www.rinkworks.com Open in urlscan Pro
50.116.23.195  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

• https://a.tribalfusion.com/i.match?p=b22&u=18072662306741660265&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b22&u=18072662306741660265&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662306741678563

Request Chain 36

• https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
• https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9dfc7fba-fb97-4a4d-98e8-9b142ed25963 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9dfc7fba-fb97-4a4d-98e8-9b142ed25963 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662306741678591

Request Chain 38

• https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662306741660265 HTTP 302
• https://a.tribalfusion.com/i.match?p=b23&u=165020203940000364200 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b23&u=165020203940000364200

Request Chain 40

• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662306741660265&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662306741660265&C=1 HTTP 302
• https://a.tribalfusion.com/i.match?p=b20&u=YWnZDMINAY3ocQPq.Z4DvAAA

Request Chain 42

• https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662306741660265 HTTP 302
• https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKr4m3iDcrC8GmXxxPbrUEI&google_cver=1&google_ula=2786954,0

Request Chain 44

• https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b13&u=24309394717925884532059064011959186713

Request Chain 46

• https://a.tribalfusion.com/i.match?p=b10&u=18072662306741660265&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662306741678704&expires=180

Request Chain 48

• https://pixel.advertising.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true HTTP 302
• https://pixel.advertising.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true&apid=UPad5009cb-2def-11ec-b16a-0613b4a7efe6 HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true&apid=UPad5009cb-2def-11ec-b16a-0613b4a7efe6&verify=true HTTP 302
• https://a.tribalfusion.com/i.match?p=b17&u=UPad5009cb-2def-11ec-b16a-0613b4a7efe6

Request Chain 50

• https://tags.bluekai.com/site/4229?id=18072662306741660265&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
• https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 74

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662306741660265%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662306741660265%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662306741660265&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b11&u=F6FB431B-9E85-440D-A93D-0144E7D24D45

Request Chain 78

• https://a.tribalfusion.com/i.match?p=b24&u=18072662306741660265&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662306741559003 HTTP 307
• https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662306741559003&cookieRequired=true

Request Chain 84

• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=ad942162-2def-11ec-a5a1-130dfa940406 HTTP 302
• https://a.tribalfusion.com/i.match?p=b19&u=ad942109-2def-11ec-a5a1-130dfa940406

Request Chain 118

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJK-UR5S_eHFif6L0WTGtk38RldJlFZawKivmddTzec_ulNHb0LU4gtgDTmFndz1kN6i9mBU63HH7So-1CeJW53r2nVw-UC&google_gid=CAESELqRE0c9mOEcrrt__Q1RK2U&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJK-UR5S_eHFif6L0WTGtk38RldJlFZawKivmddTzec_ulNHb0LU4gtgDTmFndz1kN6i9mBU63HH7So-1CeJW53r2nVw-UC&google_gid=CAESELqRE0c9mOEcrrt__Q1RK2U&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxOTM5NTgwMDAxMDk1MzQ1NzEyNw%3D%3D&google_push=AYg5qPJK-UR5S_eHFif6L0WTGtk38RldJlFZawKivmddTzec_ulNHb0LU4gtgDTmFndz1kN6i9mBU63HH7So-1CeJW53r2nVw-UC

Request Chain 119

• https://rtb.openx.net/sync/dds?google_gid=CAESEAXjZp7787VQGmmyS4K8QpE&google_cver=1&google_push=AYg5qPJNdoAITVEnU4nOZ7DdFrLMe_6TG_ViOcvqKxy7nC_Z5nimprg_J4crbu99_6S220lVUr-jxaARReGKfPOPdUMWzLbFRzWh HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJNdoAITVEnU4nOZ7DdFrLMe_6TG_ViOcvqKxy7nC_Z5nimprg_J4crbu99_6S220lVUr-jxaARReGKfPOPdUMWzLbFRzWh&google_hm=S5GEO8duyv0Jx2lEDxWb5Q==

Request Chain 120

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFuvGpGk_NQLWoi41Z1cjU4&google_cver=1&google_push=AYg5qPJs9bsKt1kGHSrKjNR5BDUXHZRVr_vu9NM1Xb7WkHSuJSvflQHzqX_jOWX9XQ8YrizmghaW3W5bZQ9f8unOgbFWOpOcqBHp HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9vtDG56FRA2pPQFE59JNRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJs9bsKt1kGHSrKjNR5BDUXHZRVr_vu9NM1Xb7WkHSuJSvflQHzqX_jOWX9XQ8YrizmghaW3W5bZQ9f8unOgbFWOpOcqBHp

Request Chain 121

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF3hWr4XZbkDycT-KVAXfWM&google_cver=1&google_push=AYg5qPKifFxgOR2Me3mKmV_UTR001VP2RyrAT4tX4kKZ5T-h-gqW0qtfcUyQI8dEp0PLbOOK6JHvfqT3q9WzBP27QIzOmUPzXOPP HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUlo4Sk8tTi1KM0RC&google_push=AYg5qPKifFxgOR2Me3mKmV_UTR001VP2RyrAT4tX4kKZ5T-h-gqW0qtfcUyQI8dEp0PLbOOK6JHvfqT3q9WzBP27QIzOmUPzXOPP

Request Chain 122

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0&google_cver=1&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0

Request Chain 123

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH4OOfFiiSsnYAhhTJDESSo&google_cver=1&google_push=AYg5qPJIPFq_zg0qEHSle2iPei0LAz-0SIqvvhsHZfARQyOXISbvmPq_72_IT1aZwHiJQj1LJYW_XUSE5LNCsC8IaMFjChYtF_0Tuw HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIPFq_zg0qEHSle2iPei0LAz-0SIqvvhsHZfARQyOXISbvmPq_72_IT1aZwHiJQj1LJYW_XUSE5LNCsC8IaMFjChYtF_0Tuw&google_hm=

