urlscan.io logo urlscan.io
SecurityTrails logo

www.thecrimsonmarket.com Open in urlscan Pro
203.219.49.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.thecrimsonmarket.com/
Effective URL: https://www.thecrimsonmarket.com/
Submission: On June 16 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 5 countries across 39 domains to perform 253 HTTP transactions. The main IP is 203.219.49.92, located in Camden West, Australia and belongs to TPG-INTERNET-AP TPG Telecom Limited, AU. The main domain is www.thecrimsonmarket.com.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.
This is the only time www.thecrimsonmarket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
65 203.219.49.92 7545 (TPG-INTER...)
1 142.250.67.10 15169 (GOOGLE)
2 142.250.71.72 15169 (GOOGLE)
1 104.21.95.85 13335 (CLOUDFLAR...)
4 104.18.2.78 13335 (CLOUDFLAR...)
3 151.101.193.140 54113 (FASTLY)
8 104.99.188.232 9443 (VOCUS-RET...)
1 5 142.250.204.2 15169 (GOOGLE)
3 104.21.85.158 13335 (CLOUDFLAR...)
1 216.239.36.178 15169 (GOOGLE)
1 13.35.147.23 16509 (AMAZON-02)
6 18.67.93.59 16509 (AMAZON-02)
1 104.22.74.216 13335 (CLOUDFLAR...)
22 35.244.144.25 396982 (GOOGLE-CL...)
2 84.17.38.229 60068 (CDN77 _)
8 54.169.90.152 16509 (AMAZON-02)
7 52.77.194.87 16509 (AMAZON-02)
7 182.161.73.145 55569 (CRITEO-AS...)
11 103.43.90.21 29990 (ASN-APPNEX)
1 151.101.129.140 54113 (FASTLY)
1 142.250.204.4 15169 (GOOGLE)
1 172.217.24.35 15169 (GOOGLE)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 172.67.69.19 13335 (CLOUDFLAR...)
3 142.250.204.6 15169 (GOOGLE)
1 104.21.33.230 13335 (CLOUDFLAR...)
19 79.127.213.215 60068 (CDN77 _)
3 104.116.108.27 16625 (AKAMAI-AS)
1 23.48.96.201 20940 (AKAMAI-ASN1)
4 23.52.225.82 16625 (AKAMAI-AS)
1 23.198.57.183 16625 (AKAMAI-AS)
11 172.217.167.66 15169 (GOOGLE)
1 182.161.73.132 55569 (CRITEO-AS...)
1 35.213.12.39 15169 (GOOGLE)
8 184.24.241.42 16625 (AKAMAI-AS)
1 35.213.34.3 15169 (GOOGLE)
1 182.161.73.140 55569 (CRITEO-AS...)
2 151.101.193.108 54113 (FASTLY)
2 108.158.28.111 16509 (AMAZON-02)
3 172.217.24.38 15169 (GOOGLE)
2 172.217.167.97 15169 (GOOGLE)
1 142.250.66.194 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
2 142.250.204.10 15169 (GOOGLE)
1 142.251.221.66 15169 (GOOGLE)
1 2 52.223.40.198 16509 (AMAZON-02)
1 182.161.73.136 55569 (CRITEO-AS...)
1 52.223.2.229 16509 (AMAZON-02)
2 2 70.42.32.63 13789 (INTERNAP-...)
4 54.169.108.244 16509 (AMAZON-02)
1 13.107.21.237 8068 (MICROSOFT...)
6 6 35.75.93.50 16509 (AMAZON-02)
1 1 67.199.150.86 3257 (GTT-BACKB...)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 1 23.106.127.57 ()
2 2 151.101.194.49 54113 (FASTLY)
253 51
65    203.219.49.92 (Camden West, Australia)

ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU)
PTR: 203-219-49-92.tpgi.com.au
www.thecrimsonmarket.com
1    142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
fonts.googleapis.com
2    142.250.71.72 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f8.1e100.net
www.googletagmanager.com
1    104.21.95.85 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnflow.co
4    104.18.2.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s.nitropay.com
3    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
pixel-config.reddit.com
8    104.99.188.232 (Sydney, Australia)

ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: a104-99-188-232.deploy.static.akamaitechnologies.com
s.pinimg.com
ct.pinterest.com
5    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
3    104.21.85.158 (None, )

ASN13335 (CLOUDFLARENET, US)
js.reactflow.com
1    216.239.36.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.35.147.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-23.syd1.r.cloudfront.net
wrappers.geoedge.be
6    18.67.93.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-59.syd62.r.cloudfront.net
rumcdn.geoedge.be
1    104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
22    35.244.144.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.144.244.35.bc.googleusercontent.com
tracker.nitropay.com
a.nitropay.com
2    84.17.38.229 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 84-17-38-229.bunnyinfra.net
v.nitropay.com
8    54.169.90.152 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
7    52.77.194.87 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
7    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
11    103.43.90.21 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
sin3-ib.adnxs.com
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
www.google.com
1    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f3.1e100.net
www.google.com.au
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    142.250.204.6 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f6.1e100.net
ad.doubleclick.net
1    104.21.33.230 (None, )

