIX2aKgdgFtGolEMMHAg8kMzkS9YvrcEGGKQQ5Fa680DM9Xb6HwkKeh2Q5Zsd5tyQzQnJifGVXDQeS4I1vfWD8M0bSkIN4cSZ6qaaBK-j_bDNLutqoBtEYTfEaUS6BB1AzTVLjmJWfZqwiThDbblAUM1L_A3iDAO8Rd2oJYiplnDNXx8nmoE332LOgy-8tZEwzWCvOWLH20elgYMGDTE94M16I53nrhVrNgzVWS_6h1DNhhq2HJYY32baaST2ft9wzZI4C0Vo1QXONvptYpvY4M2p1DVhPRJ_nS98A7uy4tDNv4-LXfeMiIrWf1dtR9Rwzc3lZKFTxPTHVWE7Vtd_YM3ZURvKEns_03J0H5GkmYDN5W83rsZDUREGA_GP1imAzfHfZV8bL9SxYknE__bFgM4ET7xKW8-B2og-eWI8_pDOGY_wfvuV4UoVRP90VAJQzib7wqKCsgHYkWzO3LdHUM4-OM5bTUo3IB1A7-68iLDOQRSzEP9ix1Fp1vTSSbegzl1S6mklZyiVSp-oI0Rr4M5lw0VtbjcZfhsRRvmQ0TDOeo_-9cs-9ksC4fL7JeQAzoFtohKiRYUEygvDiLmzwM6agGF2DrwT04rEcvVoUPDOpdb-0gfmil5bCJlKiAxQ%22%2C%22signature%22%3A%22ID5_AfdIjydmpFJ8t8eIFFcbB4or4xHDarsrpFSvX-CjGER-yAuU4ZgG2NeTT0v5v0XjsD6CRVdwjHNk25if4MOwzjw%22%2C%22link_type%22%3A1%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22other%22%2C%22id5_consent%22%3Atrue%7D%7D
.mookie1.com/ Name: syncdata_TAP
Value: 1
.mookie1.com/ Name: syncdata_NEU
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YkRLpgAEsiXZUAA-
.ctnsnet.com/ Name: cid_638d4bf0d6c5480da487c43b30b0e120
Value: 1
.owneriq.net/ Name: si
Value: Q7019293821359926568P
.owneriq.net/ Name: gguuid
Value: 1
.go.sonobi.com/ Name: __uis
Value: 2c420fd2-abd3-4224-9303-8a017d8258fb
.go.sonobi.com/ Name: HAPLB8S
Value: s8513|YkRLo
fksnk.com/ Name: AWSALBCORS
Value: aDYceKjQxubCrrBb1nUwzCff57Y3VB08hyj2Ec8JMg2fuMmc94/FYIZ4j9G6K/XVTUhZafc4dv0KXhFvsQI7TO30G4iMc4GCUUvSI9qpnj9Cs8o0NyfOxKctHxAj
.fksnk.com/ Name: f_001
Value: EACC6F642E47189C
.fksnk.com/ Name: g_001
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adkernel.com/ Name: ADKUID
Value: A4400094246947355239
.spotxchange.com/ Name: audience
Value: 24f405f9-b024-11ec-bf3a-16765c7f0403
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A4400094246947355239
.blismedia.com/ Name: b
Value: 62444BA70492E3CBC74D4CC8BLIS
.adform.net/ Name: C
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 22c7fe0d74a5121a
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.adform.net/ Name: uid
Value: 4668821410471988469
.zemanta.com/ Name: zuid
Value: IXsgapRFGAyIZX8Ya0Zc
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YkRLpgAEsiXZUAA-&KRTB&22978-YkRLpgAEsiXZUAA-&KRTB&23194-YkRLpgAEsiXZUAA-&KRTB&23209-YkRLpgAEsiXZUAA-
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7019293821359926568P&KRTB&22521-Q7019293821359926568P
.sitescout.com/ Name: ssi
Value: db570c61-a535-4c8c-81be-3c051b4d09b7#1648642983252
.acuityplatform.com/ Name: auid
Value: 659618076813
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBP3ZYeCqumGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT92WHgqro90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.yahoo.com/ Name: A3
Value: d=AQABBKdLRGICEJr44NCdCGtTD8aIL4poc9kFEgEBAQGdRWJOYgAAAAAA_eMAAA&S=AQAAAo0fYS4G0dmyD_pMZP7nLZo
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-7d691154-004e-4252-9e0a-d9d99806fd73
.w55c.net/ Name: wfivefivec
Value: ae5hhDkq1NzxlR5
.inmobi.com/ Name: idsp_c
Value: db260b88-6210-4169-9720-e61665ce5cb5
.turn.com/ Name: uid
Value: 4460801092495011935
.adgrx.com/ Name: ADGRX_UID
Value: 254de68e-b024-11ec-bbca-3d3cd1174a24
.ipredictive.com/ Name: cu
Value: 2550dbcc-b024-11ec-ab6a-758556ee574a|1648642983301
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-659618076813
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 620e860e-a79d-4ef1-806a-f64d9a847145
.w55c.net/ Name: matchpubmatic
Value: 5
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&KRTB&22918-d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&KRTB&23031-d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-db260b88-6210-4169-9720-e61665ce5cb5&KRTB&23266-db260b88-6210-4169-9720-e61665ce5cb5&KRTB&23285-db260b88-6210-4169-9720-e61665ce5cb5
.creative-serving.com/ Name: tuuid
Value: 64d0b1ae-ca68-45af-a756-71ed697dbece
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:ae5hhDkq1NzxlR5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-254de68e-b024-11ec-bbca-3d3cd1174a24
.quantserve.com/ Name: d
Value: EIEBCwHkJfijAA
.quantserve.com/ Name: mc
Value: 62444ba7-5d170-e52e9-6c1ba
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1709217890454926719&KRTB&23339-1709217890454926719
.rlcdn.com/ Name: pxrc
Value: CKeXkZIGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A21DF2CDF4B34C7C8E43AAE9B595FC54
.admixer.net/ Name: am-uid
Value: fb4a059bc9ca4adda6fd8d27518e29df
.pubmatic.com/ Name: KRTBCOOKIE_1282
Value: 23359-64d0b1ae-ca68-45af-a756-71ed697dbece