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request list.cgi Show response www.rinkworks.com/checklist/	18 KB 3 KB	1328ms 1320ms	Document text/html	50.116.23.195 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li429-195.members.linode.com Software Apache/2.4.29 (Ubuntu) / Resource Hash fe88ec16d53dd7d8a41ecbff5b8208ca2c764d0f427e3f7387d8643ee93e6a6d Request headers Host www.rinkworks.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Fri, 15 Oct 2021 19:39:53 GMT Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Encoding gzip Content-Length 3297 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	style.css www.rinkworks.com/css/	12 KB 3 KB	127ms 127ms	Stylesheet text/css	50.116.23.195 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://www.rinkworks.com/css/style.css Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li429-195.members.linode.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 0edbf61cafea63fbb6ffb84a6478b6da11c5d114cf31fb78b91fba5743c59c61 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rinkworks.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:54 GMT Content-Encoding gzip Last-Modified Fri, 03 Jul 2020 14:21:06 GMT Server Apache/2.4.29 (Ubuntu) ETag "3181-5a98a3c523b3a-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2230
GET H/1.1	200 OK	checklist.css www.rinkworks.com/css/	13 KB 2 KB	248ms 247ms	Stylesheet text/css	50.116.23.195 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL http://www.rinkworks.com/css/checklist.css Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li429-195.members.linode.com Software Apache/2.4.29 (Ubuntu) / Resource Hash b9e7906d8d6b24d034f8219a6e6b90bfcae5f02457a15cc2c0c7ef4506c35f37 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rinkworks.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:54 GMT Content-Encoding gzip Last-Modified Tue, 10 Feb 2015 16:58:59 GMT Server Apache/2.4.29 (Ubuntu) ETag "32b7-50ebecd919ac0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2034
GET H/1.1	200 OK	tags.js Show response tags.expo9.exponential.com/tags/RinkWorks/ROS/	59 KB 14 KB	333ms 322ms	Script application/x-javascript	2606:4700::6812:417 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d64fbf9622c2c2ac1f3c95e3c56d062a2ae2d2604af7ca7a6e70d00f5f66e059 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:54 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 14135 X-Function 151 Last-Modified Wed, 11 Aug 2021 04:08:51 GMT Server cloudflare X-Reuse-Index 1 ETag 1465915661854892734 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=3600, private CF-RAY 69eb84220ac82b4d-FRA Expires Fri, 15 Oct 2021 20:39:54 GMT
GET H/1.1	200 OK	show_ads.js Show response pagead2.googlesyndication.com/pagead/	114 KB 41 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 83892ccf6816fed2148dea47577f2679886903494a32f02967b9d09a4686b545 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Timing-Allow-Origin * Date Fri, 15 Oct 2021 19:39:54 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 13850315262494221029 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 40990 X-XSS-Protection 0 Expires Fri, 15 Oct 2021 19:39:54 GMT
GET H/1.1	200 OK	flclline.gif www.rinkworks.com/checklist/im/	3 KB 3 KB	248ms 248ms	Image image/gif	50.116.23.195 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL http://www.rinkworks.com/checklist/im/flclline.gif Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 50.116.23.195 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li429-195.members.linode.com Software Apache/2.4.29 (Ubuntu) / Resource Hash d086b9ba8438e4277f71f44b8d6e8bb28fb97f93c343ec4d3a55d309bf107d4f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rinkworks.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:54 GMT Last-Modified Sat, 19 Dec 2009 00:40:49 GMT Server Apache/2.4.29 (Ubuntu) ETag "b43-47b0a1b8da640" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2883
GET H/1.1	200 OK	displayAd.js Show response a.tribalfusion.com/	678 B 1 KB	328ms 319ms	Script application/x-javascript	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/displayAd.js?dver=0.9&th=7822345132 Requested by Host: tags.expo9.exponential.com URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b22a94ead0af3badd56e41c948557a549f2b17cee045f6a468d2758e16b0e32c Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:55 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 330 X-Function 153 Last-Modified Wed, 11 Aug 2021 04:08:51 GMT Server cloudflare X-Reuse-Index 1 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private CF-RAY 69eb8425ff2d4e08-FRA Expires Thu, 13 Jan 2022 19:39:55 GMT
GET H/1.1	200 OK	j.ad Show response a.tribalfusion.com/	6 KB 3 KB	317ms 317ms	Script application/x-javascript	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&f=0&p=6720063&tKey=a4mneMmFfZaYsQUXsr21cBuMdbbPiIphA&a=1&adContainerId=richmedia_2&rnd=6718867 Requested by Host: tags.expo9.exponential.com URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5fd91da4200be675a7303e1641f0c8f01e022a1ef25944980a1c76190fcdc07 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:55 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 2498 Pragma no-cache X-Function 101 Server cloudflare X-Reuse-Index 1 Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control private, no-cache, no-store, proxy-revalidate CF-RAY 69eb8427fa944e08-FRA Expires 0
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/	2 KB 2 KB	49ms 7ms	Script application/javascript	2a02:26f0:6c00:2b2::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=728x90,468x60&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&f=0&p=6720063&tKey=a4mneMmFfZaYsQUXsr21cBuMdbbPiIphA&a=1&adContainerId=richmedia_2&rnd=6718867 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:55 GMT Content-Encoding gzip Last-Modified Mon, 09 Aug 2021 12:31:26 GMT Server Microsoft-IIS/10.0 ETag "60d09d781a8dd71:0" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1338
GET H/1.1	200 OK	dvbs_src_internal99.js Show response cdn.doubleverify.com/	61 KB 19 KB	10ms 10ms	Script application/javascript	2a02:26f0:6c00:2b2::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal99.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&dvregion=0&unit=728x90 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:55 GMT Content-Encoding gzip Last-Modified Mon, 09 Aug 2021 12:31:43 GMT Server Microsoft-IIS/10.0 ETag "802192821a8dd71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 19248
GET H/1.1	200 OK	bst2tv3.html Show response cdn3.doubleverify.com/ Frame C476	1 KB 1 KB	147ms 7ms	Document text/html	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn3.doubleverify.com/bst2tv3.html Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558 Request headers Host cdn3.doubleverify.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Content-Type text/html Content-Encoding gzip Last-Modified Tue, 02 Sep 2014 17:01:36 GMT Accept-Ranges bytes ETag "01818ecfc6cf1:0" Vary Accept-Encoding Server Microsoft-IIS/10.0 Content-Length 806 Cache-Control max-age=51083 Date Fri, 15 Oct 2021 19:39:56 GMT Connection keep-alive
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/	1 KB 1015 B	142ms 15ms	Script text/javascript	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_904995775075&jsTagObjCallback=__tagObject_callback_904995775075&num=6&ctx=3758893&cmp=26291800&plc=311302239&sid=5745037&advid=&adsrv=&unit=728x90&isdvvid=&uid=904995775075&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=1&brh=2&fwc=0&flt=8&fec=21&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau4964%3C%3D%3ADETau%3D%3ADE%5D48%3ATbuFTbs%3EC3Tae%26Tbs%3EC3TaeATbs7%40I7%3A%3D%3E%3F%40%3AC&dvp_exetime=10.90&callbackName=__verify_callback_904995775075 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash e964e88e4c93e5fa5e0a0c555d7ce5b322ca9284d2314aea68ea8bf87f8d6753 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache X-DV-Response 1 Content-Encoding gzip Date Fri, 15 Oct 2021 19:39:56 GMT Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0 Transfer-Encoding chunked Expires 10/14/2021 7:39:56 PM
GET H/1.1	200 OK	dv-match6.js Show response cdn.doubleverify.com/ Frame 3D09	4 KB 2 KB	26ms 16ms	Script application/javascript	2a02:26f0:6c00:2b2::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://cdn.doubleverify.com/dv-match6.js Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:55 GMT Content-Encoding gzip Last-Modified Sun, 11 Mar 2018 04:45:12 GMT Server Microsoft-IIS/10.0 ETag "03c84bdf3b8d31:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=30224 Connection keep-alive Accept-Ranges bytes Content-Length 1935
POST H/1.1	200 OK	bsevent.gif tps20520.doubleverify.com/	807 B 1 KB	65ms 13ms	Ping image/gif	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://tps20520.doubleverify.com/bsevent.gif?impid=88a9658a9d4a4b0388edd1a932ab11a8&dvp_or2=1&cbust=1634326796066810 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin http://www.rinkworks.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 10/14/2021 7:39:56 PM
POST H/1.1	200 OK	bsevent.gif tps20520.doubleverify.com/	807 B 1 KB	64ms 13ms	Ping image/gif	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://tps20520.doubleverify.com/bsevent.gif?impid=88a9658a9d4a4b0388edd1a932ab11a8&vfdur=143&cbust=1634326796067185 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin http://www.rinkworks.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 10/14/2021 7:39:56 PM
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/	59 KB 14 KB	188ms 170ms	Script application/x-javascript	2606:4700::6812:417 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09052d858b92b95d2609cecee50dcbe39561e1a37632cc44ccfba57ea61a2fd9 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 14121 x-function 151 last-modified Wed, 11 Aug 2021 04:08:51 GMT server cloudflare x-reuse-index 17 etag 359443243770392154 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 69eb842b8a08440d-FRA expires Fri, 15 Oct 2021 20:39:56 GMT
GET H/1.1	200 OK	j.ad Show response a.tribalfusion.com/	592 B 1 KB	175ms 175ms	Script application/x-javascript	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=contentverification&adSpace=adverificationbackup_dv&center=1&size=728x90&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&f=0&p=6720063&tKey=a4mneMmFfZaYsQUXsr21cBuMdbbPiIphA&a=3&adContainerId=richmedia_4&rnd=6715621 Requested by Host: tags.expo9.exponential.com URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e07c4a502eb0b2f403f26af822cb81c2084455fe77e68fac2f37340be54a8f2b Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 469 Pragma no-cache X-Function 101 Server cloudflare X-Reuse-Index 2 Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control private, no-cache, no-store, proxy-revalidate CF-RAY 69eb842caaec4e08-FRA Expires 0
GET H/1.1	200 OK	adc_ndr_nepal_728x90.gif cdnx.tribalfusion.com/media/5268406/	25 KB 26 KB	33ms 23ms	Image image/gif	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://cdnx.tribalfusion.com/media/5268406/adc_ndr_nepal_728x90.gif Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 471c6845b9b92e9ade5a83127d1a693fa80a74655cdbe4e4d820fa77de860213 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:56 GMT CF-Cache-Status HIT Age 46283 P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 25604 X-Function 301 Last-Modified Wed, 03 Jun 2015 15:22:10 GMT Server cloudflare ETag 1433344930 Vary Accept-Encoding Content-Type image/gif; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public Accept-Ranges bytes CF-RAY 69eb842ddf8b5bf5-FRA Expires Tue, 31 Dec 2030 00:00:00 GMT