ASN13335 (CLOUDFLARENET, US)
consent.nitrocnct.com
19    79.127.213.215 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 79-127-213-215.bunnyinfra.net
nitropay-1811.b-cdn.net
3    104.116.108.27 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-116-108-27.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.48.96.201 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-201.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    23.52.225.82 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-225-82.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
1    23.198.57.183 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-57-183.deploy.static.akamaitechnologies.com
cdn.adnxs.com
11    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
apac-jp-sync.bidswitch.net
8    184.24.241.42 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-241-42.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    35.213.34.3 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 3.34.213.35.bc.googleusercontent.com
media.grid.bidswitch.net
1    182.161.73.140 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
grid-mercury.criteo.com
2    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    108.158.28.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-28-111.syd3.r.cloudfront.net
gw.geoedge.be
3    172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f6.1e100.net
s0.2mdn.net
2    172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
www.googleadservices.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
imasdk.googleapis.com
1    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
securepubads.g.doubleclick.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    54.169.108.244 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-108-244.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
6    35.75.93.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-93-50.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    67.199.150.86 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.57 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    151.101.194.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
65 thecrimsonmarket.com
www.thecrimsonmarket.com
10 MB
28 nitropay.com
s.nitropay.com — Cisco Umbrella Rank: 26065
tracker.nitropay.com — Cisco Umbrella Rank: 23379
v.nitropay.com — Cisco Umbrella Rank: 128028
a.nitropay.com — Cisco Umbrella Rank: 31159
436 KB
19 b-cdn.net
nitropay-1811.b-cdn.net
2 MB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 283
cdn.adnxs.com — Cisco Umbrella Rank: 1918 Failed
sin3-ib.adnxs.com — Cisco Umbrella Rank: 13485 Failed
acdn.adnxs.com — Cisco Umbrella Rank: 631
86 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
142 KB
11 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1278
match.sharethrough.com — Cisco Umbrella Rank: 551
6 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 663
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 13783 Failed
grid-mercury.criteo.com — Cisco Umbrella Rank: 3705 Failed
gum.criteo.com — Cisco Umbrella Rank: 501
25 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 636
ib.3lift.com Failed
eb2.3lift.com — Cisco Umbrella Rank: 446
13 KB
9 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 17348
rumcdn.geoedge.be — Cisco Umbrella Rank: 3309
gw.geoedge.be — Cisco Umbrella Rank: 4552
188 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 276
41 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 860
px.moatads.com — Cisco Umbrella Rank: 667
111 KB
7 media.net
contextual.media.net — Cisco Umbrella Rank: 758 Failed
warp.media.net — Cisco Umbrella Rank: 3263 Failed
lg3.media.net — Cisco Umbrella Rank: 9158
hblg.media.net — Cisco Umbrella Rank: 2529
62 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 679
3 KB
6 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 901
4 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 348
57 KB
3 reactflow.com
js.reactflow.com — Cisco Umbrella Rank: 814793
24 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
imasdk.googleapis.com — Cisco Umbrella Rank: 538
140 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 857
677 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 784
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 415
994 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 751
31 KB
2 bidswitch.net
apac-jp-sync.bidswitch.net — Cisco Umbrella Rank: 33753 Failed
media.grid.bidswitch.net — Cisco Umbrella Rank: 3109 Failed
470 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1085
1 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2067
alb.reddit.com — Cisco Umbrella Rank: 1388
761 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1074
api.btloader.com — Cisco Umbrella Rank: 1183
29 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1101
22 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1179
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
186 KB
1 smartadserver.com
rtb-csync.smartadserver.com
786 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 647
1 KB
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1064
468 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 226
689 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2450 Failed
296 B
1 nitrocnct.com
consent.nitrocnct.com — Cisco Umbrella Rank: 49156
36 KB
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 22775
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
64 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
260 B
1 cdnflow.co
cdnflow.co — Cisco Umbrella Rank: 643511
9 KB
253 39
Domain Requested by
65 www.thecrimsonmarket.com www.thecrimsonmarket.com
19 nitropay-1811.b-cdn.net v.nitropay.com
14 tracker.nitropay.com s.nitropay.com
11 pagead2.googlesyndication.com rumcdn.geoedge.be
pagead2.googlesyndication.com
imasdk.googleapis.com
8 tlx.3lift.com s.nitropay.com
www.thecrimsonmarket.com
8 a.nitropay.com s.nitropay.com
7 px.moatads.com
7 ib.adnxs.com s.nitropay.com
7 bidder.criteo.com s.nitropay.com
7 btlr.sharethrough.com s.nitropay.com
6 match.prod.bidr.io 6 redirects
6 ct.pinterest.com s.pinimg.com
s.nitropay.com
6 rumcdn.geoedge.be s.nitropay.com
www.thecrimsonmarket.com
4 match.sharethrough.com
4 sin3-ib.adnxs.com rumcdn.geoedge.be
cdn.adnxs.com
4 googleads.g.doubleclick.net www.googletagmanager.com
rumcdn.geoedge.be
4 s.nitropay.com www.thecrimsonmarket.com
s.nitropay.com
3 s0.2mdn.net rumcdn.geoedge.be
s.nitropay.com
3 contextual.media.net rumcdn.geoedge.be
www.thecrimsonmarket.com
3 ad.doubleclick.net www.thecrimsonmarket.com
rumcdn.geoedge.be
3 js.reactflow.com cdnflow.co
s.nitropay.com
2 sync-tm.everesttech.net 2 redirects
2 b1sync.zemanta.com 2 redirects
2 match.adsrvr.org 1 redirects s.nitropay.com
2 imasdk.googleapis.com s.nitropay.com
2 static.criteo.net s.nitropay.com
static.criteo.net
2 tpc.googlesyndication.com rumcdn.geoedge.be
2 gw.geoedge.be rumcdn.geoedge.be
2 acdn.adnxs.com www.thecrimsonmarket.com
s.nitropay.com
2 lg3.media.net www.thecrimsonmarket.com
2 ad-delivery.net www.thecrimsonmarket.com
2 v.nitropay.com s.nitropay.com
2 s.pinimg.com www.googletagmanager.com
s.nitropay.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 www.googletagmanager.com www.thecrimsonmarket.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 c.bing.com
1 eb2.3lift.com s.nitropay.com
1 gum.criteo.com s.nitropay.com
1 securepubads.g.doubleclick.net imasdk.googleapis.com
1 www.googleadservices.com rumcdn.geoedge.be
1 hblg.media.net www.thecrimsonmarket.com
1 z.moatads.com rumcdn.geoedge.be
1 cdn.adnxs.com rumcdn.geoedge.be
1 warp.media.net rumcdn.geoedge.be
1 qsearch-a.akamaihd.net rumcdn.geoedge.be
1 grid-mercury.criteo.com rumcdn.geoedge.be
1 media.grid.bidswitch.net rumcdn.geoedge.be
1 apac-jp-sync.bidswitch.net rumcdn.geoedge.be
1 cat.sg1.as.criteo.com rumcdn.geoedge.be
1 consent.nitrocnct.com s.nitropay.com
1 api.btloader.com btloader.com
1 www.google.com.au www.thecrimsonmarket.com
1 www.google.com www.thecrimsonmarket.com
1 alb.reddit.com www.thecrimsonmarket.com
1 pixel-config.reddit.com www.redditstatic.com
1 btloader.com s.nitropay.com
1 wrappers.geoedge.be s.nitropay.com
1 www.google-analytics.com www.googletagmanager.com
1 cdnflow.co www.thecrimsonmarket.com
1 fonts.googleapis.com www.thecrimsonmarket.com
0 ib.3lift.com Failed rumcdn.geoedge.be
253 65