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0ODY0Mjk4MzQ0OH0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4460801092495011935
.bidr.io/ Name: bito
Value: AABjsU7EiJcAADHbmN0I8A
.bidr.io/ Name: bitoIsSecure
Value: ok
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Da82006e7-ec88-46b8-b0b8-c2ef3527abca
.bnmla.com/ Name: rx_uuid
Value: a82006e7-ec88-46b8-b0b8-c2ef3527abca
.bnmla.com/ Name: rx_maxage_10738
Value: 1649938983
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-2550dbcc-b024-11ec-ab6a-758556ee574a&KRTB&23011-2550dbcc-b024-11ec-ab6a-758556ee574a&KRTB&23355-2550dbcc-b024-11ec-ab6a-758556ee574a
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4668821410471988469&KRTB&23263-4668821410471988469
.mathtag.com/ Name: uuid
Value: 41b86244-4ba6-4d00-ae4c-0c44c15dcc35
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&KRTB&16736-uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&KRTB&23019-uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a&KRTB&23208-uid:af0c6244-4ba7-4400-9ba3-1fb4de76c04a
ads.playground.xyz/ Name: connect.sid
Value: s%3AZGRJYM-H2yL-ZOLRGBsRkiiIdWbQADDH.QJg4yTct6AfquKuhXzY7v6vsA8WlB7DReZBZSYQRINM
.tribalfusion.com/ Name: ANON_ID
Value: a9nuJts2aF9pAJsbYZd7KNIRRrdpXCLDx0q4tyXjdNwZatFr4TaqVFNelBWTo3qPCmrtr8e2oeG7q5kk7k4Bp0gDR5PS1ZdjjU8pcUv2GdgDf9n
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1czj|7TZ.0.1|7dN.0.AABjsU7EiJcAADHbmN0I8A
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220330082303-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uid
Value: D344517B53FA41A180E6539523031534
.technoratimedia.com/ Name: tads_uidp_73
Value: AABjsU7EiJcAADHbmN0I8A
.mxptint.net/ Name: mxpim
Value: R1B341_ED8B39E5_108963CB.1.000000000000000062444BA7
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGblm2ylRjuANlcfL5AAAAAAA&KRTB&22713-AAAGblm2ylRjuANlcfL5AAAAAAA&KRTB&22715-AAAGblm2ylRjuANlcfL5AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-a82006e7-ec88-46b8-b0b8-c2ef3527abca
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz&KRTB&19420-zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz&KRTB&22979-zmyUQsw8wUHVa8RHz26NE81sxU_VaMNHmj_aGmjz
.pippio.com/ Name: did
Value: 8sCxby1WG3Klq_aZ
.pippio.com/ Name: didts
Value: 1648642983
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABjsU7EiJcAADHbmN0I8A
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-db570c61-a535-4c8c-81be-3c051b4d09b7-62444ba7-4341
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_ED8B39E5_108963CB&KRTB&23092-R1B341_ED8B39E5_108963CB
.analytics.yahoo.com/ Name: IDSYNC
Value: "196y~241o:18z8~241o:192w~241o"
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-7f6e77c9-14a3-4120-bf1a-82d1a5a54293
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 9b1a8518-0278-5359-91f6-4224f3b20983
.betweendigital.com/ Name: ss
Value: 1
.shrinke.me/ Name: cto_bundle
Value: CwvCkl8xdXcyVlN2SERtNnJTVkszdTRubEVpb2h4Qm1pJTJGSVRnTGw2WERjbjklMkJMVEJ3eGdnWkhLQWlJeVNiM3M4dUxWN0FDYWhSTWhobnBWZHMybFBiNDZFazJDVmpCMTN0VWZ3UFJLU3Y5RzdiJTJCY3BYR0dGbHNtM05UeTlSSXZTWkQwemJEVEJyY1MlMkJHU2wlMkJiRUk5WEhhNlNRJTNEJTNE
.shrinke.me/ Name: cto_bidid
Value: SfJQJV9IQ2VNS0UxVjRCUnl2aG1zbktId3pucFN6JTJCOGd5aTdMVjJ2Rmh3eTdUQnZjWk54T3BzbmFTWHpreEFWd1lpUnZrWkY0aFRMaU1zWENiR01FQk1CUkhGOXozM1FJYXN3cHJNdVpUbHBxck5vJTNE
.lijit.com/ Name: ljt_reader
Value: 8dfcb9d28e05f6f8bb51f33d
.id5-sync.com/ Name: id5
Value: 8d5664cb-c964-32b5-8930-337cf8f8e75f#1648642983286#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.betweendigital.com/ Name: ut
Value: YkRLqAAEB0D3XNyoHVG4Z4DWF6fDpqyGcmQ6pg==
.pippio.com/ Name: pxrc
Value: CKiXkZIGEgQIAhAAEgYI7OsBEAA=
.disqus.com/ Name: zeta-ssp-user-id
Value: 9bc802c3-41d8-147f-3a77-38f511b69757
.linksynergy.com/ Name: rmuid
Value: cf686836-2d6b-4bf8-9fc5-fb66f03651ec
.linksynergy.com/ Name: icts
Value: 2022-03-30T12:23:04Z
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
beacon.lynx.cognitivlabs.com/ Name: ss
Value: fGwsieGt45Vlwmze427UxwsJ3qSM2%2FzKgtdQHJDWQyQaOIhxaGfvDs7Z70EuHR40HOGvkhengwKiLD%2BOmAVnJg%3D%3D
.w55c.net/ Name: matchcasale
Value: 5
.rlcdn.com/ Name: rlas3
Value: fUduWOqodCVvJjh/9mOQqLcl6zvcwzrUcmixnrMNtK4=
.taboola.com/ Name: t_gid
Value: a9163071-a894-456e-8679-f988c19e3124-tuct93dd128
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJhZmJkaWFibmYBALUZ-XkQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjSzNDc1NDO3NDA2MzA3MDcxF-Iz1DUrKKgyd3HKCLTwqAIA04wXNCQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjSzNDc1NDO3NDA2MzA3MDcxF-Iz1DUrKKgyd3HKCLTwqJLiNTQzsTAzMbK0MDE3swAAsSGRCTMAAAA