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 2F46	500 B 1 KB	163ms 163ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aNmSK52PU9R6bA2tvq1WvJpdem4PJR5cUgTGvkVV78S6QnUH33TrB45UAxWEjmTEBbQEQFSsYAPb6nPHfkUGQP2UmvmtqMYEey4dQBSGjZa5AULodipUdQ60brkYFZb60qqtPUBFUbBXTtM2mFbnPrrt1q3n4q7d4EvRmEMC1rZbfUtMUoA3CnsQrpd3J3aZbk5H6n4PFImrMJYVM01cFVXGvwsqbbq9q6lK&mediaDataID=6807466&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b55a2608a80b9030936337520250c602ee14ac188c21ce31e9d66b4643eba2d0 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 3 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=awnpe3yOZbSToJTyHrYHZbd3ZdUXOKBmuPmZaGXRrPT4kEU3BXQDDuCC; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=awnpe3yOZbSToJTyHrYHZbd3ZdUXOKBmuPmZaGXRrPT4kEU3BXQDDuCC; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842ddd174e08-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame E9F2	580 B 1 KB	169ms 168ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aOmSK5pGvnmHnC5TYj5dyt3AZbLpbMJYGQ0YGrU1sbnmaj33r32WFZbAUmMWPTbXSsFtQdFr1WnwVmMx4sJW0FvZaV6yu4mZbgQPMF4WvnXWYAmWAu4mr14Gj7VcUjWsf7RAFuWWZbUUFM15bepWEYpVqJcSaYIRsbBPU6vRW7cUVM54r6sodAnYE2M4tQZdQcrD2AYIptaoUWJcYrMk1UY9XaqsUFUsp58qfO&mediaDataID=6546596&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6e2f647628a96c84ee76c25e7c372d9b7750003cbb8fef9cd19f063eba1d528 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 2 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aCnpe3O5nPp7PRodTFKNDWZbFynEEBGmPrV1SBaRNdQyliEQDD4Kb; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=aCnpe3O5nPp7PRodTFKNDWZbFynEEBGmPrV1SBaRNdQyliEQDD4Kb; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842dedd5d6dd-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 7956	463 B 1 KB	336ms 336ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aPmURg0qmu4dMAQsvH56vZcmd6mUd36YrQkYrf61TeMSU3ZcUrYSWtrYoFZbuPbrt1TZbs5EFa4EfPmEbA1r3hWWJWoPvDnG7uptfG5Evl5teN5AJKmFnZaYsfS1VrU1GnopTJV3UMPWFnEW6j4REMRSs3sStJr0WbpWAMw4sUVXFvZcUP6p4AZb8R6bK2HZbqXWrAmtaN3PQV4Vj9VcrkWcBiS6MNUtnSUUMP5b2uUqn2VdUTb1Wnd2&mediaDataID=5578346&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bb3aeb1a1bea18bfbc8d4c437194ca3299c45275ea696272f16ca5818adee85 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=acnpe3r2PKsFuYnTXtZc5OCDsnLDFTGqD3U3QbN5jVe2M6CQDDKht; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=acnpe3r2PKsFuYnTXtZc5OCDsnLDFTGqD3U3QbN5jVe2M6CQDDKht; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842dec78695d-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 3EF7	474 B 1 KB	316ms 315ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aQmSK5R6bB4WUqXHYJndZax36rT4sY6UcnjWGZb7S6YoTWQ4UUbP2b6sUEnwVEJcSEJZdSGBCPUmxRWvaUVj32UTqotaMYEen3WbASGBC2mQHpWEsTtjdYUfb1UF90q6NRrJHWbJ1VHJ2orbmPbBqYaFr3aZbf5EUQmqbIYbU9WHbXmmfZapGUqoHrL3Ev73Wmn3mfJmbYKYGnWXsQVXGvnpTvU0rYdqi5vfY&mediaDataID=6530936&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 314a56ae4a0a7c0909414c470623cea0dc1f66e77267368e97783f751e30a8c0 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aWnpe3ujieUo7YxS2pE2luKra4DWE3mHQIY87cYZcwwQjEDQDDDry; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=aWnpe3ujieUo7YxS2pE2luKra4DWE3mHQIY87cYZcwwQjEDQDDDry; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842def11430f-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 19A2	441 B 1 KB	318ms 318ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aRmSK5mHnC5EUg3teM3mZbZdprYZaXcYXXcMV0cJomab42bQ5VbfZcVA30RqvRQVZbqSd3O1dfuVAjn2cY30UFBV6Xr2A3gQmMI3dZbmXWrZcpdEo56UW3crdUVJcUc78RAQnUtFWWFrX3U2pUqYoVaMbQqBZaQcJZdQUZawRdviWGbU2FuxmWqo0qTu3tQHSVBZa4PJImWIpUHjbYbn9XFZb9XaqMPbJGRr3eqTF86d&mediaDataID=4056396&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e15a79e25e5f5d2d8743459eb9d0b9e9631e8aeb6674e26f4d5ef71d4704b43 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=a0npe3S3n0xryoxFmAZdZaLOJrPQG7yZbtmQdYmYhQ41R1yrCQDDZcEM; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=a0npe3S3n0xryoxFmAZdZaLOJrPQG7yZbtmQdYmYhQ41R1yrCQDDZcEM; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842dee6a5c9e-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 0477	400 B 1 KB	180ms 179ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aSmSK54dMESGjF26YKmtTrVW7d0r36YF790EENSUUZbTbUPVWQWnrjrRbfMYqFr3E3k4qnRmqrKYbZb7WHr0oP3ZcpVnupdfL2qZbk5tEm3A7GmFnZa0sYVXVF3XGbnnEj33FFVTrvGWm75REQ0QVvtQWUyYH7rWAQm2VYUXFZbJVmqw46ZbbR6ZbH3trmXHrAnH2M3PQV4cQaUcQ6Vsf8PPFoWdFVRU7hnh4ACd&mediaDataID=7665496&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d93f1d89f16c0ad757d24e8fa9c2355fb791d2c5edfd6b6b42fe9ae4fe0231b Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 2 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aDnpe3rwZayqQXwrUPWK3WdFaTLCQ2ZaN7UlTPfuXLhPRXUSQDDiUZa; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=aDnpe3rwZayqQXwrUPWK3WdFaTLCQ2ZaN7UlTPfuXLhPRXUSQDDiUZa; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842de8465c08-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame CF29	411 B 1 KB	468ms 310ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aTmSK54WUqXWYLmHTv56UP3sYbVsnbVVF8RmrnTWY3TFfS3FEuVqQtTaUiQaBZaQGYIPbevRdfkWGMW2FevotAm0aun3dbZbPsrD2mMJmdAyTWYdXFQdXbYeXaeMRr3ZcUFBYTHB5mFQmRUBrYqns5qUj2Tv5nqJLYUZbfUWMRoAnBns7tmH3B2qMh3tEN56vJpFrLYVUTXc311VjnpTv45UFWQbjro0LHqe&mediaDataID=6347136&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 689dc6340103f818baae113ab2696481088d0401f76406e32e3187ed78ea77c3 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aEnpe3RZdySqAIUMtXVENWsAtZa7abEtx8BSYCY9yxkhMZcvBQDDmay; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=aEnpe3RZdySqAIUMtXVENWsAtZa7abEtx8BSYCY9yxkhMZcvBQDDmay; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842edf1b4e08-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 74C7	458 B 1 KB	480ms 316ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aUmSK55EUg5teq56ZbEmUjZb0GvQXVn0XsBnnqJ32bY2WrbZbW6vTQEY5SVQNQHUyYdnoVmrp2VJWXFULVmau2AvdRmjI4dZbM1dBZdpdey36YY5VM9TGQaVVMfPPYoUtQ4UbM05UTmWEjoTTMaQarZdSsQLRF6qSdUlWsM54U6nodiOXEeN4dnDQVbA4mMHoHXpVdBaYrU6XUBk1q6MPbJZbWUBXQWUinxKNps&mediaDataID=2713736&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d99c13806007dd14cadbaf22bb9e870be967d6eb119af59412fd0f8f5faa7c42 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aynpe3RwEfUS2QVqq9GkZdpDa3ZbLnAvS8nNTDZb7U3CyVZc7KQDDovm; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=aynpe3RwEfUS2QVqq9GkZdpDa3ZbLnAvS8nNTDZb7U3CyVZc7KQDDovm; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842eef3ed6dd-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 84EE	523 B 1 KB	350ms 171ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=aVmSK5SGjH2mQZdod6nUH380bQ9YFJg1qZaMRFvZcTb3SWH3TmUJxQUJm1qYO5aUj2qfXmEjIYU3hUWbPoA7DpVUrmWvL5TZb92Hmn3AZbIprMEXGYSXG321svwpTb43FQ5VUnEUmf2Pqb0ScvsQH7O1WvnTPMN3VrVXrUDT6im2PUePPMH4Wrm0WrZdnHeo5ABV3GMbUsr9VcblSAQoWdF3WrM10FADn4D4GS&mediaDataID=5436426&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 329d634a4af86f88b4f37e0b80f4c48724fa8d5d1f594443c7b25b5bd0a827ea Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 2 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=adnpe3uyTYUBErvcXsZblp2JSZadEr2kpnYH3onZcWZaNR0eMIQDDFEg; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; SameSite=None; Secure; ANON_ID_old=adnpe3uyTYUBErvcXsZblp2JSZadEr2kpnYH3onZcWZaNR0eMIQDDFEg; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:56 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb842efae25c08-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/	272 KB 98 KB	54ms 32ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b20c447b3d7f66aa1c71305e4a91983b14e3174c651ec6460e73a79e58a3bb3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 99860 x-xss-protection 0 server cafe etag 5832577822734846258 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 15 Oct 2021 19:39:56 GMT
GET H/1.1	200 OK	j.ad Show response a.tribalfusion.com/	3 KB 3 KB	459ms 176ms	Script application/x-javascript	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&f=0&p=6720063&tKey=a4mneMmFfZaYsQUXsr21cBuMdbbPiIphA&a=5&adContainerId=richmedia_6&rnd=6715189 Requested by Host: tags.expo9.exponential.com URL: http://tags.expo9.exponential.com/tags/RinkWorks/ROS/tags.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b142c7ebfbfc0261f9d5751670943704f5e761421ea39db51f8eaec68656b790 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1622 Pragma no-cache X-Function 101 Server cloudflare X-Reuse-Index 3 Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Cache-Control private, no-cache, no-store, proxy-revalidate CF-RAY 69eb842fdbab430f-FRA Expires 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	203 B 657 B	65ms 15ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.rinkworks.com&callback=_gfp_s_&client=ca-pub-1382747617792961 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash c86478f188e82f7be1b8b636e1e2f496b9a8536a6176f871f5b86b5e8b2e9a2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 192 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	43ms 16ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	37ms 15ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7830	430 B 809 B	95ms 73ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3557669583&adf=1663281734&w=728&lmt=1634326796&channel=2246335018%209065640222&format=728x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&flash=0&wgl=1&dt=1634326796458&bpp=12&bdt=1926&idt=94&shv=r20211013&mjsv=m202110080101&ptt=5&saldr=sa&abxe=1&correlator=4696945686617&frm=20&pv=2&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2tl7ZzFM1i&p=http%3A//www.rinkworks.com&dtd=105 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 648fede76c872e7ed720ea58c0e261b908ca09d6b98032eeb52702a2107ec2ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3557669583&adf=1663281734&w=728&lmt=1634326796&channel=2246335018%209065640222&format=728x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&flash=0&wgl=1&dt=1634326796458&bpp=12&bdt=1926&idt=94&shv=r20211013&mjsv=m202110080101&ptt=5&saldr=sa&abxe=1&correlator=4696945686617&frm=20&pv=2&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2tl7ZzFM1i&p=http%3A//www.rinkworks.com&dtd=105 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 15 Oct 2021 19:39:56 GMT server cafe content-length 207 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 19:54:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 15 Oct 2021 19:39:56 GMT cache-control private