This site contains links to these domains. Also see Links.

Domain
nitropay.com
Subject Issuer Validity Valid
diablo4traders.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdnflow.co
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
nitropay.com
GTS CA 1P5		 2024-05-14 -
2024-08-12		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
reactflow.com
GTS CA 1P5		 2024-04-26 -
2024-07-25		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
btloader.com
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.nitropay.com
WR3		 2024-06-03 -
2024-09-01		 3 months crt.sh
v.nitropay.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.com.au
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
nitrocnct.com
E1		 2024-04-20 -
2024-07-19		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.sg1.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-14 -
2024-09-11		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-15 -
2024-08-07		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
media.grid.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-11 -
2024-08-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-25 -
2024-07-19		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh

This page contains 21 frames:

Primary Page: https://www.thecrimsonmarket.com/
Frame ID: 430BD312B18554934AA28AF4B4149212
Requests: 193 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 812C7452CCAE053CDD83248875FB02E0
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 02324C8B503E8C0BDC04E1FE5E80889E
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 328660FB41BF3828188866BD145C0553
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGJqxlpECMAE&v=APEucNU3MXjLDcPZozNjH7MPCagYY_7AnbEHx404oYdHuCCRMZX7cB2uVe6hSrrhBGKQtiKGV2XbYbLkBNDjXPzVMu1BjEsaNgeA9PV1llryVDuBf4bs1x4
Frame ID: 0550A4668AAC40C3328EED6F07CD487B
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 19B8AEB089DDDB19BEDF0E2191D177B1
Requests: 6 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: E53896D8B23DA4DAAC8561C62AE3D373
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 1765441A8D988883F379EB8460224864
Requests: 12 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: D4FFD23BEAA76EED8125D5C231988F53
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGJqxlpECMAE&v=APEucNUAG97FGneonZkiBpQZT7kZMK5SE8Z1F9_a84FBOYFUi30z9u4erMB1AXcsUWsqejQ50N2ExnOw9H05k8vbaaT1hv98mDFM01W5D5n5lhx7tR7RHhI
Frame ID: 9F361EC160292AC8B8F0B18EA0741D7E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2430&&kkdd=3*%7CH%7CAn*9&5t=(w(Kf(sRFKK7KfDRFFD&ZYbp=s&aobV=s&Oovb=s&~Y5=(Ff7&lo~3=-fLF&~tY=KdrRWC!Bw&~b~Y=wpXb(wW~psYPy8-1rFAZ4m%3D%3D&~ptY=FfF7LRKfs&ot_3=(7s47ss&~~=Ur&o~=ABC&~vTa=iUXx2Ag&btY=Kc2N!irmK&lbtY=6F(LLRF&vllbo=(&ppp=l_XHv-~MH-HlPfdpy25xK.gP1OMslswSc(W1b-GD3E9Y6YbLqLuZEU%3D%3D&To3=f&MO=(&SZY=R&VYl(=KdrFd)FK7&VYlF=wfF((f7(F&eYVlV=oYF%3DTSMM*tSpMyM%3DFs*.Z3pba%3DsIsD*5Oy34~%3DsILR*5toyoY%3DLwK*Y~F%3D(*o~Y%3DToO*5yVoT%3D7ss7K*5MFpyoY%3DFsFRs7(f(w*tSpMye%3D(fFKIK7*SpMylQ~%3Ds*olY%3D%2F%23M3qlHeVTT3pHVY*MVol%3D*5toySpMye%3DsIwL*tb%3DFYCc9U*qee%3Ds*5toySpMyM%3DRs*pttbSV%3Ds%2Cs*3l%3Dw*p~%3D(*ptoStY%3Ds%2Cs*p3qyp%3DfYw*pboyoY%3DFsFRs7(fFF*5toye%3DwKFIKL*SpMye%3DsI7f*5MFpySpMye%3Ds*5MFpySpMy5t%3DFF*SpMyl5t%3Ds*3~by33p%3D(IKD*SpMyM%3DFs*Z~Vl%3Dfss7w(*ee%3D(D7*55%3Ds*MFpye%3D(sss*3pba%3DsIsD*5MFpySpMyQ~%3DsGs*ea%3D(*VLbye%3DFIFR%2CRDIKF*otY%3DFfF7LRKfs*oY%3Ds*StY%3D(i3k_N5TQs!S6MOMU_*elY%3D(7fFFf7sLLsw7wD77D7sLL(RDRDDfFLL77fw7DL(wws(FwfKsRfLK7KsRs7(w(RsR7sKwswwRDssFDsDsRfDFRDfRDsKKKLRwFDRf(fF*5OS%3DsILR*YFbyM%3D(s*Lb~q%3D(sss*Sta%3Ds*VbbyT%3DT.TyVbb*YaayolpZ%3DvVpa.TJ*5pySpMye%3DwLFIK7*YFbye%3DsIDw*ey_%3DFsss*.ZYFbye%3DsIDw*5SpMye%3DsIDf*eSZY%3DR*oo%3DAU*~~%3DUr*StO%3DH(*~3%3Ds*pboye%3DRDIKF*5SpMyM%3DFs*dz%3DL(wF*QeyS~%3DHF*Tlo%3D(*Qey~~Qo%3DHF*~l%3DoJYT3J*34bo~.p3%3DH(*be%3DsIR*eVotoF%3D(D7*eYl%3D(w(Kf(sRFw*eVoto(%3D(D7*toX3q%3Ds*t5SpMye%3D(Is7*totq%3Ds*etY%3DsIsD*Y~%3DK*5MFpye%3DFIFR*t5SpMyM%3DFs*~eYb%3DsIsRL*tlJb3ytY%3DF(*o3MM3pylVZytY%3D%2F%23M3qlHeVTT3pHVY*oSbbMJylVZytY%3DL(K(RfRf*5t3