.dyntrk.com/ Name: dyn_u
Value: 04030001_62444ba8c1e5a
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_027a5590-d9b7-4b79-bbc1-0d5bf2a394e9
.adskeeper.co.uk/ Name: muidn
Value: m2u4UG_bjun5
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2E>2m7h5]!]ta]8i_iqf!oN/@E'zz<*Z0Qrub88$p-cxm>1TK7QwoCt+R(PrviT%ioMs#TD._*Pl[i'pRL>iih.1^5+D-M4L+P64/5L[=2XD>3kH`#3k%%l5.y6b=NRfhA=9kOe+.<Q!*9L)?$lVw
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI1NjU1NjM0OWI0MWQ2ZTZlZDM2Y2QyMjg1NmQ5OWQwOSIsImV4cGlyZXMiOiIyMDIyLTA2LTI4VDEyOjIzOjA0WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTAzLTMwVDEyOjIzOjA0WiJ9
.360yield.com/ Name: tuuid_lu
Value: 1648642984
.360yield.com/ Name: tuuid
Value: f1965ea8-b3dd-417e-970c-fdaecfc86aed
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.rubiconproject.com/ Name: audit
Value: 1|ZHNzoPtqnbV+GnM6JllSnqAg/kf84x/cJnETWI+R4vrWaDs14xzbSOgXeSBG2XVqcwDGK2aRcSPyUhTWCqUS/Ek4PZsAbGW4LEwEx31w6pBWArGI6KDc7ApZIr1EtStGCax3pyYFnS0=
.smartadserver.com/ Name: pid
Value: 3410955970430486413
.connectad.io/ Name: uid
Value: YZA023WAgM7n9zSjlebRZsXID3jTuFy5p2CyzeY9
shrinke.me/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%7D%2C%22C994618%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648642985412%7D%7D
.pubmatic.com/ Name: SyncRTB3
Value: 1649808000%3A240_222_165_56_13_231_22_55_71_3_220_57_54_5_166_7_96_178_239_48_176_204_234_21_8_99_244_104_233_189%7C1649462400%3A63%7C1653782400%3A69%7C1649203200%3A2_15_38_223%7C1651190400%3A224%7C1649894400%3A35
.creativecdn.com/ Name: u
Value: qbJtu5hjs3huaNl8uTN9
.creativecdn.com/ Name: ts
Value: 1648642985
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-vOMZ0imARIRUmMUOJp9Co5U4mbs
.onaudience.com/ Name: cookie
Value: 58d5ca5009426b84
.onaudience.com/ Name: done_redirects109
Value: 1
.fiftyt.com/ Name: fifid
Value: 012048fc-1744-46cf-4cd4-a5fb0e2490b0
.fiftyt.com/ Name: cs
Value: MTY0ODY0Mjk4NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCLDQS336fFkY3CRTOVklhJvW3-4IPohcyzTzp5OaW2q
cm.adskeeper.co.uk/ Name: mg_sync
Value: {"0":1648642985}
.semasio.net/ Name: SEUNCY
Value: 28BDAC8466B496B8
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.fiftyt.com/ Name: fppm
Value: 20220330122305
.connectad.io/ Name: id
Value: eyJpdiI6IjZhMnp2S3BLWit5XC9WOWRwamRMVVVnPT0iLCJ2YWx1ZSI6ImtKNTVZZG5EcHd3VEhkTWxHZVIwYktveXNvcW5ZRlpSdEZIeFdjNnVNNzY3WVp6anlPQzFDKytuSTQ0dU9CK3RwOEhnYTRPXC9mOVlHbEFUWVlMXC9GeTkwUmhyVlwvcXVJMDFQZ1dSQ1J5Yysrb0c2RVBUMkRaRG9yQkhubFFhVFlYMm1pUWJxZnRoaFpkTnZBdXNmYzY5NE8xallqVkdlNTdGYnNUZjRmN2RcL1A1M3NBSTNnNEd0U2k3ME9mbUZxN1hpQzArZm1JWjdxNlpGejBnS3FicXB5N29yamVMOWZKVDN0Q0ptTHo1RUxBaXZ4d0Z1VUw1NGFIWk53bUlNNFNzMXpaa3QraWpPbWZ5VVhyclZ2SktyaXNVM1wvSkhwRTA4SDZpTWVkQlBLOXFRZ012a3FwTXpXNmx0RGtVbDVFT1RabzhZOTJHWE5JNUpyaGEwa2Q1UUR3PT0iLCJtYWMiOiJmYThlYjliZTA5YTE0MDZkODA0MDQ3MzI1NDhlZWY1N2IzMmE2OWFlNjZiOWMyMzZlZWQwOWJlNGEzMDZhZGQ2In0%3D
.casalemedia.com/ Name: CMRUM3
Value: 6f62444ba905a0&f162444ba805a0&0562444ba905a00&2d62444ba405a0CAESECSGGE-DIjC1X-fLpm_eWu4&2f62444ba805a0&c462444ba805a0&e662444ba82760&1a62444ba905a0&2e62444ba805a0&2962444ba805a0&3962444ba82760969751679036070747&0362444ba9276041b86244-4ba6-4d00-ae4c-0c44c15dcc35&1162444baa2760IXsgapRFGAyIZX8Ya0Zc&8262444ba92760AABjsU7EiJcAADHbmN0I8A&2762444ba82760d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad&3362444ba927607f6e77c9-14a3-4120-bf1a-82d1a5a54293&4962444ba905a0&0462444ba905a0
.casalemedia.com/ Name: CMST
Value: YkRLpGJES6oA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1648684800%3A174%7C1649808000%3A221_197_219_236_245_246_226_228_201%7C1649203200%3A164
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1648664586062
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI0I2MlMKUyToQBRIXCghwdWJtYXRpYxILCJLT2ZvClMk6EAUSFQoGY2FzYWxlEgsI-raUqsKUyToQBRgBIAEoAjILCJT7-uTYlMk6EAU4AVoHbnd1c2x1bWAC
io.narrative.io/ Name: io.narrative.guid.v2
Value: 270457b0-b024-11ec-8734-065a0b8073db
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1648642986214
.c.appier.net/ Name: _auid
Value: 57imGiyUDF6-8nLhqktEYg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-57imGiyUDF6-8nLhqktEYg&KRTB&23130-57imGiyUDF6-8nLhqktEYg
.pubmatic.com/ Name: PugT
Value: 1648637880
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: SPugT
Value: 1648642987
.smilewanted.com/ Name: sw_user_params_infos