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EF45	430 B 374 B	105ms 90ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3749866806&adf=1008303532&w=468&lmt=1634326796&channel=2246335018%209065640222&format=468x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&flash=0&wgl=1&dt=1634326796482&bpp=4&bdt=1950&idt=87&shv=r20211013&mjsv=m202110080101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=4696945686617&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=566&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=YAgyDPlmf9&p=http%3A//www.rinkworks.com&dtd=89 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d813b6946e31ec33efa2d6d2ca93f374886751bd31e4beb236aeab2c7416141c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1382747617792961&output=html&h=15&adk=3749866806&adf=1008303532&w=468&lmt=1634326796&channel=2246335018%209065640222&format=468x15_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&flash=0&wgl=1&dt=1634326796482&bpp=4&bdt=1950&idt=87&shv=r20211013&mjsv=m202110080101&ptt=5&saldr=sa&abxe=1&prev_fmts=728x15_0ads_al_s&correlator=4696945686617&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=566&ady=881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=YAgyDPlmf9&p=http%3A//www.rinkworks.com&dtd=89 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 15 Oct 2021 19:39:56 GMT server cafe content-length 207 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 19:54:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 15 Oct 2021 19:39:56 GMT cache-control private
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 2F46	13 KB 5 KB	72ms 48ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aNmSK52PU9R6bA2tvq1WvJpdem4PJR5cUgTGvkVV78S6QnUH33TrB45UAxWEjmTEBbQEQFSsYAPb6nPHfkUGQP2UmvmtqMYEey4dQBSGjZa5AULodipUdQ60brkYFZb60qqtPUBFUbBXTtM2mFbnPrrt1q3n4q7d4EvRmEMC1rZbfUtMUoA3CnsQrpd3J3aZbk5H6n4PFImrMJYVM01cFVXGvwsqbbq9q6lK&mediaDataID=6807466&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb842f1d107057-FRA
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 2F46 Redirect Chain https://a.tribalfusion.com/i.match?p=b22&u=18072662306741660265&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 https://s.tribalfusion.com/z/i.match?p=b22&u=18072662306741660265&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662306741678563	0 338 B	100ms 29ms	Image text/plain	99.81.41.171 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662306741678563 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aNmSK52PU9R6bA2tvq1WvJpdem4PJR5cUgTGvkVV78S6QnUH33TrB45UAxWEjmTEBbQEQFSsYAPb6nPHfkUGQP2UmvmtqMYEey4dQBSGjZa5AULodipUdQ60brkYFZb60qqtPUBFUbBXTtM2mFbnPrrt1q3n4q7d4EvRmEMC1rZbfUtMUoA3CnsQrpd3J3aZbk5H6n4PFImrMJYVM01cFVXGvwsqbbq9q6lK&mediaDataID=6807466&mediaName=frame.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-41-171.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT cache-control private, no-cache, no-store x-request-time D=32 t=1634326797 x-served-by beacon-n002-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:56 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 169 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84302dfe6993-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662306741678563 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame E9F2	13 KB 5 KB	75ms 53ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aOmSK5pGvnmHnC5TYj5dyt3AZbLpbMJYGQ0YGrU1sbnmaj33r32WFZbAUmMWPTbXSsFtQdFr1WnwVmMx4sJW0FvZaV6yu4mZbgQPMF4WvnXWYAmWAu4mr14Gj7VcUjWsf7RAFuWWZbUUFM15bepWEYpVqJcSaYIRsbBPU6vRW7cUVM54r6sodAnYE2M4tQZdQcrD2AYIptaoUWJcYrMk1UY9XaqsUFUsp58qfO&mediaDataID=6546596&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb842f1d137057-FRA
GET H2	200	sd us-u.openx.net/w/1.0/ Frame E9F2 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2... https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252... https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9dfc7fba-fb97-4a4d-98e8-9b142ed25963 https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=9dfc7fba-fb97-4a4d-98e8-9b142ed25963 https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662306741678591	43 B 172 B	18ms 18ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662306741678591 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aOmSK5pGvnmHnC5TYj5dyt3AZbLpbMJYGQ0YGrU1sbnmaj33r32WFZbAUmMWPTbXSsFtQdFr1WnwVmMx4sJW0FvZaV6yu4mZbgQPMF4WvnXWYAmWAu4mr14Gj7VcUjWsf7RAFuWWZbUUFM15bepWEYpVqJcSaYIRsbBPU6vRW7cUVM54r6sodAnYE2M4tQZdQcrD2AYIptaoUWJcYrMk1UY9XaqsUFUsp58qfO&mediaDataID=6546596&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT via 1.1 google server OXGW/16.217.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 126 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84307eaa6993-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662306741678591 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 0477	13 KB 5 KB	62ms 53ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aSmSK54dMESGjF26YKmtTrVW7d0r36YF790EENSUUZbTbUPVWQWnrjrRbfMYqFr3E3k4qnRmqrKYbZb7WHr0oP3ZcpVnupdfL2qZbk5tEm3A7GmFnZa0sYVXVF3XGbnnEj33FFVTrvGWm75REQ0QVvtQWUyYH7rWAQm2VYUXFZbJVmqw46ZbbR6ZbH3trmXHrAnH2M3PQV4cQaUcQ6Vsf8PPFoWdFVRU7hnh4ACd&mediaDataID=7665496&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb842f1d157057-FRA
GET H2	200	i.match s.tribalfusion.com/z/ Frame 0477 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662306741660265 https://a.tribalfusion.com/i.match?p=b23&u=165020203940000364200 https://s.tribalfusion.com/z/i.match?p=b23&u=165020203940000364200	43 B 572 B	164ms 164ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b23&u=165020203940000364200 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aSmSK54dMESGjF26YKmtTrVW7d0r36YF790EENSUUZbTbUPVWQWnrjrRbfMYqFr3E3k4qnRmqrKYbZb7WHr0oP3ZcpVnupdfL2qZbk5tEm3A7GmFnZa0sYVXVF3XGbnnEj33FFVTrvGWm75REQ0QVvtQWUyYH7rWAQm2VYUXFZbJVmqw46ZbbR6ZbH3trmXHrAnH2M3PQV4cQaUcQ6Vsf8PPFoWdFVRU7hnh4ACd&mediaDataID=7665496&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84306e6e6993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:56 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 45 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb842f4b796993-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://s.tribalfusion.com/z/i.match?p=b23&u=165020203940000364200 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 3EF7	13 KB 5 KB	43ms 43ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aQmSK5R6bB4WUqXHYJndZax36rT4sY6UcnjWGZb7S6YoTWQ4UUbP2b6sUEnwVEJcSEJZdSGBCPUmxRWvaUVj32UTqotaMYEen3WbASGBC2mQHpWEsTtjdYUfb1UF90q6NRrJHWbJ1VHJ2orbmPbBqYaFr3aZbf5EUQmqbIYbU9WHbXmmfZapGUqoHrL3Ev73Wmn3mfJmbYKYGnWXsQVXGvnpTvU0rYdqi5vfY&mediaDataID=6530936&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb842feee67057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame 3EF7 Redirect Chain https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662306741660265&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662306741660265&C=1 https://a.tribalfusion.com/i.match?p=b20&u=YWnZDMINAY3ocQPq.Z4DvAAA	43 B 378 B	171ms 171ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b20&u=YWnZDMINAY3ocQPq.Z4DvAAA Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aQmSK5R6bB4WUqXHYJndZax36rT4sY6UcnjWGZb7S6YoTWQ4UUbP2b6sUEnwVEJcSEJZdSGBCPUmxRWvaUVj32UTqotaMYEen3WbASGBC2mQHpWEsTtjdYUfb1UF90q6NRrJHWbJ1VHJ2orbmPbBqYaFr3aZbf5EUQmqbIYbU9WHbXmmfZapGUqoHrL3Ev73Wmn3mfJmbYKYGnWXsQVXGvnpTvU0rYdqi5vfY&mediaDataID=6530936&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84306e6d6993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://a.tribalfusion.com/i.match?p=b20&u=YWnZDMINAY3ocQPq.Z4DvAAA Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 255 Expires Fri, 15 Oct 2021 19:39:56 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 19A2	13 KB 5 KB	49ms 49ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aRmSK5mHnC5EUg3teM3mZbZdprYZaXcYXXcMV0cJomab42bQ5VbfZcVA30RqvRQVZbqSd3O1dfuVAjn2cY30UFBV6Xr2A3gQmMI3dZbmXWrZcpdEo56UW3crdUVJcUc78RAQnUtFWWFrX3U2pUqYoVaMbQqBZaQcJZdQUZawRdviWGbU2FuxmWqo0qTu3tQHSVBZa4PJImWIpUHjbYbn9XFZb9XaqMPbJGRr3eqTF86d&mediaDataID=4056396&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb842feee97057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame 19A2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662306741660265 https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKr4m3iDcrC8GmXxxPbrUEI&google_cver=1&google_ula=2786954,0	43 B 496 B	172ms 172ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKr4m3iDcrC8GmXxxPbrUEI&google_cver=1&google_ula=2786954,0 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aRmSK5mHnC5EUg3teM3mZbZdprYZaXcYXXcMV0cJomab42bQ5VbfZcVA30RqvRQVZbqSd3O1dfuVAjn2cY30UFBV6Xr2A3gQmMI3dZbmXWrZcpdEo56UW3crdUVJcUc78RAQnUtFWWFrX3U2pUqYoVaMbQqBZaQcJZdQUZawRdviWGbU2FuxmWqo0qTu3tQHSVBZa4PJImWIpUHjbYbn9XFZb9XaqMPbJGRr3eqTF86d&mediaDataID=4056396&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:56 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84303e016993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEKr4m3iDcrC8GmXxxPbrUEI&google_cver=1&google_ula=2786954,0 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 7956	13 KB 5 KB	43ms 43ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aPmURg0qmu4dMAQsvH56vZcmd6mUd36YrQkYrf61TeMSU3ZcUrYSWtrYoFZbuPbrt1TZbs5EFa4EfPmEbA1r3hWWJWoPvDnG7uptfG5Evl5teN5AJKmFnZaYsfS1VrU1GnopTJV3UMPWFnEW6j4REMRSs3sStJr0WbpWAMw4sUVXFvZcUP6p4AZb8R6bK2HZbqXWrAmtaN3PQV4Vj9VcrkWcBiS6MNUtnSUUMP5b2uUqn2VdUTb1Wnd2&mediaDataID=5578346&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb84300f1f7057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame 7956 Redirect Chain https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D https://a.tribalfusion.com/i.match?p=b13&u=24309394717925884532059064011959186713	43 B 374 B	167ms 167ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b13&u=24309394717925884532059064011959186713 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aPmURg0qmu4dMAQsvH56vZcmd6mUd36YrQkYrf61TeMSU3ZcUrYSWtrYoFZbuPbrt1TZbs5EFa4EfPmEbA1r3hWWJWoPvDnG7uptfG5Evl5teN5AJKmFnZaYsfS1VrU1GnopTJV3UMPWFnEW6j4REMRSs3sStJr0WbpWAMw4sUVXFvZcUP6p4AZb8R6bK2HZbqXWrAmtaN3PQV4Vj9VcrkWcBiS6MNUtnSUUMP5b2uUqn2VdUTb1Wnd2&mediaDataID=5578346&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb8431285d6993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers DCS dcs-prod-irl1-2-v019-0dabc80c8.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID eDLfAcdcS4U= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://a.tribalfusion.com/i.match?p=b13&u=24309394717925884532059064011959186713 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 84EE	13 KB 5 KB	46ms 46ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aVmSK5SGjH2mQZdod6nUH380bQ9YFJg1qZaMRFvZcTb3SWH3TmUJxQUJm1qYO5aUj2qfXmEjIYU3hUWbPoA7DpVUrmWvL5TZb92Hmn3AZbIprMEXGYSXG321svwpTb43FQ5VUnEUmf2Pqb0ScvsQH7O1WvnTPMN3VrVXrUDT6im2PUePPMH4Wrm0WrZdnHeo5ABV3GMbUsr9VcblSAQoWdF3WrM10FADn4D4GS&mediaDataID=5436426&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb84302f697057-FRA