OVetMtlJ%3DsILR(fK(*b.o%3Ds*~Vppt3pzY%3Ds*.ZetY%3DsIsDssss*eqMp%3DsIsss*oStY%3DffDsF(KLDDfFw(FFF7L*Yl~%3DVbV~yoZ*Yaay3pba%3DqVMo3*Yaa%3DvVpa.TJ*eYb~VbY%3Ds*YVMZ%3DY3qVSMl*tToM%3Ds*o.eb%3D*vlaM%3D(*Y~Sl%3Dfs*Y.Ze%3DsH(*Yaayoqa%3Da.O4yBJol3ayR7s*te~%3D(*To_%3D(*lZo%3D(7s47ss*eoV%3D)(*eoe%3DL*eob%3DH(*la4%3DKf*a4eQl%3Ds&Tl5=s&aaa=VxdKdZDRRVO-m_dZm5ZZHPYQN~RAvzYm7BHaU(dv2C~zNdEUcmcGvU%3D%3D&tO=(7s&tTzqp=(&eYpzY=R7s&etY=LffFR7&QllM3=6v3%20dptao.T%20xVpQ3l%3A%20i.a3&a~q=w7R7R&V~tY=wq3e~q~KfLKqKsYweewYq7sLD~VLwFV7&JYobp=(&QVlbp3=(&QVletY=H(sL&~VY.aVtT=l_XHv-~MH-D.ubkOa341Bob)FQb!Ulie8rDKMMrMl5G%3D&JbMb=(&totY=f&VY5=BtatMVp%20B3Vp~v&V~l=c!z%2FR%2FLT4Vqqq_R4S_3ARSRqp4A%2F_3RSULA&bZtY=bsfRwRDDLRwlFsFRs7(7sRss&bZtYo=(&ooMY=%7B%22ootb%22%3A%22(F(I(FwIRwIwR%22%2C%22oo~~%22%3A%22Ur%22%2C%22ooo~%22%3A%22ABC%22%2C%22oo~lJ%22%3A%22BJYT3J%22%7D&vlaMop~=(&sflct=480548&ure=1
Frame ID: 2F3E2F8211759A804DC512D1CC5AD083
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=1&usp_consent=1&uspstring=1-N-
Frame ID: 9E724B89A3E998ACE1614F07A2E618EB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7795&pub_id=999525
Frame ID: 1296C5CE99270586C500F2CDA6428BFB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 23C603117C3BCC5E415B44A9EB5F0B60
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12029605298126695505/VOHUHA0082_EOFYS_GenericOffer-160x600/index.html?ev=01_251
Frame ID: 43D924033755908E691E2F2FF139C65C
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 25F6C51E1EB2B8BF07924405C660BCE9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.646.1_en.html
Frame ID: 1BBB954E104598ACFABEEDF436DF2823
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1ADFE6F39B1E0A313CF3096062E8D35
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thecrimsonmarket.com&us_privacy=1---
Frame ID: D27CB9C133158CA92A215CF3FF0B20D6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 4B589B76436F1B6DFA8E629C70893F09
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6BB0C7342706829C44672A90E81471B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.thecrimsonmarket.com/ HTTP 307
    https://www.thecrimsonmarket.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Page Statistics

253
Requests

94 %
HTTPS

0 %
IPv6

39
Domains

65
Subdomains

51
IPs

5
Countries

13510 kB
Transfer

19927 kB
Size

70
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.thecrimsonmarket.com/ HTTP 307
    https://www.thecrimsonmarket.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 247
  • https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D&s=2 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=3Cf_Za85-MjP4CHkMwPY
Request Chain 249
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKSWtFN00zTWNBQUJPNlNWV0JYZw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJIkE7M3McAABO6SVWBXg&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAJIkE7M3McAABO6SVWBXg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJIkE7M3McAABO6SVWBXg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAJIkE7M3McAABO6SVWBXg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1505479457681862679&gdpr=0&gdpr_consent= HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAJIkE7M3McAABO6SVWBXg&gdpr=0
Request Chain 250
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&_test=Zm5jYAAABOgrJwAD HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Zm5jYAAABOgrJwAD
Request Chain 251
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1ebee955-d472-43e8-911a-b628e46e578a&gdpr=0&gdpr_consent=

253 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thecrimsonmarket.com/
Redirect Chain
  • http://www.thecrimsonmarket.com/
  • https://www.thecrimsonmarket.com/
948 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
163943dbf9d5b57cb3a57b9a747f6841ce4273111ca22fe528ffffa24173dd28
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-length
948
content-type
text/html; charset=UTF-8
date
Sun, 16 Jun 2024 04:00:25 GMT
etag
W/"3b4-1901c7aa898"
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express