Value: %2F1CJyKTx0EkVf7pMer3CD97f4e%2F6fIPL0gjo%2F%2BgMNRp%2B5UMneZrz8ZzPT8yBFLiT5HaTGS8Q5AyAVBSQVKNwq8UpKrDp5AfxUDpfrqIszbnRrS1poz9RiP5P0zn2RPp8YYL5D2ZjAFor3vNWbNLY4Eb3d46ooD92mIjxY9FbE9NU6ewSyz0n0wj3r3bOpDfrpFLmsnlE71li7aDE5%2BggiH1Lw0JVD2rUQS8Y86pLhzUbNtrCfrPnyT24wDRe1OnUFQhfSE8258%2FPuC7TRzzJIV4PoHX2WJXMR33B5gfQViG3UJC7i4mpVjSZFjeYCssv0RaJXxMqEV1TyAiDHzbmv2c%2BjLvDJrvxyS9HVo4Et%2FQlhMz9vCv6DLi8NV7%2FYFPvCUvN6XAQlzgCDXaP5onEyiWa57TDyinvtpKupsOLtyp1D2FNe2oUHmrtvESO4XI7uq0h4vcK3Qwx3dDNTTweNhuvuWOSU6Cn4CHa19I0cZA5MKg3OqpiL3Zoxg5UKHsC

16 Console Messages

Source Level URL
Text
network error URL: https://roofprison.com/18/44/b8/1844b8e470c024a415cff51a0843d71c.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://roofprison.com/2b7825b40010ad17ac7b5777c664449c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Message:
Blocked script execution in 'https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Message:
Blocked script execution in 'https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=1709217890454926719&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://googleads.g.doubleclick.net/pagead/s/xfa/mraid.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: about:srcdoc(Line 1581)
Message:
A preload for 'https://cdn.somplo.com/assets/130/1_macan-semibold.d147812_1640711150.otf' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjM1MDMyNTQxNjQ3OTExMzUyNDY0OQ%3D%3D&google_push=AYg5qPLIbAMtoUKl4-CT9RrOFAOXnykhYx1y174R3CL--T44CNpB0h4elQHVTaKbk_fVmbmsInHsIvmz_Jqt5y7RYgoUoqYZYKA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d7b4fccd-eed9-48f8-b0f8-4ff694dd7fad
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: about:srcdoc
Message:
The resource https://cdn.somplo.com/assets/130/1_macan-semibold.d147812_1640711150.otf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ba5d120d4a9bfe8df2b9463fd79ce4c.safeframe.googlesyndication.com
635df74dcf0f7c6b0ae0a11e590f1e8a.safeframe.googlesyndication.com
71d863cff5d2620b1c53acae9bcdba7e.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
accounts.google.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adserve.somplo.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
analytics.google.com
ap.lijit.com
api.intentiq.com
api.rlcdn.com
assets.vlitag.com
b1h.zemanta.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bookljlihooli.com
c.adskeeper.co.uk
c.amazon-adsystem.com
c1.adform.net
cdn-adtrue.com
cdn.adnxs.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.aralego.net
cdn.connectad.io
cdn.jsdelivr.net
cdn.somplo.com
cdnjs.cloudflare.com
choobinoobi.com
cm.adform.net
cm.adgrx.com
cm.adskeeper.co.uk
cm.g.doubleclick.net
cm.steepto.com
code.jquery.com
colossusssp.com
contextual.media.net
creativecdn.com
cs.media.net
csync.loopme.me
csync.smilewanted.com
d.agkn.com
d301cxwfymy227.cloudfront.net
dis.criteo.com
docker.creative-serving.com
doobyyooby.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.adtrue.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
gcdn.2mdn.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
io.narrative.io
ius.ctnsnet.com
jsc.adskeeper.co.uk
leaderhistliness.info
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mug.criteo.com
mweb.ck.inmobi.com
nep.advangelists.com
nym1-ib.adnxs.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pbjs.e-planning.net
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.somplo.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubmatic-match.dotomi.com
px.owneriq.net
px.vliplatform.com
r5---sn-t0a7ln7d.c.2mdn.net
roofprison.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rtb2-useast.e-volution.ai
s-img.adskeeper.co.uk
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
serve.somplo.com
servicer.adskeeper.co.uk
services.vlitag.com
shrinke.me
shrinkme.io
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
supertruco.com
sync-amz.ads.yieldmo.com
sync-eu.connectad.io
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.connectad.io
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
sync.technoratimedia.com
t.6sc.co
tag.vlitag.com
tags.bluekai.com
tags.orquideassp.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u-iad04.e-planning.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
shrinke.me
sync.aralego.com
104.105.36.85
104.105.42.146
104.118.8.25
104.118.9.133
104.118.9.53
104.19.131.80
104.19.133.80
104.19.136.80
104.22.69.131
104.36.113.107
104.36.113.23
104.36.113.24
104.36.115.109
104.36.115.98