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 84EE Redirect Chain https://a.tribalfusion.com/i.match?p=b10&u=18072662306741660265&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662306741678704&expires=180	0 239 B	55ms 7ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662306741678704&expires=180 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aVmSK5SGjH2mQZdod6nUH380bQ9YFJg1qZaMRFvZcTb3SWH3TmUJxQUJm1qYO5aUj2qfXmEjIYU3hUWbPoA7DpVUrmWvL5TZb92Hmn3AZbIprMEXGYSXG321svwpTb43FQ5VUnEUmf2Pqb0ScvsQH7O1WvnTPMN3VrVXrUDT6im2PUePPMH4Wrm0WrZdnHeo5ABV3GMbUsr9VcblSAQoWdF3WrM10FADn4D4GS&mediaDataID=5436426&mediaName=frame.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/gif Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:56 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 240 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84302de06993-FRA p3p CP="NOI DEVo TAIa OUR BUS" location https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662306741678704&expires=180 cache-control no-cache, private content-type text/html alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame CF29	13 KB 5 KB	45ms 45ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aTmSK54WUqXWYLmHTv56UP3sYbVsnbVVF8RmrnTWY3TFfS3FEuVqQtTaUiQaBZaQGYIPbevRdfkWGMW2FevotAm0aun3dbZbPsrD2mMJmdAyTWYdXFQdXbYeXaeMRr3ZcUFBYTHB5mFQmRUBrYqns5qUj2Tv5nqJLYUZbfUWMRoAnBns7tmH3B2qMh3tEN56vJpFrLYVUTXc311VjnpTv45UFWQbjro0LHqe&mediaDataID=6347136&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb8430d9957057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame CF29 Redirect Chain https://pixel.advertising.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true https://pixel.advertising.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true&verify=true https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true&apid=UPad5009cb-2def-11ec-b16a-0613b4a7efe6 https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662306741660265&_origin=1&redir=true&apid=UPad5009cb-2def-11ec-b16a-0613b4a7efe6&verify=true https://a.tribalfusion.com/i.match?p=b17&u=UPad5009cb-2def-11ec-b16a-0613b4a7efe6	43 B 396 B	186ms 185ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b17&u=UPad5009cb-2def-11ec-b16a-0613b4a7efe6 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aTmSK54WUqXWYLmHTv56UP3sYbVsnbVVF8RmrnTWY3TFfS3FEuVqQtTaUiQaBZaQGYIPbevRdfkWGMW2FevotAm0aun3dbZbPsrD2mMJmdAyTWYdXFQdXbYeXaeMRr3ZcUFBYTHB5mFQmRUBrYqns5qUj2Tv5nqJLYUZbfUWMRoAnBns7tmH3B2qMh3tEN56vJpFrLYVUTXc311VjnpTv45UFWQbjro0LHqe&mediaDataID=6347136&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb8431b9c56993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 15 Oct 2021 19:39:57 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://a.tribalfusion.com/i.match?p=b17&u=UPad5009cb-2def-11ec-b16a-0613b4a7efe6 Connection keep-alive Content-Length 0
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 74C7	13 KB 5 KB	42ms 42ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aUmSK55EUg5teq56ZbEmUjZb0GvQXVn0XsBnnqJ32bY2WrbZbW6vTQEY5SVQNQHUyYdnoVmrp2VJWXFULVmau2AvdRmjI4dZbM1dBZdpdey36YY5VM9TGQaVVMfPPYoUtQ4UbM05UTmWEjoTTMaQarZdSsQLRF6qSdUlWsM54U6nodiOXEeN4dnDQVbA4mMHoHXpVdBaYrU6XUBk1q6MPbJZbWUBXQWUinxKNps&mediaDataID=2713736&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:56 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb8430e9b77057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame 74C7 Redirect Chain https://tags.bluekai.com/site/4229?id=18072662306741660265&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID	43 B 402 B	167ms 166ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=aUmSK55EUg5teq56ZbEmUjZb0GvQXVn0XsBnnqJ32bY2WrbZbW6vTQEY5SVQNQHUyYdnoVmrp2VJWXFULVmau2AvdRmjI4dZbM1dBZdpdey36YY5VM9TGQaVVMfPPYoUtQ4UbM05UTmWEjoTTMaQarZdSsQLRF6qSdUlWsM54U6nodiOXEeN4dnDQVbA4mMHoHXpVdBaYrU6XUBk1q6MPbJZbWUBXQWUinxKNps&mediaDataID=2713736&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84322ac66993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID Date Fri, 15 Oct 2021 19:39:57 GMT Connection keep-alive Content-Length 0 P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/	2 KB 2 KB	13ms 13ms	Script application/javascript	2a02:26f0:6c00:2b2::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26261526&plc=309864745&sid=6596925&dvregion=0&unit=300x250 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7822345132&tagKey=2630619931&site=rinkworks&adSpace=ros&center=1&size=300x250&env=display&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&f=0&p=6720063&tKey=a4mneMmFfZaYsQUXsr21cBuMdbbPiIphA&a=5&adContainerId=richmedia_6&rnd=6715189 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Last-Modified Mon, 09 Aug 2021 12:31:26 GMT Server Microsoft-IIS/10.0 ETag "60d09d781a8dd71:0" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1338
GET H/1.1	200 OK	bst2tv3.html Show response cdn3.doubleverify.com/ Frame D73F	1 KB 1 KB	7ms 6ms	Document text/html	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn3.doubleverify.com/bst2tv3.html Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558 Request headers Host cdn3.doubleverify.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Content-Type text/html Content-Encoding gzip Last-Modified Tue, 02 Sep 2014 17:01:36 GMT Accept-Ranges bytes ETag "01818ecfc6cf1:0" Vary Accept-Encoding Server Microsoft-IIS/10.0 Content-Length 806 Cache-Control max-age=51083 Date Fri, 15 Oct 2021 19:39:56 GMT Connection keep-alive
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/	1 KB 868 B	11ms 11ms	Script text/javascript	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_348400409759&jsTagObjCallback=__tagObject_callback_348400409759&num=6&ctx=3758893&cmp=26261526&plc=309864745&sid=6596925&advid=&adsrv=&unit=300x250&isdvvid=&uid=348400409759&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=93&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=0&refD=0&htmlmsging=1&m1=13&noc=4&fcifrms=14&brh=2&fwc=0&fcl=107&flt=8&fec=402&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5DC%3A%3F%3CH%40C%3CD%5D4%40%3ETau4964%3C%3D%3ADETau%3D%3ADE%5D48%3ATbuFTbs%3EC3Tae%26Tbs%3EC3TaeATbs7%40I7%3A%3D%3E%3F%40%3AC&dvp_exetime=10.90&callbackName=__verify_callback_348400409759 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 9a38a974b3fcc2a80ed22e296a6170c7e0f068d054be90d6a57497aab442590c Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Pragma no-cache X-DV-Response 1 Content-Encoding gzip Date Fri, 15 Oct 2021 19:39:56 GMT Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0 Transfer-Encoding chunked Expires 10/14/2021 7:39:56 PM
GET H/1.1	200 OK	dv-match6.js Show response cdn.doubleverify.com/ Frame 5ACE	4 KB 2 KB	15ms 15ms	Script application/javascript	2a02:26f0:6c00:2b2::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://cdn.doubleverify.com/dv-match6.js Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Last-Modified Sun, 11 Mar 2018 04:45:12 GMT Server Microsoft-IIS/10.0 ETag "03c84bdf3b8d31:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=30223 Connection keep-alive Accept-Ranges bytes Content-Length 1935
POST H/1.1	200 OK	bsevent.gif tps20511.doubleverify.com/	807 B 1 KB	33ms 12ms	Ping image/gif	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://tps20511.doubleverify.com/bsevent.gif?impid=960b261484914c62a7333f87ddb823af&vfdur=143&cbust=1634326796986649 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin http://www.rinkworks.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 10/14/2021 7:39:57 PM
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame C1EE	646 B 1 KB	178ms 177ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=a3mSK536YR3sr6TsMaVGBhPPnnTHQRTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4djZbSVBC4PnZdmWXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrq1qZbq5aUl2aUYmaJCYUU6WtbUn63CncvwoWfD5EU73Hmp3AZbKnbjIYs30YGFYXsfNmEFP2U3QWUbZcUA7TREb0VGQGsylDIZc&mediaDataID=6719746&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a2abce231aa73e84792b233dc3770ad0728e8c5d83075897c04d70ccaa1f01b Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 3 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aOnpe3SyZaRVRT8vtPLc3oiBSTrbE2xwQM6U97jVMvhM2jbdyOjxZb; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; SameSite=None; Secure; ANON_ID_old=aOnpe3SyZaRVRT8vtPLc3oiBSTrbE2xwQM6U97jVMvhM2jbdyOjxZb; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb84313f35430f-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 71D2	508 B 1 KB	203ms 202ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=a4mSK5prMZd0GnS1sU00VZbupTrT2rvVWrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2cB20FFJT6yw4mFgPmbC4WFMXHrZcnHaw3mB14GjbVcM9Ucb8S6UvTWvTTFM15bAuWavwVEJbSaJZbScQJRrZaoRtUcWsbV2rusnHAyXTmp2tbFSGjZa4AJKmdTtTWYbYF3kYrYiXTaoSrrDTUY4Wd3WorQxRUrr4aYHmoZaCgi&mediaDataID=8039566&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c2fbe38421054e1c66e8d0d7adcb7b8bf8874be28b7d19590a52babdfb76583 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=aNnpe3yg6AqrA7uaPU7MDRlqnBLQucM7vPX9jV13Mu4XQJdyOoZbD; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; SameSite=None; Secure; Vary Accept-Encoding Expires 0 set-cookie ANON_ID_old=aNnpe3yg6AqrA7uaPU7MDRlqnBLQucM7vPX9jV13Mu4XQJdyOoZbD; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb84313a96d6dd-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 4FBA	477 B 1 KB	330ms 330ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=a5mSK5VWJ60bncXrBiXq6qPbBETbn1WtnWmU7uQbfNXqQO5qZba5a32oa7LYFU6WWrRmPvBncfuoWnB5EF95dEm56BJnFbGYsfU1cnXXG7nmaF33rQ5WrnFUAMTPTnRQsZbtSH3M1HvpT6Qu2Gr5XrZbKVAqt5mvhPAbK2HZbrXWYAnW2O36JS4G7fTGMjWGMjP6UMTtvSTrb32rIuUqjvTTJaVq3Nvq9kxN&mediaDataID=9148826&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86ad488e040b0c0996bb5ed3584aa793fabd58caafb08f56273b646b5a5add01 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 1 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=awnpe3yOZbSToJTyHrYdZbd3ZdUXOKBmuPmZaGXRrPT4fqU3ZbXdyO7kB; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; SameSite=None; Secure; ANON_ID_old=awnpe3yOZbSToJTyHrYdZbd3ZdUXOKBmuPmZaGXRrPT4fqU3ZbXdyO7kB; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb84313b254e08-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Cookie set p.media Show response a.tribalfusion.com/ Frame 6FF4	920 B 1 KB	181ms 181ms	Document text/html	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/p.media?clickID=a7mSK50GnQ1c320srpnTnW5UMSVrjCUmYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWJCptey5AvV5cjeUVJ8UcJiPP3oUdnPUUrX2U2pUqnvVE3iQEBZdQcYKPFuoPHUdWcQU4b6ooWioYT2m2HMZdQVrG2mQHoWXnVWf8XUYcYFj90EqoPUYCTFM3WtQ0nbFxRUrN1EFtXqJ5oDqqMg&mediaDataID=5207316&mediaName=frame.html Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29eb2d4bf31ed0c5f036b4cee5ceecfa4f15b09c7457308d2e7c6251f0c95b98 Request headers Host a.tribalfusion.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.rinkworks.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive P3P CP="NOI DEVo TAIa OUR BUS" X-Function 102 X-Reuse-Index 2 Pragma no-cache Cache-Control private, no-cache, no-store, proxy-revalidate Set-Cookie ANON_ID=a6npe3MZaACmpqGpU6IfwH6LqekBEElOoIC1nJC0lJr32UNdyOAbn; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; SameSite=None; Secure; ANON_ID_old=a6npe3MZaACmpqGpU6IfwH6LqekBEElOoIC1nJC0lJr32UNdyOAbn; path=/; domain=.tribalfusion.com; expires=Thu, 13-Jan-2022 19:39:57 GMT; Vary Accept-Encoding Expires 0 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 69eb84313fc55c08-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	17ms 15ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	26ms 25ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5AB3	430 B 270 B	84ms 84ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&h=90&adk=1995636810&adf=1180108593&w=200&lmt=1634326796&channel=2246335018%209065640222&format=200x90_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&flash=0&wgl=1&dt=1634326796991&bpp=3&bdt=2458&idt=3&shv=r20211013&mjsv=m202110080101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D8e081df3bbdd4459-223896a5f5ca008e%3AT%3D1634326796%3ART%3D1634326796%3AS%3DALNI_MYJsg17vzZ6hs7Sdst0otib4pd9YA&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s&correlator=4696945686617&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=937&ady=982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oXZ8VldSp0&p=http%3A//www.rinkworks.com&dtd=6 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3f73fea2e4b80087719fca072c563d8b0eaf61c1821e2ed42d1a96be859bcac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1382747617792961&output=html&h=90&adk=1995636810&adf=1180108593&w=200&lmt=1634326796&channel=2246335018%209065640222&format=200x90_0ads_al_s&color_bg=FFFFFF&color_border=FFFFFF&color_link=3333AA&color_text=000000&color_url=3333AA&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&flash=0&wgl=1&dt=1634326796991&bpp=3&bdt=2458&idt=3&shv=r20211013&mjsv=m202110080101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D8e081df3bbdd4459-223896a5f5ca008e%3AT%3D1634326796%3ART%3D1634326796%3AS%3DALNI_MYJsg17vzZ6hs7Sdst0otib4pd9YA&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s&correlator=4696945686617&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=937&ady=982&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=oXZ8VldSp0&p=http%3A//www.rinkworks.com&dtd=6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnBLlNfsUW1RRhRdxbdZqcDe5FMq2EnE8r97GL0x8OvVnGI_ukXrP8XLBs2cuY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 15 Oct 2021 19:39:57 GMT server cafe content-length 207 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H/1.1	200 OK	bsevent.gif tps20511.doubleverify.com/	807 B 1 KB	13ms 12ms	Ping image/gif	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://tps20511.doubleverify.com/bsevent.gif?impid=960b261484914c62a7333f87ddb823af&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1634326797006922 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin http://www.rinkworks.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 10/14/2021 7:39:57 PM