Redirect headers

Location
https://www.thecrimsonmarket.com/
Non-Authoritative-Reason
HttpsUpgrades
main.c2f5a3d4.js
www.thecrimsonmarket.com/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/js/main.c2f5a3d4.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
dfa7ac0e9241a3b1a4502e16d17f2cf9aa2fc4b7f65ee3deb5017d0c5ed9d373
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1e1e52-1901c7aa898"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1973842
main.cd9d4ad9.css
www.thecrimsonmarket.com/static/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
ab7ac40b89dff77bfab4c230ad3489f22a53499fe99af6512a54d05b5297890a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"7ca8-1901c7aa898"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
31912
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
ESF /
Resource Hash
2521b7736ac863d6b831ff57eb1be48cafd15da2faa5170b10883e78539e7679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 04:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 02:30:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 04:00:25 GMT
js
www.googletagmanager.com/gtag/ 		356 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PHRQHT3TF9
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/js/main.c2f5a3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b49c4aed4e03f2db9c210ba26cc1075cb2c15cb05c7d82c2d5c297e34e171803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
120287
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jun 2024 04:00:25 GMT
gtm.js
www.googletagmanager.com/ 		192 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXCKKLPT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
48c158b827dc6044ede0f360dde20e0e7d8d66e423b82077a40301c735d264b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69532
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Jun 2024 04:00:25 GMT
NotificationSound.60cbab772b6b7ca8c1c1.wav
www.thecrimsonmarket.com/static/media/ 		671 KB
673 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/NotificationSound.60cbab772b6b7ca8c1c1.wav
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
f52685be7afbd81a08db8cd82c7920337409819e41a9e5c986a11dc6b2aa05a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.thecrimsonmarket.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"a7de4-1901c7aa898"
content-type
audio/wav
Content-Range
bytes 0-687587/687588
cache-control
public, max-age=0
accept-ranges
bytes
Content-Length
687588
Noto-Sans-regular.6c834530675d09f06885.woff2
www.thecrimsonmarket.com/static/media/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/Noto-Sans-regular.6c834530675d09f06885.woff2
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
f11a05f1c758bc8989e6b071d90f09bf791793e66c0b44ddce37dfe39f7709c0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"26cc-1901c7aa898"
content-type
font/woff2
cache-control
public, max-age=0
accept-ranges
bytes
content-length
9932
Cambria-01.ff852157c6f790d11e60.woff
www.thecrimsonmarket.com/static/media/ 		636 KB
638 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/Cambria-01.ff852157c6f790d11e60.woff
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
c11dea039e8ef0fdc2cdafb52e8692f34eb06e3e4c3933a010cfcdbff5b2b281
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"9f1ec-1901c7aa898"
content-type
font/woff
cache-control
public, max-age=0
accept-ranges
bytes
content-length
651756
diablo_h.61fb58522db22ebc284e.woff
www.thecrimsonmarket.com/static/media/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/diablo_h.61fb58522db22ebc284e.woff
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
898918979ff070d1239cb13fe04eb6b9b0fbac8277747f432211becfb8dfe1e9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"4388-1901c7aa898"
content-type
font/woff
cache-control
public, max-age=0
accept-ranges
bytes
content-length
17288
BebasNeue-Regular.12e3683f9192436a7be8.ttf
www.thecrimsonmarket.com/static/media/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/BebasNeue-Regular.12e3683f9192436a7be8.ttf
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
830ea186acffc2316ed1a4e42319246ba3b46b04e33a211079249bf901193f04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"e14c-1901c7aa898"
content-type
font/ttf
cache-control
public, max-age=0
accept-ranges
bytes
content-length
57676
NotoSans-VariableFont_wdth,wght.b1d0ab70303caea663db.ttf
www.thecrimsonmarket.com/static/media/ 		2 MB
2 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/NotoSans-VariableFont_wdth,wght.b1d0ab70303caea663db.ttf
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
74df1f61ab9d4bfaa961c65f8dc991deaae2885b0a6a6d6a60ed23980b3c8554
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2601c0-1901c7aa898"
content-type
font/ttf
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2490816
SpinningLogo-unscreen.526505f05023ffe3ec62.gif
www.thecrimsonmarket.com/static/media/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/SpinningLogo-unscreen.526505f05023ffe3ec62.gif
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
4e21b231fdbddba6e009962fff58f3eeef012780cb46dfbb8c6bcb79c07b91ce
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"11a89b-1901c7aa898"
content-type
image/gif
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1157275
spinner_image.be7e039889b46fea7535.webp
www.thecrimsonmarket.com/static/media/ 		265 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/spinner_image.be7e039889b46fea7535.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
2065fee715d2f8a1ac3e94dfe5da328451953dcacba5670cfe6c6c4714601176
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"423d0-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
271312
CMLogoHeader.8ab08163de3e61d343a8.webp
www.thecrimsonmarket.com/static/media/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/CMLogoHeader.8ab08163de3e61d343a8.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
21a13e05a1c873dde48dad48c5a74bce851fca80ab59760d8d978e33e727482c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1eb0-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
7856
babyDiabloheader_image.0910fdee0babd5047d5c.webp
www.thecrimsonmarket.com/static/media/ 		749 KB
751 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/babyDiabloheader_image.0910fdee0babd5047d5c.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
cb2766a17f0c07186dd637183fed48cdb5a5d27195f04a0de319401c880dc7b5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"bb394-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
766868
account_button.3defba2e824db075fb81.webp
www.thecrimsonmarket.com/static/media/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/account_button.3defba2e824db075fb81.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
50586926823b02b3e05416b93cd306650cb0696135058243b75c7f5c088a962c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"51e2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
20962
account_button_hover.c9eade9244acb5c7e31b.webp
www.thecrimsonmarket.com/static/media/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/account_button_hover.c9eade9244acb5c7e31b.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
ec367a1d38fca507c3b765c1bbb5e97250262ba06e6eeb6af148d0246b4b83d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"5a4c-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
23116
borderBottom_container.881c0e6769d971196792.webp
www.thecrimsonmarket.com/static/media/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/borderBottom_container.881c0e6769d971196792.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