104.45.178.220
107.178.246.49
107.178.254.65
107.22.28.167
13.225.195.60
13.225.214.125
13.225.223.71
13.248.245.213
141.226.224.48
142.250.176.194
142.250.64.66
142.251.40.98
147.75.38.124
150.136.26.45
151.101.1.108
151.101.129.44
151.101.130.49
151.101.65.108
162.210.196.208
169.197.150.8
172.105.232.22
172.217.165.130
172.98.26.125
172.98.26.126
173.231.178.117
174.137.133.49
18.206.0.36
18.207.82.126
184.50.205.90
185.167.164.43
185.184.8.65
185.29.132.241
192.0.78.146
192.243.59.12
192.35.249.127
198.148.27.139
199.127.204.142
199.187.193.185
199.38.167.129
2001:4de0:ac18::1:a:3b
204.2.255.233
204.62.13.72
207.198.113.170
209.54.177.54
23.221.200.79
23.41.168.202
23.73.241.119
23.88.75.186
23.92.190.68
2600:1f18:4e9:5a02:1f3b:68bb:44b5:b695
2600:1f18:612b:4264:5fd:edb0:5599:8b67
2600:9000:210b:8a00:12:fc33:3bc0:21
2600:9000:2120:a000:2:e529:700:93a1
2600:9000:2140:d000:19:fc2c:a140:93a1
2600:9000:215f:4a00:1b:5138:8a40:93a1
2600:9000:21a2:8a00:1a:609a:6780:93a1
2606:4700:10::6816:2460
2606:4700:10::6816:37ce
2606:4700:10::6816:3ac7
2606:4700:10::ac43:15e3
2606:4700:10::ac43:8ae
2606:4700:20::681a:467
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700:3030::ac43:a287
2606:4700:3030::ac43:dadd
2606:4700:3033::ac43:8bcc
2606:4700:3033::ac43:a861
2606:4700:3037::ac43:9a47
2606:4700:3037::ac43:9e3b
2606:4700:3038::6815:ead7
2606:4700:7::a29f:8a55
2606:4700::6810:135e
2606:4700::6810:5614
2606:4700::6812:c05
2606:4700::6812:d05
2606:ae80:1451:19::1370
2607:f8b0:4004:c06::9d
2607:f8b0:4006:806::2002
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2003
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::2001
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::2006
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::200d
2607:f8b0:4020:1::a
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:9525:7e6a:be2b:3707
2a03:2880:f112:182:face:b00c:0:25de
2a03:90c0:9996::9996
2a04:4e42:600::300
3.219.48.45
3.226.8.84
3.230.82.111
34.102.253.54
34.107.148.139
34.120.155.137
34.204.64.181
34.226.0.144
34.232.7.173
34.96.105.8
34.98.64.218
34.98.67.3
35.163.94.139
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.201.96.126
35.211.178.172
37.157.4.23
38.27.122.101
50.31.142.223
50.31.142.255
50.57.31.206
51.161.118.168
51.222.39.186
51.79.83.225
51.89.7.202
52.16.159.166
52.200.181.105
52.202.13.238
52.205.80.231
52.223.40.198
52.3.54.123
52.54.192.111
52.54.231.250
52.71.87.250
52.72.71.171
52.85.109.33
54.147.248.200
54.152.225.144
54.175.87.114
54.205.198.81
67.202.105.22
68.67.160.114
68.67.160.76
68.67.179.133
69.166.1.10
69.90.254.78
74.119.119.129
74.119.119.139
74.119.119.150
75.126.248.142
8.2.111.126
8.28.7.84
8.43.72.97
96.46.186.57
00ea380aa9569377a185aa7c9484b3cd6a7e08d988477f34e8382c7bf45067f5
01be366c0d9bf06c5900a08ac982e2dc5ab239301887224f3d190dcf15bf4e7f
030f3641d401c58016ea807d744f073761527a58a381112027f91cbc1671d87f
03d5afeb530119a46b8e3b94c1a61de84e96e0691b466fe9f8e2d051999231ae
03e66aca1f57af6b92823dbe7cc2c00466aa77d1c77a5d8b1e48da9d73236263
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05f4b213e63945d8b55131656acde8f13a89a2a563ed2463e2f98b9d30035f97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f043cf14ee319f265959a9ecb1bf2cb0cafaeca9affad94d863d607934bc94
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d85574c533947b60b67e6106be5e9e15c976f75d015f7896cc897b987a211ce
0db1f99730ce36725892ee85b10c16e8d10ed3e315ae69becbf47a7473928cb9
0ee3cbe9a0ba9b5f0ca58c0fb1d5cc57bc8642af823dbd6832131d3998503698
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
1154905eb1bd3586d5041ae47f43f59ebcdd81abf90f25dee4925df595604f71
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
11f3e1afe7023102ed0b88b3c78bb69884783d7b0ae203cf04d888141acbb390
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145fc61993b2b5df29d62b5788c4459d1a85342d9048919ea74ba12f26fd000e
150dd86c4b58cf678535b5b9ce21f1f0ac605dc7f984b64a59414d6d5e685406
157183ffbe0c479d95cc13b7f02abc1dd8307395ecb569a8581448c10d7e5ec3
15b05f02ae38f116300554c11c4405155adaff9cfe57dff9abace07ea2e8a50a
15ee97dec5ae7b1f3bc44dd63f836c7c4d43e89b92d07cd737a4a397911fe854
1733aa36c03932cc2da7b5dc4b1020fb74b6d6f2354897fb6e8b230ae27eaf12
1764ee79f2be05e9ff5e3d4a6d4725cd6052e8408f89758404980fa03113eba5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
19ee33510c4d6c3a2fbbf978fdc8307facb877787b885080c13206b848684740