POST H/1.1	200 OK	bsevent.gif tps20511.doubleverify.com/	807 B 1 KB	13ms 13ms	Ping image/gif	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://tps20511.doubleverify.com/bsevent.gif?impid=960b261484914c62a7333f87ddb823af&dvp_or2=1&cbust=1634326797006340 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:56 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin http://www.rinkworks.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 10/14/2021 7:39:57 PM
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 19A2	0 480 B	9ms 9ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aRmSK5mHnC5EUg3teM3mZbZdprYZaXcYXXcMV0cJomab42bQ5VbfZcVA30RqvRQVZbqSd3O1dfuVAjn2cY30UFBV6Xr2A3gQmMI3dZbmXWrZcpdEo56UW3crdUVJcUc78RAQnUtFWWFrX3U2pUqYoVaMbQqBZaQcJZdQUZawRdviWGbU2FuxmWqo0qTu3tQHSVBZa4PJImWIpUHjbYbn9XFZb9XaqMPbJGRr3eqTF86d&mediaDataID=4056396&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb84315b5b695d-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 0477	0 480 B	8ms 8ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aSmSK54dMESGjF26YKmtTrVW7d0r36YF790EENSUUZbTbUPVWQWnrjrRbfMYqFr3E3k4qnRmqrKYbZb7WHr0oP3ZcpVnupdfL2qZbk5tEm3A7GmFnZa0sYVXVF3XGbnnEj33FFVTrvGWm75REQ0QVvtQWUyYH7rWAQm2VYUXFZbJVmqw46ZbbR6ZbH3trmXHrAnH2M3PQV4cQaUcQ6Vsf8PPFoWdFVRU7hnh4ACd&mediaDataID=7665496&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb84316bad695d-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 3EF7	0 480 B	12ms 12ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aQmSK5R6bB4WUqXHYJndZax36rT4sY6UcnjWGZb7S6YoTWQ4UUbP2b6sUEnwVEJcSEJZdSGBCPUmxRWvaUVj32UTqotaMYEen3WbASGBC2mQHpWEsTtjdYUfb1UF90q6NRrJHWbJ1VHJ2orbmPbBqYaFr3aZbf5EUQmqbIYbU9WHbXmmfZapGUqoHrL3Ev73Wmn3mfJmbYKYGnWXsQVXGvnpTvU0rYdqi5vfY&mediaDataID=6530936&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb84317e7b5c9e-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame E9F2	0 480 B	9ms 8ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aOmSK5pGvnmHnC5TYj5dyt3AZbLpbMJYGQ0YGrU1sbnmaj33r32WFZbAUmMWPTbXSsFtQdFr1WnwVmMx4sJW0FvZaV6yu4mZbgQPMF4WvnXWYAmWAu4mr14Gj7VcUjWsf7RAFuWWZbUUFM15bepWEYpVqJcSaYIRsbBPU6vRW7cUVM54r6sodAnYE2M4tQZdQcrD2AYIptaoUWJcYrMk1UY9XaqsUFUsp58qfO&mediaDataID=6546596&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb8431aed55c9e-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 84EE	0 480 B	8ms 8ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aVmSK5SGjH2mQZdod6nUH380bQ9YFJg1qZaMRFvZcTb3SWH3TmUJxQUJm1qYO5aUj2qfXmEjIYU3hUWbPoA7DpVUrmWvL5TZb92Hmn3AZbIprMEXGYSXG321svwpTb43FQ5VUnEUmf2Pqb0ScvsQH7O1WvnTPMN3VrVXrUDT6im2PUePPMH4Wrm0WrZdnHeo5ABV3GMbUsr9VcblSAQoWdF3WrM10FADn4D4GS&mediaDataID=5436426&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb8431ac0f695d-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 2F46	0 480 B	10ms 10ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aNmSK52PU9R6bA2tvq1WvJpdem4PJR5cUgTGvkVV78S6QnUH33TrB45UAxWEjmTEBbQEQFSsYAPb6nPHfkUGQP2UmvmtqMYEey4dQBSGjZa5AULodipUdQ60brkYFZb60qqtPUBFUbBXTtM2mFbnPrrt1q3n4q7d4EvRmEMC1rZbfUtMUoA3CnsQrpd3J3aZbk5H6n4PFImrMJYVM01cFVXGvwsqbbq9q6lK&mediaDataID=6807466&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb8431fcae695d-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 7956	0 480 B	8ms 8ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aPmURg0qmu4dMAQsvH56vZcmd6mUd36YrQkYrf61TeMSU3ZcUrYSWtrYoFZbuPbrt1TZbs5EFa4EfPmEbA1r3hWWJWoPvDnG7uptfG5Evl5teN5AJKmFnZaYsfS1VrU1GnopTJV3UMPWFnEW6j4REMRSs3sStJr0WbpWAMw4sUVXFvZcUP6p4AZb8R6bK2HZbqXWrAmtaN3PQV4Vj9VcrkWcBiS6MNUtnSUUMP5b2uUqn2VdUTb1Wnd2&mediaDataID=5578346&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb84323d3a695d-FRA vary Origin
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame C1EE	13 KB 5 KB	41ms 40ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a3mSK536YR3sr6TsMaVGBhPPnnTHQRTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4djZbSVBC4PnZdmWXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrq1qZbq5aUl2aUYmaJCYUU6WtbUn63CncvwoWfD5EU73Hmp3AZbKnbjIYs30YGFYXsfNmEFP2U3QWUbZcUA7TREb0VGQGsylDIZc&mediaDataID=6719746&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb84326db47057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame C1EE Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623067... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726623067... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662306741660265&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U... https://a.tribalfusion.com/i.match?p=b11&u=F6FB431B-9E85-440D-A93D-0144E7D24D45	43 B 488 B	172ms 172ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b11&u=F6FB431B-9E85-440D-A93D-0144E7D24D45 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a3mSK536YR3sr6TsMaVGBhPPnnTHQRTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4djZbSVBC4PnZdmWXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrq1qZbq5aUl2aUYmaJCYUU6WtbUn63CncvwoWfD5EU73Hmp3AZbKnbjIYs30YGFYXsfNmEFP2U3QWUbZcUA7TREb0VGQGsylDIZc&mediaDataID=6719746&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84333d626993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b11&u=F6FB431B-9E85-440D-A93D-0144E7D24D45 date Fri, 15 Oct 2021 19:39:55 GMT cache-control no-store, no-cache, private x-lat amspug019:0:386 server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	hmac-sha1.js Show response cdnx.tribalfusion.com/media/5207316/ Frame 6FF4	5 KB 3 KB	15ms 15ms	Script application/x-javascript	2606:4700::6812:c05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://cdnx.tribalfusion.com/media/5207316/hmac-sha1.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a7mSK50GnQ1c320srpnTnW5UMSVrjCUmYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWJCptey5AvV5cjeUVJ8UcJiPP3oUdnPUUrX2U2pUqnvVE3iQEBZdQcYKPFuoPHUdWcQU4b6ooWioYT2m2HMZdQVrG2mQHoWXnVWf8XUYcYFj90EqoPUYCTFM3WtQ0nbFxRUrN1EFtXqJ5oDqqMg&mediaDataID=5207316&mediaName=frame.html Protocol HTTP/1.1 Server 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 373015d4e34dbf73ecb406228a102a191bf689ab1531ad0afa629e97b6a4a7bd Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip CF-Cache-Status HIT Age 24917 Transfer-Encoding chunked P3P CP="NOI DEVo TAIa OUR BUS" Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 X-Function 301 Last-Modified Thu, 08 Feb 2018 21:10:28 GMT Server cloudflare Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public CF-RAY 69eb84326a1a5bf5-FRA Expires Tue, 31 Dec 2030 00:00:00 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 6FF4	13 KB 5 KB	42ms 42ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a7mSK50GnQ1c320srpnTnW5UMSVrjCUmYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWJCptey5AvV5cjeUVJ8UcJiPP3oUdnPUUrX2U2pUqnvVE3iQEBZdQcYKPFuoPHUdWcQU4b6ooWioYT2m2HMZdQVrG2mQHoWXnVWf8XUYcYFj90EqoPUYCTFM3WtQ0nbFxRUrN1EFtXqJ5oDqqMg&mediaDataID=5207316&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb84326db67057-FRA
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 71D2	13 KB 5 KB	38ms 38ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a4mSK5prMZd0GnS1sU00VZbupTrT2rvVWrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2cB20FFJT6yw4mFgPmbC4WFMXHrZcnHaw3mB14GjbVcM9Ucb8S6UvTWvTTFM15bAuWavwVEJbSaJZbScQJRrZaoRtUcWsbV2rusnHAyXTmp2tbFSGjZa4AJKmdTtTWYbYF3kYrYiXTaoSrrDTUY4Wd3WorQxRUrr4aYHmoZaCgi&mediaDataID=8039566&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb84328e057057-FRA
GET H2	200	dspreply public-prod-dspcookiematching.dmxleo.com/ Frame 71D2 Redirect Chain https://a.tribalfusion.com/i.match?p=b24&u=18072662306741660265&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662306741559003 https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662306741559003&cookieRequired=true	0 132 B	18ms 18ms	Image text/plain	188.65.124.38 DAILYMOTION For p...
General Check archive.org Show headers Download Go to Show image Full URL https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662306741559003&cookieRequired=true Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a4mSK5prMZd0GnS1sU00VZbupTrT2rvVWrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2cB20FFJT6yw4mFgPmbC4WFMXHrZcnHaw3mB14GjbVcM9Ucb8S6UvTWvTTFM15bAuWavwVEJbSaJZbScQJRrZaoRtUcWsbV2rusnHAyXTmp2tbFSGjZa4AJKmdTtTWYbYF3kYrYiXTaoSrrDTUY4Wd3WorQxRUrr4aYHmoZaCgi&mediaDataID=8039566&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.65.124.38 L'Haÿ-les-Roses, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR), Reverse DNS icscale-01-pub-ix7.vip.dailymotion.com Software nginx/1.15.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-dm-lb-name icscale-01-01.adm.ix7.dailymotion.com date Fri, 15 Oct 2021 19:39:57 GMT server nginx/1.15.6 content-length 0 strict-transport-security max-age=15724800; includeSubDomains Redirect headers location /dspreply?dspId=15&dspUserId=18072662306741559003&cookieRequired=true date Fri, 15 Oct 2021 19:39:57 GMT server nginx/1.15.6 content-length 113 strict-transport-security max-age=15724800; includeSubDomains x-dm-lb-name icscale-01-01.adm.ix7.dailymotion.com content-type text/html; charset=utf-8