8f9c9ae4698834e30d851ea09d14e8cddfd289a259c1c79ae867a877ee4929f2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"34a4-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
13476
borderTop_container.3b1b41a3c5146b482569.webp
www.thecrimsonmarket.com/static/media/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/borderTop_container.3b1b41a3c5146b482569.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
b36228382e469ae3277594d4d8a341852635c0552ded5ddea78d1e6291ec37e2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"54d6-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
21718
seamless_container.e7de53b962146bbfaf98.webp
www.thecrimsonmarket.com/static/media/ 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/seamless_container.e7de53b962146bbfaf98.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
d20ae7cdb7e13aaf3e39660b2c791b59b339f030729bbd40a847bdf4c2b82308
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"3dd88-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
253320
one_image.098e71c8e82c7d16602a.webp
www.thecrimsonmarket.com/static/media/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/one_image.098e71c8e82c7d16602a.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
15e48d5cd93d2405f17719b6f3590806f4d0308289d6576dd7b453602c1b2f72
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1836-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6198
billion_image.c8adce1de5cf5c49d8a6.webp
www.thecrimsonmarket.com/static/media/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/billion_image.c8adce1de5cf5c49d8a6.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
8fec3ec1b5ea90dee8c3809306382240e58b1afa5f0611f977996d5c8385a0aa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2716-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
10006
gold_image.2fde330caa7d38ccc8f8.webp
www.thecrimsonmarket.com/static/media/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/gold_image.2fde330caa7d38ccc8f8.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
414c60230883685b1c5a78f74bdb00ea47746c1e25ef83b1f23cf2ab1ac0efde
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"19f4-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6644
giveaway_image.c253839f136341d3afe9.webp
www.thecrimsonmarket.com/static/media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/giveaway_image.c253839f136341d3afe9.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
dcc596d440303c91ef4128328426dd079035dad745cff93dbe8facc9607b705f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"3dba-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
15802
selected_box.e534d26812af67676639.webp
www.thecrimsonmarket.com/static/media/ 		498 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/selected_box.e534d26812af67676639.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
5535819d911d4a54c61acab16a21249bb73d723a98f85e35fd289dde19933732
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1f2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
498
unselected_box.c89ed354c1d199fdaf74.webp
www.thecrimsonmarket.com/static/media/ 		380 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/unselected_box.c89ed354c1d199fdaf74.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
529c9a3cef4cb80e1bd79b988af8dd2a70447cfa1c3ca249f24a0153336b101c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"17c-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
380
selectedMode_box.d2a529286ff124165773.webp
www.thecrimsonmarket.com/static/media/ 		432 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/selectedMode_box.d2a529286ff124165773.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
ddad39040dc3ea00ec46362448c4d90531652b1690121c025b6fab65498eb289
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1b0-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
432
unselectedMode_box.51b08350e36def5b8359.webp
www.thecrimsonmarket.com/static/media/ 		328 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/unselectedMode_box.51b08350e36def5b8359.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
782c5073eee829adcd1e2453cdd1bdf9f6d4725501083df9fb61e85de22b5f6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"148-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
328
Search_button_Full.0ac3c053ac03021bb3ec.webp
www.thecrimsonmarket.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/Search_button_Full.0ac3c053ac03021bb3ec.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
6d7e9298120173710d3bae481bdae2ea4370127b862beb0d29fa7337b6b9f0da
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"c36-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3126
Search_button__click.24f2502e3141e8677300.webp
www.thecrimsonmarket.com/static/media/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/Search_button__click.24f2502e3141e8677300.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
9c9d840716e16b66a4c5093761d294516b3b47afe45a35b874f12f8b1ac1ab34
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"c30-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3120
sell_button.97e703b3988f4c5273bf.webp
www.thecrimsonmarket.com/static/media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/sell_button.97e703b3988f4c5273bf.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
6606f268d563a049ee659e7fac9da1bce37a3c5b7708f3c5c49a1aab53a65a4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1bca-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
7114
sell_button_hover.b1c683a4b57e54e7c631.webp
www.thecrimsonmarket.com/static/media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/sell_button_hover.b1c683a4b57e54e7c631.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
f27e071bd6694aa4ed7d0cea0325401f82e7ca0784882035d099d44d24e40611
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1ce4-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
7396
Modal_container.5faa53dfe11efa2c70e8.webp
www.thecrimsonmarket.com/static/media/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/Modal_container.5faa53dfe11efa2c70e8.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
9ab8e43b95ef9399481e1528792ff1ba46a92a27dafd99ce5f1a69a9126c4b8c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"33d2e-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
212270
close_button.00fadb7897e19eb722c9.webp
www.thecrimsonmarket.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/close_button.00fadb7897e19eb722c9.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
eddcbe865b543458cd3a5ac99a94a17231d390f5e215064843b0c4d0d2f99c95
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"818-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2072
messageBox.4de15539af5a1303c015.webp
www.thecrimsonmarket.com/static/media/ 		418 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/messageBox.4de15539af5a1303c015.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
f888ab50a0f92d264932da2d1a51342e202cd061d8aa8ac1119371c42eab487c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1a2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
418
messageBox_wError.e4b0c385caae7ff958ac.webp
www.thecrimsonmarket.com/static/media/ 		588 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/messageBox_wError.e4b0c385caae7ff958ac.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
d24a2fcbdf63415201962f0b02fe4c015c2e57f540792e24aa90bc8ff64e26d8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"24c-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
588
logIn_button1.3c400da304314ce7bcbd.webp
www.thecrimsonmarket.com/static/media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/logIn_button1.3c400da304314ce7bcbd.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