1a792de5013d00900f25edd33785fd9017d8eb0d6cf2eac3011a2ac623410cd1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dad72b7f43a44149784ba6c1c3cb54dbe71835977795b64cb1b3b2767194be1
1f5f85c03b32c29914eb1d136fcfea793078788bce67c236dbdcf57f997e6b70
1fff5bd07300a6ba982f3b5a4ad538c682b441783fb2d929da7fae899c62ac78
23a3e025271ec571854b9b8db4412459a204a5468a324f67b0b0d09401fe91e6
23d6c3e10f9a845feab9aa6dd11e4d6f035f3fbe3600f23f46c6820a9c7aa669
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
252e6020225f1203ac3e367b50cba4d7eb4ee3a225a3b5cf0cc4ac65be9cdcb2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2764084e23dde4cfda0293beb98f94d5c13c4e0bb8a00f05c5b010db7328296e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
291690563f00b332a32ab96a0312d5b2f8329d6f2e3ffd8a4f15006e210dbbbc
29368aa847c1cac5a3ce9a3e280a7d3db2302ff0da7499eebea400ef280b8e01
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb3e063c944e31fbed795f7c6792cc89e703def605ad0c936eb3bbfa3decb04
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d4e4d52562cae962932e7f135d272cbafcce82eaf1d00be661370f096502265
2e2a121074df0e8f74e31f108a44c91c0f87b8ee89b1afa506863bc1cbb1a236
2f42d32694dfa44a8b59d1087c12d688e1ca17a21c87e777f072b11dfaf45779
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f70e579d45f5815be390a6324a4249876ccbaf2712d09afd4fb92cb496c8156
30077e599842195e23d382b85dd6d3ab8bbb43bf3bfb2529422dc6e970bf6632
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
344c796739dcd2426dfe76ed610d76d4f577a7b4d0c9067c49f5683cb500f071
34bfecceb73c1ecfb81f4a750b75e432d54dd273bb9963d2bac4cee1f6920947
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
379cf77cd5714e54741f614a43ee07628c29f52ee1fc228d14cd0d77af961ac1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38486c1f06117d5e5fdddcb49217dd9f1537573919b130175fa8509796647576
38701ad499623031bc05760c368f45e87e247d52738d35862bd415ff7510e839
38a94682655a67eb6c5de40eb7f94a7c3549337990067bbc8e4a9d2162669a00
3a2fa9999376fd91caaf7de0936e0d5c714e89a8c22de1d71bf701ae46d62bb9
3b1f2730e274f3b9c5afcce42e3f454c37cdaf6023a0b7ca6365c99049ba9c95
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3d5df0add09a4c5acb42b804caf297dc5b99dd255c3d43e75b81436ed6e1c6fa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f3e281a9d9a419fbeb4dc6ccf11cf81f7f3c58733b3f7df48e94b2903b1ceb3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4012e9491f341f35778b5a6ef11d3e3f2110ccdb8023dd9c28129ba6c5417d84
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
467de54d0401ec1eb0f9c2987c20bc6606e985ec88b5926e4b59b6d76494a971
46bff755f5fc6e994c3340d10801afac37d3820c0ee1581b0022ebec7d9f3035
47d0d8076a90b14ab4c6a82327a13eee300c91f079ce301f25b71414209b3397
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e4e2e518084a312e9fd77bb0b06840bbec3f6256f05b74a787a296f65d87ed
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a2ab49e438da337fc17f0b6d2298c1ca7419d751c17454f3c25a560d2e9e582
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea3a9219fe30f23026b1e83d76df34e122894957d1d75e1514738f892668094
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a51004b3176df96f756ebbdd0b21d2d4c0c48153a3d6299494bc6ad61b447f
5236118325eded43426e4435b034cdd0e66e2fe4cd71c6aa372843121169973b
547332ee60717c8e2d32bbab875eee5b20a95e0b2cf853307d6be4f17c8b96ea
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a95c4dce8be0c0d0e4182d6ead9f4c9e8ee1a5866b133e2a5d39a465b80d7f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5886e2afaa06b2bc451718fb0e3dfbb6c31eb936ae01a5ceff4ee397b5764a60
5893623d9547b77763b0df3378cb7952c49076348ce648b16c14733f9c095b2a
5ac66c29f0c4f23fbc429158c9b55167a92113848a77f91c7382b2923aa349ef
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
617678b45724683243adc9608e3d5eb2629c7e6c5482c0569eb359d1e2c00c02
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626d4fe60d4087c4645b64ee35910544be9486b97d748b2737fb20273ae25e35
63ee826563c39189c0d13b8d5cdc0c9b012e88ab295deaa0647afbc86ea50e28
648a8202920b3e9ab1561e1316929fc7c402042db6014f3bbcd6f09e2775ca8b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670905ee3926d357e236f15b8805a8e9e5d1563525257c5cb3605924090abf63
67521c94a4566f03afc24a68425885aec864fe2578485817ce014980bfd0ccf1
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b54b9d51b8e7575fc6ac2e2bfd7826e021c3385b15f6e07581d58234219a3ce
6b74fba6e8c57f559811311390a0137d43db05b8327f3288291d412c84badc6b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc76212b52d09a17241ae0e7300e78e1e5185e5c378ffb4f8707b951976f31c