GET H2	204	v1 ads.yahoo.com/cms/ Frame 6FF4	0 615 B	32ms 7ms	Image text/plain	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10001105643&eid=18072662306741660265&sigv=1&esig=2~65cfb3a9cd2947a82ec48d4feeac9e42bf96a815 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a7mSK50GnQ1c320srpnTnW5UMSVrjCUmYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWJCptey5AvV5cjeUVJ8UcJiPP3oUdnPUUrX2U2pUqnvVE3iQEBZdQcYKPFuoPHUdWcQU4b6ooWioYT2m2HMZdQVrG2mQHoWXnVWf8XUYcYFj90EqoPUYCTFM3WtQ0nbFxRUrN1EFtXqJ5oDqqMg&mediaDataID=5207316&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 6FF4	0 480 B	9ms 9ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=a7mSK50GnQ1c320srpnTnW5UMSVrjCUmYTPaURPVQMPHBs1W7uW6YM4G3VXbZbKV6am4A3ePArI2HUtXWJCptey5AvV5cjeUVJ8UcJiPP3oUdnPUUrX2U2pUqnvVE3iQEBZdQcYKPFuoPHUdWcQU4b6ooWioYT2m2HMZdQVrG2mQHoWXnVWf8XUYcYFj90EqoPUYCTFM3WtQ0nbFxRUrN1EFtXqJ5oDqqMg&mediaDataID=5207316&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb8432ccffd6dd-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame CF29	0 480 B	9ms 8ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aTmSK54WUqXWYLmHTv56UP3sYbVsnbVVF8RmrnTWY3TFfS3FEuVqQtTaUiQaBZaQGYIPbevRdfkWGMW2FevotAm0aun3dbZbPsrD2mMJmdAyTWYdXFQdXbYeXaeMRr3ZcUFBYTHB5mFQmRUBrYqns5qUj2Tv5nqJLYUZbfUWMRoAnBns7tmH3B2qMh3tEN56vJpFrLYVUTXc311VjnpTv45UFWQbjro0LHqe&mediaDataID=6347136&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb8432ed2ed6dd-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 74C7	0 480 B	9ms 9ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=aUmSK55EUg5teq56ZbEmUjZb0GvQXVn0XsBnnqJ32bY2WrbZbW6vTQEY5SVQNQHUyYdnoVmrp2VJWXFULVmau2AvdRmjI4dZbM1dBZdpdey36YY5VM9TGQaVVMfPPYoUtQ4UbM05UTmWEjoTTMaQarZdSsQLRF6qSdUlWsM54U6nodiOXEeN4dnDQVbA4mMHoHXpVdBaYrU6XUBk1q6MPbJZbWUBXQWUinxKNps&mediaDataID=2713736&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb84333d85d6dd-FRA vary Origin
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame 4FBA	13 KB 5 KB	69ms 68ms	Script text/javascript	2606:4700::6810:5e41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a5mSK5VWJ60bncXrBiXq6qPbBETbn1WtnWmU7uQbfNXqQO5qZba5a32oa7LYFU6WWrRmPvBncfuoWnB5EF95dEm56BJnFbGYsfU1cnXXG7nmaF33rQ5WrnFUAMTPTnRQsZbtSH3M1HvpT6Qu2Gr5XrZbKVAqt5mvhPAbK2HZbrXWYAnW2O36JS4G7fTGMjWGMjP6UMTtvSTrb32rIuUqjvTTJaVq3Nvq9kxN&mediaDataID=9148826&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69eb84335ff67057-FRA
GET H2	200	i.match a.tribalfusion.com/ Frame 4FBA Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662306741660265&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=ad942162-2def-11e... https://a.tribalfusion.com/i.match?p=b19&u=ad942109-2def-11ec-a5a1-130dfa940406	43 B 430 B	172ms 171ms	Image image/gif	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b19&u=ad942109-2def-11ec-a5a1-130dfa940406 Requested by Host: a.tribalfusion.com URL: http://a.tribalfusion.com/p.media?clickID=a5mSK5VWJ60bncXrBiXq6qPbBETbn1WtnWmU7uQbfNXqQO5qZba5a32oa7LYFU6WWrRmPvBncfuoWnB5EF95dEm56BJnFbGYsfU1cnXXG7nmaF33rQ5WrnFUAMTPTnRQsZbtSH3M1HvpT6Qu2Gr5XrZbKVAqt5mvhPAbK2HZbrXWYAnW2O36JS4G7fTGMjWGMjP6UMTtvSTrb32rIuUqjvTTJaVq3Nvq9kxN&mediaDataID=9148826&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer http://a.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 69eb84342f686993-FRA p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private content-type image/gif; charset=utf-8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 15 Oct 2021 19:39:57 GMT Server nginx Location https://a.tribalfusion.com/i.match?p=b19&u=ad942109-2def-11ec-a5a1-130dfa940406 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 129 Connection keep-alive Content-Length 43
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 71D2	0 480 B	9ms 9ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=a4mSK5prMZd0GnS1sU00VZbupTrT2rvVWrJZcW6QWQqvQPVYNQWZbr0tFsTPvm2cB20FFJT6yw4mFgPmbC4WFMXHrZcnHaw3mB14GjbVcM9Ucb8S6UvTWvTTFM15bAuWavwVEJbSaJZbScQJRrZaoRtUcWsbV2rusnHAyXTmp2tbFSGjZa4AJKmdTtTWYbYF3kYrYiXTaoSrrDTUY4Wd3WorQxRUrr4aYHmoZaCgi&mediaDataID=8039566&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb843419144e08-FRA vary Origin
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame C1EE	0 480 B	8ms 8ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=a3mSK536YR3sr6TsMaVGBhPPnnTHQRTFFP3FixVEnvWa3iQqYFRVjZaRFawRW7bUGjU4UmxmHyMXamx4djZbSVBC4PnZdmWXNUdQa0b361UB91TepSrnETbBXTtUWmbFuPFrq1qZbq5aUl2aUYmaJCYUU6WtbUn63CncvwoWfD5EU73Hmp3AZbKnbjIYs30YGFYXsfNmEFP2U3QWUbZcUA7TREb0VGQGsylDIZc&mediaDataID=6719746&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb843449764e08-FRA vary Origin
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 50 KB	43ms 43ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6cbcf901eba1ab6dbe73b986ac19162d58e3dd817b4affa622c2e9da564e1460 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51483 x-xss-protection 0 server cafe etag 5142996445981535695 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 15 Oct 2021 19:39:57 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	54ms 35ms	XHR application/json	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c70e2a60159b6c3c505e1c09e604ddd0edd9c53232d4f529af5f08fae51ce28f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8743 x-xss-protection 0
POST H/1.1	200 OK	rum Show response a.tribalfusion.com/cdn-cgi/ Frame 4FBA	0 480 B	10ms 10ms	XHR text/plain	2606:4700::6812:d05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://a.tribalfusion.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol HTTP/1.1 Server 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://a.tribalfusion.com/p.media?clickID=a5mSK5VWJ60bncXrBiXq6qPbBETbn1WtnWmU7uQbfNXqQO5qZba5a32oa7LYFU6WWrRmPvBncfuoWnB5EF95dEm56BJnFbGYsfU1cnXXG7nmaF33rQ5WrnFUAMTPTnRQsZbtSH3M1HvpT6Qu2Gr5XrZbKVAqt5mvhPAbK2HZbrXWYAnW2O36JS4G7fTGMjWGMjP6UMTtvSTrb32rIuUqjvTTJaVq3Nvq9kxN&mediaDataID=9148826&mediaName=frame.html Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers Date Fri, 15 Oct 2021 19:39:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://a.tribalfusion.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 69eb84354b674e08-FRA vary Origin
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 9DB6	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211013/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnBLlNfsUW1RRhRdxbdZqcDe5FMq2EnE8r97GL0x8OvVnGI_ukXrP8XLBs2cuY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 14 Oct 2021 21:22:20 GMT expires Thu, 28 Oct 2021 21:22:20 GMT content-type text/html; charset=UTF-8 etag 9069739545958607985 x-content-type-options nosniff content-encoding gzip server cafe content-length 4691 x-xss-protection 0 age 80257 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	17ms 16ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2271	152 KB 42 KB	694ms 694ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1382747617792961&output=html&adk=1812271804&adf=3025194257&lmt=1634326797&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=2246335018%209065640222&format=0x0&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&ea=0&flash=0&pra=7&wgl=1&dt=1634326797700&bpp=1&bdt=3168&idt=1&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e081df3bbdd4459-223896a5f5ca008e%3AT%3D1634326796%3ART%3D1634326796%3AS%3DALNI_MYJsg17vzZ6hs7Sdst0otib4pd9YA&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s%2C200x90_0ads_al_s&nras=1&correlator=4696945686617&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=16 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e1d7634d38ba96e4ec4de7ec57cb9b55b9dc08a2d9225ae05556fd15ac8a77de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1382747617792961&output=html&adk=1812271804&adf=3025194257&lmt=1634326797&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=2246335018%209065640222&format=0x0&url=http%3A%2F%2Fwww.rinkworks.com%2Fchecklist%2Flist.cgi%3Fu%3Dmrb%26U%3Dmrb%26p%3Dfoxfilmnoir&ea=0&flash=0&pra=7&wgl=1&dt=1634326797700&bpp=1&bdt=3168&idt=1&shv=r20211013&mjsv=m202110080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8e081df3bbdd4459-223896a5f5ca008e%3AT%3D1634326796%3ART%3D1634326796%3AS%3DALNI_MYJsg17vzZ6hs7Sdst0otib4pd9YA&prev_fmts=728x15_0ads_al_s%2C468x15_0ads_al_s%2C200x90_0ads_al_s&nras=1&correlator=4696945686617&pv_ch=2246335018%2B9065640222%2B&frm=20&pv=1&ga_vid=1517063113.1634326797&ga_sid=1634326797&ga_hid=1263146170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31062937%2C31063140%2C44748552&oid=2&pvsid=1102260434320130&pem=431&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=16 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnBLlNfsUW1RRhRdxbdZqcDe5FMq2EnE8r97GL0x8OvVnGI_ukXrP8XLBs2cuY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 15 Oct 2021 19:39:58 GMT server cafe content-length 43093 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	53ms 25ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:57 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Fri, 15 Oct 2021 19:39:57 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame D756	12 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Fri, 15 Oct 2021 18:28:20 GMT expires Sat, 15 Oct 2022 18:28:20 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4297 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CAFD	783 B 1 KB	39ms 17ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8002b112fa0f2cbade5f77a2e6b1538d63e29624c5700263aa6e78b1589d6ffc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-PjS35Y1gtKxTsWrzfTk6cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 15 Oct 2021 19:39:57 GMT date Fri, 15 Oct 2021 19:39:57 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-PjS35Y1gtKxTsWrzfTk6cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response pagead2.googlesyndication.com/bg/ Frame D756	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 11:58:51 GMT content-encoding br x-content-type-options nosniff age 27666 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13341 x-xss-protection 0 last-modified Mon, 11 Oct 2021 11:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 15 Oct 2022 11:58:51 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame CAFD	0 0	55ms 55ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=1102260434320130&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 119 B	41ms 41ms	Image image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=1102260434320130&bg=!a2ilaCzNAAao6lBpqOo7ACkAdvg8Wouz9s5m1oPCKeKJg0WS8YoK0wJqEOibrvKB_GX6zbRfsZffGgIAAABmUgAAAAxoAQcKAJTDPTpH-FcrcSBsmiLQEfcgCbyQgrj52hNTui8kf7ybtmS5obw7XG_Tx-c1h6PqIPULxxbZd0onUrSgIWhM3NUBM7Ox_FUBuSYBIFHB0MwoYZfUZ7tyvT3KbbeTzSloD3-imH6x7Kjn99tyBY1F9IKB71UqDss-vV8faW2BD85pfPsi5yWxjo9IeTr08EtVZby6SaflmQLBpionsPGjZ4JpFm3gsmAyPrpuNy1LBOwAVxg7bykZL97sxnPh3zvxyv4yh0iOBtoc_q0R-D_6rJ782frrjUol6SZKaWlr46286rRXPD17MGCC1HZPmIRmUlag__BXZmuork7qwZx8La0vFYbOYkUOun6Tkbw0BpIs7J8MQYKiRukH23MRuD8F5qZufKZ55MvSfOkAnOHXsZlK5vzynxGHzQvcNRB4lUiAtM7-zw_VbfPGPii28gSxeSEjDuNKCPoYHGnGSxjGwmxja-MT4wWSEcOJaFxMZIOogSVXCD1KbNcQYvsoRsvozvjLE5DQ98E-x-qwrNQvrp3_HeX2eG_EpIzSQqVnQfyw5lzxPCV-FkMvYihelpVCJ8UB2mbn5EBOeTLiRjSBw-ansaD5N43pkGQ5nRIrq9nlBXgNu7HpOEFp4d_-MjrVNNVNWW9fPKzQtD_drWkYU-kuB197VQ2Vzu15w8mXzazhNJgNBD8Kc1XeM10KdAGUhAvSn82x1V3sHQKdVQTY8VRYiGYWSkxr_B49WSCaRNlxk5ea5mpjuoC7IcIkQshEOPCEEANI6lGhdMKx7J-CluV1NS_Wn72yMCImWdUooJqITtYHYqoyFRBCaMSRWEiUwP-zyXSift6p3t2X0269le5-u03i2_BA23GVH7WN0FW-suEq90iNUQUUbiWstvLHsb9xMchi7tYZmGV7U2doAT8FCGt6TflR7vMhnw_oO0d0hJpEcQ-6ynVG6yypR0cCsArNtdd2E0qEARAyC1I-u8YrafnR4_3Rmv2wFsGcDrRW71cUV5YAKsFWMKLhBQvu-WDxBfKOmqZQBUTngOGYzp3ZfHbMQ_-clKq4As2zdkoucVN0EsTJYGYGJNYiLlTlwvNdhVZpXb5z6rlWM0lprsrUiJ6larNncK57hTaWTmdRpW1-VkwB69WA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	bsevent.gif tps20520.doubleverify.com/	807 B 1 KB	8ms 7ms	Ping image/gif	213.254.244.15 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://tps20520.doubleverify.com/bsevent.gif?impid=88a9658a9d4a4b0388edd1a932ab11a8&pltfrm=Linux%20x86_64&cbust=1634326798067494 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal99.js Protocol HTTP/1.1 Server 213.254.244.15 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer http://www.rinkworks.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Oct 2021 19:39:58 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type image/gif Access-Control-Allow-Origin http://www.rinkworks.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 860 Expires 10/14/2021 7:39:58 PM