738ca115f4b76e5d1cf31d733ae0b59899b9f2165cc37ab0361dbd0c9936ad88
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1276-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
4726
logIn_button_hover.4e6432b61e32e80896e7.webp
www.thecrimsonmarket.com/static/media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/logIn_button_hover.4e6432b61e32e80896e7.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
422a6e28e1ed8886f2ea4d00b9370628b49f8086f11df2844c4c51fa73f877fb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"13fe-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
5118
signup_Button1.3b275d314eb0c283c28d.webp
www.thecrimsonmarket.com/static/media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/signup_Button1.3b275d314eb0c283c28d.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
6cfed6e992bdc6a4037d8324770e3a8674787a569863f8a912f5916034fa64f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1310-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
4880
close_button_click.a9faaaf1df49d300c5c2.webp
www.thecrimsonmarket.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/close_button_click.a9faaaf1df49d300c5c2.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
80a9a0d166a1b2ec17f36da2143b1869710e824ea941a477bd27467a3adad91b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"800-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2048
logInbattlenet_button.c48f65dd93b0e05e7294.webp
www.thecrimsonmarket.com/static/media/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/logInbattlenet_button.c48f65dd93b0e05e7294.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
f79c1fb227f26d8207d696ff4d37c6c970a45fc29e02beb44914b773c4b5d473
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2022-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
8226
logInbattlenet_button_hover.69a52e36777f89ea0762.webp
www.thecrimsonmarket.com/static/media/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/logInbattlenet_button_hover.69a52e36777f89ea0762.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
2860e9e51b3dd9456e354d006a534b3ec13b07d7d8c3160daab9e10160ecf7b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"20c8-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
8392
discordLogIn_button.554c21c04991a366c985.webp
www.thecrimsonmarket.com/static/media/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/discordLogIn_button.554c21c04991a366c985.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
88aabec3c66357d8caddd5a509b5965f0d263f821b9599e06b5281caf01134e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"19c4-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6596
discordLogIn_button_hover.92b901c603e8b4c6f472.webp
www.thecrimsonmarket.com/static/media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/discordLogIn_button_hover.92b901c603e8b4c6f472.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
11add018efa5f27eca5caa32d0a22907da7a33a25d58f38c4893bb2506644849
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1a22-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
6690
info_button.4939b323a9c1040efcc8.webp
www.thecrimsonmarket.com/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/info_button.4939b323a9c1040efcc8.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
dcaa629a9bbc5ce853201071e76543229fd0cddc35f2e6285b06a7d2c3de53d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"eb4-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3764
info_button_hover.8e077924cc0046d8d334.webp
www.thecrimsonmarket.com/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/info_button_hover.8e077924cc0046d8d334.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
f25ceeeabb0f3e740668ba1678ca80c2a538b5f94d1d8efb464571648bd604bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"e3a-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3642
darkanddarker_image.d39ccb85c1e736431647.webp
www.thecrimsonmarket.com/static/media/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/darkanddarker_image.d39ccb85c1e736431647.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
3f9f9212c6bbd506410cb92770ad143252d7abd89e0279c9f0fede798067ac0c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"169a6-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
92582
darkanddarkerlogo_image.2d4d998cd64453856596.webp
www.thecrimsonmarket.com/static/media/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/darkanddarkerlogo_image.2d4d998cd64453856596.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
34cb28b0c7583eaf42354107997d426160a26d3f104b8d64913400c2c6120443
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"83b2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
33714
diablo4_image.ee5f0c1e45f8210a5b5f.webp
www.thecrimsonmarket.com/static/media/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/diablo4_image.ee5f0c1e45f8210a5b5f.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
d9bdcc6b7cfde9ec82e06a0d434a3817d7cc0feb961b877029b9c0d462f38705
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"14b74-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
84852
diablo4logo_image.4fdf53e35f2468bed29f.webp
www.thecrimsonmarket.com/static/media/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/diablo4logo_image.4fdf53e35f2468bed29f.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
6a9d493cf2081ae12ea814e3855432ac7d89077694f20b967f5adf00efe75599
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"78e2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
30946
crimsonmarketBanner_web.e0620e3f2385ce3f5fea.webp
www.thecrimsonmarket.com/static/media/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/crimsonmarketBanner_web.e0620e3f2385ce3f5fea.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
a5237814371752b1ceab28731b4075bb8eb23c1114db783ce2f7d8f54096acc4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"a8ea-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
43242
crimsonmarketBanner_webHover.b9c464d6c8c504c3e466.webp
www.thecrimsonmarket.com/static/media/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/crimsonmarketBanner_webHover.b9c464d6c8c504c3e466.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
238c1e87fe1457993631e65ec169c96dec6b39537affa4e9210f6d61b7e8e4c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"9bfe-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
39934
crimsonmarketBanner_mobile.af2d3641fea501a8f3bf.webp
www.thecrimsonmarket.com/static/media/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/crimsonmarketBanner_mobile.af2d3641fea501a8f3bf.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
8ec76bf4afb8ee58d02ff0af0dda483086783f2d01f598a8c7bc2d6d0a72ee16
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"49e2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
18914
header_border.c08f8f240b2775fb4448.webp
www.thecrimsonmarket.com/static/media/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/header_border.c08f8f240b2775fb4448.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
d0361702f45e199305d60bc01985c4c5b6dbe83e218704d7d37eba20fb5d1bf8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"72b2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
29362
24923.js
cdnflow.co/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnflow.co/js/24923.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/js/main.c2f5a3d4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.95.85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
affe3a3f7d44f161697e718e6efd33a7c1c2bd85d0e324e664d8fdab7690d774