702e37774e23b39185928a452e32d803161e5c7925ee0cb1fb321f9a549f9784
708b3c51b04e3743f0b3495d8435b8b2c4fffd49a9d4efeb0cdfbe6b1113c4ff
744d69df11cedd161743200342e2b923be8e0f3826b0c632fcfe771beacebcf3
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
777c06e7b18ce8d0f09f93f987a5bfda49a71869bca31d12c3026f6ca7d58f8e
782fdf9adc98c3d535fd6f75cadd0fd8f1d8524b279fe2444432dcfc2fbdd5fb
78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf
79df3b076b6c79b51d4dbddbf4133ff7ce25b86131b1531d48f6833ce93967fd
79e59a4d170acf6a286c1e6da9f3f841ec3fd94d88871e36cf8315e385b77c58
7b3be7c28a35b7d715873caa924c0460fd12a822d095e488aa342dc1f3763824
7bccaa172472fbe8f62639778138e12f36947dade68b0a7ec268e3491303f0d2
7beb3d4b288a72273293bd84328144c3c7b46ff8d7b9d2a28bf122528928a193
7cb745c1c8cffe3edddd856464e624896014f9b980629890b3986c6da3f056f3
7d3983b40d23336b14d5557faa3990c20ead964bfe040fdbd54db59bf2a9333a
804d6c78c2da5437b8b8885b577965a5dfcfaa1e5a78b8d81a8e29ccabf647cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88a832c4111e0b3790c12bbeffd2ab3edce59cb14106de52e2b080062e3e78f0
8988eac03be1d69dc1e0bc0026620a19b858c662ad4b01ce4c1b5a485aba843e
8b01e44a753382ec593ccb0578feb0bab6b996d6729e181de1b34be5ea2d8219
8bd360a803c67f1de5915334ad1c0bfebc5c3f00cef7fd3cf9e83e18a3ae4907
8e933cc9769f0e6f2500ae75b01341272e6de8b2ada65678eb57894e2f7c615d
8ea4ea3e5514608153c01ec00cc8a9daf4b5cd944ec6d3096fb97a1b3b57487b
8f10ee37b3994f4c73a96ddff816c70a652d045151f79eb285bdc4bda986783d
8f732a780f3f223d61fe33661645fcaada4c5a2e67de955025fb52803d9f6165
8f77a97c63c06720fd4be1b1c9b49708c19a31845c31e511977582df2ae13d2b
90330951e486dd4303a83f369db490420782093ddeba680cc36e97744de4fd42
904cb51061fb08cdf8aab6293cc564ad3b6f60644af87aafee36c7cfcfb900d6
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91d2fa1a71f9df46a7ed5a1a70dd0166fb5a0d9f8bb47cdbd9cec73df3321826
92902d3258e612b58595945ceed3194e1e8bf195eb9dfa3fd8b6eee11b8b9f1c
930ee978ee006a184d81a585f44f728e478779b168a96ce4c1f16920bc24aa35
94552076b727c245dcc751c0c87613dc8ca8c65653b73214d519ba4936477399
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
95eac434d6d57808ce6a445533e0411802684fad8fb4bfaa2d35189b85503183
96a8e0be24180feea7bb576beda59048a96bdbf1528f0fe3c487ee6888e07782
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
9777428de88c524584f0133c3c0d9becf5a3840597eb16dc873bbc29b9a0bf58
97f82abe23efcb481e550e942eebce7aa01ec565c4c0887eb0c1aa4e3e4025a9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f25dfc780e7234ac58920f3785820470e3f0e4381dbf2b1c1f5d4314c69bbf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fb7ce12720d6e4a03ce10cce389a795c8016b229d6d118661ecd66696e254c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab61566d4d06e5651185a9d3e04725eaf257d9913a1ed6d5508e42a256ff02b
9b57c75f4153bf780615f6c13de14ee77ef86b3bc02c0703bbc269df4c333775
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1da593af9f9e6cfa841500b6f862cee0ebafaab0c1f151635c1794687dd2e62
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2a0526b10bacf815243584f29ccc3210070fa577349078c1aff15795b15bab1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a811b0327cbb46fd4d4192caf0424e3e14f8a037d94a6e818b7aac7db0e0bbdd
a8892b221847a8b63f7691aafa26375f8fd8cfa04756f22c0407d9b3ed1299fa
a92fedb4e59e019657e4241d407f6b8a67196f75d4129d46905e18cfc01b7f74
a9eecf41513b97d5590668384112bc961ba71eb372afb5cd07caee94dc366642
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b12b9549671ecfee3699b3c0a16d69f4926bf2183c4b0b05248e039e1b4b87e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1814367562398dee55ab9e562e708c7e111a0ea26f888c7b6aa428454dc98f8
b1c868bf3110b588e3f94f7c44fd29e29f007af3ad5a9819076bcc214291560e
b1d0a68660a2feb53c5ac83780bf44922231afc9af8ebf6428aa6f80a921bd41
b299e5ae87f861bd18f9f0d65d8e0e3368b93c05d460e36e23f81398f3dad22d
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
b4ec7f1d8a935964f10bd730c43fc5edd7997a83888e0a158cbb99ae68dc6d3a
b6b64b16bf262843cbf50fa045567c9f8b6f75bb53931e7d3a53f1f64e252da6
b6dc40e8450a3b7b026d428f21150b6f802b8af15e807638c88f946d6c321ed7
bb61b67637c2099f9b27db2e73e6508e280b7f03bbb0175ef7b69fc320f6fb98
bba97de29555b4abe6cb6a8db6a0924a2f281a35580be694dcf08e729dc6d789
bc435626209e1213c442d3b6f47907e80af82c27325863d1c921a055d6cb2637
bec3ae5ebd693c592db91344ad42b89c24c1ce3c3612cbea858c1eea91da698e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3b9685db7e49593858ccc2f1fe5dbd09ab2b288167034e29e56f6188275de8b
c4372613745d39f90e16d7ff1e268962936ae683c2d6fdc6f44efe3a3c23042a