GET H2	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/	143 KB 52 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/reactive_library_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 31482b9e7989803c418ff1d8667f90efef846f1e4440bcf5a233dacf062c9491 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:58 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52637 x-xss-protection 0 server cafe etag 13857481073196887475 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 15 Oct 2021 19:39:58 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	17ms 17ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	18ms 18ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.rinkworks.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Fri, 15 Oct 2021 19:39:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/ Frame D901	10 KB 5 KB	7ms 7ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110080101/show_ads_impl_with_ama_fy2019.js?client=pub-1382747617792961&plah=www.rinkworks.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://www.rinkworks.com/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUnBLlNfsUW1RRhRdxbdZqcDe5FMq2EnE8r97GL0x8OvVnGI_ukXrP8XLBs2cuY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.rinkworks.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 15 Oct 2021 00:26:23 GMT expires Fri, 29 Oct 2021 00:26:23 GMT content-type text/html; charset=UTF-8 etag 9069739545958607985 x-content-type-options nosniff content-encoding gzip server cafe content-length 4691 x-xss-protection 0 age 69215 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	css2 fonts.googleapis.com/ Frame D901	4 KB 1 KB	39ms 17ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 15 Oct 2021 18:54:55 GMT server ESF date Fri, 15 Oct 2021 19:39:58 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Fri, 15 Oct 2021 19:39:58 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D901	205 B 764 B	31ms 6ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 06:46:14 GMT x-content-type-options nosniff age 219224 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 13 Oct 2022 06:46:14 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame D901	604 B 695 B	31ms 7ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 06:45:09 GMT x-content-type-options nosniff age 46489 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 15 Oct 2022 06:45:09 GMT
GET H2	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame D901	18 KB 8 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 77de1a1b00ac331116f7aa733e701b7d7af3780b94f85d21485426ae2e0b1013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 18:49:57 GMT content-encoding gzip x-content-type-options nosniff age 3001 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7847 x-xss-protection 0 server cafe etag 3335447531747852050 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 29 Oct 2021 18:49:57 GMT
GET H2	200	css fonts.googleapis.com/ Frame 01E7	3 KB 653 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 15 Oct 2021 18:40:18 GMT server ESF date Fri, 15 Oct 2021 19:39:58 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Fri, 15 Oct 2021 19:39:58 GMT
GET H2	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 01E7	2 KB 990 B	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:19 GMT content-encoding gzip x-content-type-options nosniff age 39 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 885 x-xss-protection 0 server cafe etag 638833322182864030 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 29 Oct 2021 19:39:19 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 01E7	18 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:38:40 GMT content-encoding gzip x-content-type-options nosniff age 78 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7691 x-xss-protection 0 server cafe etag 14402072889669646931 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 29 Oct 2021 19:38:40 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 01E7	3 KB 1 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:37:26 GMT content-encoding gzip x-content-type-options nosniff age 152 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 29 Oct 2021 19:37:26 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 01E7	123 KB 38 KB	72ms 37ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:58 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37919 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1634125446224599" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 15 Oct 2021 19:39:58 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 01E7	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:38:57 GMT content-encoding gzip x-content-type-options nosniff age 61 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 29 Oct 2021 19:38:57 GMT
GET H2	200	94b9e9edb15b7c220f12fa63d878a5af.js Show response www.gstatic.com/mysidia/ Frame 01E7	27 KB 11 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 13:28:23 GMT content-encoding gzip x-content-type-options nosniff age 22295 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11213 x-xss-protection 0 last-modified Tue, 12 Oct 2021 03:34:41 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Thu, 13 Jan 2022 13:28:23 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 8DA0	1 KB 845 B	6ms 6ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 14 Oct 2021 21:06:15 GMT expires Fri, 15 Oct 2021 21:06:15 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 81223 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	dpixel cms.quantserve.com/ Frame 8DA0	35 B 465 B	42ms 8ms	Image image/gif	2620:116:800d:21:8c6e:cf2c:8d6:9fb5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPwOMSM-YAi7b0Dje0fQ0Wo&google_cver=1&google_push=AYg5qPKRz7vqRV68m_bEf2R7Diq_DGrpCSnG9f1RPFrh40OlHCKBLwgNzzJD_QY_jL8C0nR_vBvQJamz9RAeUTm3ILvvXuLdjoFU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DA0 Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJK-UR5... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJK-UR5... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxOTM5NTgwMDAxMDk1MzQ1NzEyNw%3D%3D&google_push=AYg5qPJK-UR5S_eHFif6L0WTGtk38RldJlFZawKivmddTzec_ulNHb0LU4gtgDTmFndz1k...	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxOTM5NTgwMDAxMDk1MzQ1NzEyNw%3D%3D&google_push=AYg5qPJK-UR5S_eHFif6L0WTGtk38RldJlFZawKivmddTzec_ulNHb0LU4gtgDTmFndz1kN6i9mBU63HH7So-1CeJW53r2nVw-UC Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTUxOTM5NTgwMDAxMDk1MzQ1NzEyNw%3D%3D&google_push=AYg5qPJK-UR5S_eHFif6L0WTGtk38RldJlFZawKivmddTzec_ulNHb0LU4gtgDTmFndz1kN6i9mBU63HH7So-1CeJW53r2nVw-UC pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Fri, 15 Oct 2021 19:39:58 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DA0 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEAXjZp7787VQGmmyS4K8QpE&google_cver=1&google_push=AYg5qPJNdoAITVEnU4nOZ7DdFrLMe_6TG_ViOcvqKxy7nC_Z5nimprg_J4crbu99_6S220lVUr-jxaARReGKfPOPdUMWzLbFRzWh https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJNdoAITVEnU4nOZ7DdFrLMe_6TG_ViOcvqKxy7nC_Z5nimprg_J4crbu99_6S220lVUr-jxaARReGKfPOPdUMWzLbFRzWh&google_hm=S5GEO8duyv0Jx2lEDxWb5Q==	170 B 188 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJNdoAITVEnU4nOZ7DdFrLMe_6TG_ViOcvqKxy7nC_Z5nimprg_J4crbu99_6S220lVUr-jxaARReGKfPOPdUMWzLbFRzWh&google_hm=S5GEO8duyv0Jx2lEDxWb5Q== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:57 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJNdoAITVEnU4nOZ7DdFrLMe_6TG_ViOcvqKxy7nC_Z5nimprg_J4crbu99_6S220lVUr-jxaARReGKfPOPdUMWzLbFRzWh&google_hm=S5GEO8duyv0Jx2lEDxWb5Q== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id p2ca0t0lla056616p3o9j2h00fbi25p1
GET H2	200	pixel cm.g.doubleclick.net/ Frame 8DA0 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9vtDG56FRA2pPQFE59JNRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 232 B	18ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9vtDG56FRA2pPQFE59JNRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJs9bsKt1kGHSrKjNR5BDUXHZRVr_vu9NM1Xb7WkHSuJSvflQHzqX_jOWX9XQ8YrizmghaW3W5bZQ9f8unOgbFWOpOcqBHp Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9vtDG56FRA2pPQFE59JNRQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJs9bsKt1kGHSrKjNR5BDUXHZRVr_vu9NM1Xb7WkHSuJSvflQHzqX_jOWX9XQ8YrizmghaW3W5bZQ9f8unOgbFWOpOcqBHp date Fri, 15 Oct 2021 19:39:58 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	pixel cm.g.doubleclick.net/ Frame 8DA0 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF3hWr4XZbkDycT-KVAXfWM&google_cver=1&google_push=AYg5qPKifFxgOR2Me3mKmV_UTR001VP2RyrAT4tX4kKZ5T-h-gqW0qtfcUyQI8dEp0PLbOOK6JH... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUlo4Sk8tTi1KM0RC&google_push=AYg5qPKifFxgOR2Me3mKmV_UTR001VP2RyrAT4tX4kKZ5T-h-gqW0qtfcUyQI8dEp0PLbOOK6JHvfqT3q9WzBP27QIzOmUPzXOPP	170 B 243 B	17ms 17ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUlo4Sk8tTi1KM0RC&google_push=AYg5qPKifFxgOR2Me3mKmV_UTR001VP2RyrAT4tX4kKZ5T-h-gqW0qtfcUyQI8dEp0PLbOOK6JHvfqT3q9WzBP27QIzOmUPzXOPP Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VTUlo4Sk8tTi1KM0RC&google_push=AYg5qPKifFxgOR2Me3mKmV_UTR001VP2RyrAT4tX4kKZ5T-h-gqW0qtfcUyQI8dEp0PLbOOK6JHvfqT3q9WzBP27QIzOmUPzXOPP Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost a66cbf3142c6ef39e3614b84a34262cf Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 8DA0 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao...	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DA0 Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEH4OOfFiiSsnYAhhTJDESSo&google_cver=1&google_push=AYg5qPJIPFq_zg0qEHSle2iP... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIPFq_zg0qEHSle2iPei0LAz-0SIqvvhsHZfARQyOXISbvmPq_72_IT1aZwHiJQj1LJYW_XUSE5LNCsC8IaMFjChYtF_0Tuw&google_hm=	170 B 188 B	17ms 16ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIPFq_zg0qEHSle2iPei0LAz-0SIqvvhsHZfARQyOXISbvmPq_72_IT1aZwHiJQj1LJYW_XUSE5LNCsC8IaMFjChYtF_0Tuw&google_hm= Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 15 Oct 2021 19:39:58 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJIPFq_zg0qEHSle2iPei0LAz-0SIqvvhsHZfARQyOXISbvmPq_72_IT1aZwHiJQj1LJYW_XUSE5LNCsC8IaMFjChYtF_0Tuw&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Thu, 14 Oct 2021 19:39:58 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 8DA0	0 50 B	30ms 29ms	Image text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiRiLCUalH3-AD2Wh5Ah9Z7DDuaQlm56kumKo_v_osVLEh0Kfqpnn8_f3CXkpfAGtzQW4x2A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 19:39:58 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Show response pagead2.googlesyndication.com/bg/ Frame BAC9	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js Requested by Host: www.rinkworks.com URL: http://www.rinkworks.com/checklist/list.cgi?u=mrb&U=mrb&p=foxfilmnoir Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 15 Oct 2021 11:58:51 GMT content-encoding br x-content-type-options nosniff age 27667 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13341 x-xss-protection 0 last-modified Mon, 11 Oct 2021 11:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 15 Oct 2022 11:58:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWnZDMINAY3ocQPq-Z4DvAAABIEAAAAB&google_push=AYg5qPLEUMyZi-UGFuySA3ofpNkjgD7RUKTcHKROrge5ebDLzt2jZRye7rKQxgpdoUC725XJtnipbMdpubOOBqlHao6pBx1yjS8_&google_cver=1&google_gid=CAESEF6QHaLX7bp6cOpM_q1c9g0