c57428d27c947f2549a0c55847fcdc4eb1dcb89ab8036e25591440006f93684d
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6a4ce5a33bebf43b6f703f5c7b946d9980cada76bb15d4b691bd38030ea1b2a
c6f153d7ddc6d5130372ba631ee4f60b97e648a2e0e32874eb65dcf89a111aa7
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c7d301861e0a9aa3e3fab262e30783edb4c79250fa1aa8129d3771d0bf474004
c846df94b13b540f85af1a81ac2f7bebacbc2fd132535695a6640efd2d4779bf
c8b53811e134206aa8bf1578f34ca4afd7d4531875ef7c31a351daa13a70317e
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9748d527dc46297298499a26c1be05da1e282853cf06d47071279f07890b019
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb64bd0c5122a358604b80ec9d6af109ac9712e9c7b08e9d17912d78ef867ade
cce24d312f79a8b04b2c2725db38b0dab2000aafb685d9c0c931106736aad4b4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1e7a6f936ce66e626a2cc41f28898ba85ade41bb3bf6c11366e4f0895e2ee2
cd3fb9c39fddd8aba2e4c7af555aeb970686c92304fba3ff4850901ec3e1ff53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd827cefb683f31d3f80a74d6c79a9b131297b855a5be4b629aca982b71c410
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d20671e6e56421d04849e732185c337ddc5e2bfde4b0a535ad9994d9dedc1c30
d2a81385147ba72dd3f4cdec306c79528a2ba48c60b0ff12d5528a4692163e20
d2aec5e6760ff87dca36c847d3852533bc2241ad76ce8cf2fc470220112745ea
d2c2afec61711039b27d51a24201ca79a84c917c5ae1a30058d33d77d566392d
d30941d6b035706933ceb10e61b3408b423016a14d9531ab16b188115ef6e48b
d33472620bbfff26f87403751e7c7f87790dd692281e8d790c0daa31d9b2cc97
d51c647e7e0c51a44bb40880e7dacd96c1d2a82e8e94c34c1fdfa3266a5c8a9c
d5571c7fe0ba85c0489d443197aac9b58e395c5a2cbcfc04447c7f9c80f903b1
d66cad8633a5467788a9750ec269ce23a736f851f53e3af911a2d6287e58f8ec
d79b45e40f244a763e6e734bd3ca988b6da0dd49f173fb7715be2fe315dbf536
da1c3101226cb29a2e6dfad91819319e2fbef01da1281dcf7be7803daa961b26
dc9af8b2d9159d5bf217d24dd77eb50a978813885c306d785a826fd260b32c2b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb949f43f61bd695847d1cc9624964ebb50eb954aad1b8219dd6ce40068b2a4
e0bd1d752fc817b59c146aadacbbd144b1e9870bc431fabcc20a7ced88ff2b0a
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e268c806756ea8aec9f0d9e9e20e99c07c04d65eff4b46c6c199e379090000e1
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e32fee93e3513b1228c7d43a92469a1765d299ab279d4a60b527e607e177734b
e3740127f0af2a6c3f3886392bf3e0e3370f27daf0a26ff11a02b356a9c087bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dc078206236d9f38b15ba28555b948847d0c045a8bdb85a51d82f90321262a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e667273736cc088e5c45da9d80c956807969e29928a9bff6304e443b19eec9ac
e74896721735b05a9816587363aea8d3bb1784eaf3fdf680d184ace32db6e037
e8935e379e4ffba3e9bc383bdce200b1a6f2a81023182b6a9b5b43f0161b9bcf
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9282456b5c1f6f5eb22a1b86e425d2ea5481ee0b2365597e49afc877ad7ee7d
eb2b4bf34c54d7f4b3479dc7cc24ba304d9f8561f65c6a5fa3734bd462f8e64f
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb61679ead395bad634b7e5e1249b95cfc986767af9c44ced0658799ab8ee16f
ebed20f3f8d2bd99bb3bc430e989a63c1f8ffe216c4ffb899ebf75647ab961ea
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eca75531286adb2da2ff92e0fcdf5774f2c63dbfe03187338b938be7271ba09f
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed16a3826326dfbf7b118de5b858f897347ad83d0edcf555eee951d46d1a9555
ed6ce02cf1ff003c750f58b658799f168254ac0f37d5a07f7d4964c9b41b5744
ee6658cfabbf6c4fc1f2bec40f0028aa4129822e00948505e012e1e9637444e8
eec2d2339c94267837e4c52a9736a8fc7cc7e2ecb4bc8b2c981b501cdd43ab0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0267f1cc60e7ea24ef3b75c9f447520422b63b2700f7442663d017afbcbcac0
f15f217e8bd1d02ed386e1c122adce7437b5952e9382de061d3f008d64c4b9a4
f248138c34a170907bc6b69a119e236de8a3979c2e6081f4efe026c0f3a955bc
f3efb3262225f8c66648c0df91bb486eab511246a9ecb3eeebe322c66e99a1f5
f5eea1c9406e22225635f46d7ddde71a450b2337a7cd0b25ff834aef95734258
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f920ab91842b979aba72f8872533dfcb6fdc6301b32fb3ef375c04c15938d1ff
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fc03a5dc1bbfaf675a6844f387a6a094dfbf3617d8eacfdb7621ce382000f1ab
fc14c926e6ac1e4209c991c1f063bddd934f3629def0d3bea2bfe5241db23795
fdbe01a016bbb25801ab41804969af233a7c2aff7eda31e7ba0a5999306096d9
fe50ff32c53a2874ead6bd9f27057816dabc408947934357371f4fce50baa1f0
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89