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 16 Jun 2024 03:58:56 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zR%2B%2FR%2FAaSxn03B3juQJxMr%2BVrn9U51SNeSmUQcgucNNg%2BK%2F%2FWMruQjbD4kmCk12ByUCbitQ5mljU5pNUtUk1U4yNiQjsKk9ywalkYbnE%2FIt%2Fm%2FtQkjT%2BBiihXyfd"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=86400, max-age=600
cf-ray
8947e4928991a883-SYD
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
ads-1811.js
s.nitropay.com/ 		469 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/ads-1811.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/js/main.c2f5a3d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e461e54ffe0eb70b242f70620c79208f815e699ed084b05d19da75cc8a8e0ec
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1718061970
age
24398
x-guploader-uploadid
ABPtcPpkobZl2KnrHPuDDVcl-8FT0980gOSVFPiD7pNB__fnRCA44UFpXdjYsJJHo-8I2ezKJAM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 15 Jun 2024 20:56:02 GMT
server
cloudflare
etag
W/"e4a02b4f331200944aa6fd30c93f765c:1718484962000:AU"
vary
Accept-Encoding
x-goog-generation
1718062182164954
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Sx4jAQ==, md5=5KArTzMSAJRKpv0wyT92XA==
access-control-expose-headers
Content-Type
cache-control
private, max-age=600
x-goog-stored-content-length
475442
cf-ray
8947e4928bafa81a-SYD
expires
Sun, 15 Jun 2025 21:13:48 GMT
maxrollAdBanner.1bcd89b4485983b8696c.webp
www.thecrimsonmarket.com/static/media/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/maxrollAdBanner.1bcd89b4485983b8696c.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
9e0c5ec84e79402598545fda8cfa40ef02fbcddd1007b7d42464937cda4e7197
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1c012-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
114706
StarforgeAdBanner.e43af86e3753cc1049c7.webp
www.thecrimsonmarket.com/static/media/ 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/StarforgeAdBanner.e43af86e3753cc1049c7.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
2686e83183023ffeccf3d21f9644d53598d0b66985a3a7aae5f3c4a1c6be5404
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2a2c2-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
172738
StarforgeAdBanner_Hover.cc6c2ef72d3d262f200c.webp
www.thecrimsonmarket.com/static/media/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/StarforgeAdBanner_Hover.cc6c2ef72d3d262f200c.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
c38cb75227a169610ad48a6bb19944e32487084052200b15a84b3d89979c6815
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"296e8-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
169704
SteamPointsAdBanner.59c01725f0efa503c2a7.webp
www.thecrimsonmarket.com/static/media/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/SteamPointsAdBanner.59c01725f0efa503c2a7.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
042c6eaed05ef615fe26558aa6f1b07938fb8533814a42bda1204793a9ef824c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1077c-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
67452
SteamPointsAdBanner_Hover.9f2a9c43523a7e829d01.webp
www.thecrimsonmarket.com/static/media/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/SteamPointsAdBanner_Hover.9f2a9c43523a7e829d01.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
fe957c7a4e8627f3c2a6b4b4dd1f289add2e4800e8a9408acc3fbdac96fc6cd1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1123a-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
70202
hammersmith-one-v17-latin-regular.964e5dd101bf3d9cbb01.woff2
www.thecrimsonmarket.com/static/media/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/static/media/hammersmith-one-v17-latin-regular.964e5dd101bf3d9cbb01.woff2
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
7fec385668dd8696487a02bb35060f6bea3b91dca953bf942b95ad6e4bd73a5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/static/css/main.cd9d4ad9.css
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"4c9c-1901c7aa898"
content-type
font/woff2
cache-control
public, max-age=0
accept-ranges
bytes
content-length
19612
discord_button.c8bd69fba633c5c45b31.webp
www.thecrimsonmarket.com/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/discord_button.c8bd69fba633c5c45b31.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
947b6bd77594f47bcd4a65793e8280bf06a66b4514b9e68f1cc980ad27114860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2a4a-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
10826
discord_button_hover.ea8127c20a2a134d81cf.webp
www.thecrimsonmarket.com/static/media/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/discord_button_hover.ea8127c20a2a134d81cf.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
302df49b3ba62fbee350256f737bec51b87c8d842cdf1c270454c5575f55cff2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2bec-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
11244
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXCKKLPT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 22 May 2024 17:01:28 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12104
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXCKKLPT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"9bc4bd8fd6a7603cc1c91cc83fc17417"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1878
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11267327650/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11267327650/?random=1718510426227&cv=11&fst=1718510426227&bg=ffffff&guid=ON&async=1&gtm=45je46c0v9136826146za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Crimson%20Market%20%7C%20Trade%20In%20Game%20Items&npa=0&pscdl=noapi&auid=569239467.1718510426&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PHRQHT3TF9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
a39667a85f1719116d20a6acea7e04ac24600796fa11a01bcae7753794ab008f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inspect.js
js.reactflow.com/assets/engine/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.reactflow.com/assets/engine/inspect.js?sid=24923&url=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&ref=&lastses=0&pageviews=0&returns=0&uid=8dj4nnwe4ig&token=d2o1m812o25&autop=true&lookback=30
Requested by
Host: cdnflow.co
URL: https://cdnflow.co/js/24923.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.85.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
047140fb02f7bc600a7782db76fd3237a70f219cbe86a0ab048b245e681400e0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLYOmEeLUsuleousQLJaTY5CTMbeUyAdcxGFwydeRfhQ70OceKGL6c%2BEau4bxR8eu5h%2BzIgzxT7JgdivCZ7ZOyQnPy37eZm9WDuAk3pbiLhM4bozIpw0GdTVfV5Za4gXMZcH"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
8947e49449b9a874-SYD
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
expires
Tue, 03 Jul 2001 06:00:00 GMT
gather.php
js.reactflow.com/assets/engine/ 		343 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.reactflow.com/assets/engine/gather.php?mode=alphabetGet&sid=24923
Requested by
Host: cdnflow.co
URL: https://cdnflow.co/js/24923.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.85.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
053dda2653e213fcce4e6e4a7eb04cff161b4f4c1e33797d1538c1d29765ad01

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIUnGO1eyoY6mtGvb7fRQLZ62WGrt%2B5w8OBvLnzHX8kezreF4RYY4nCgzunUN7Oew%2B7C16FkNyBovtL4YGa1msWYYtcckPM2%2B8eqXhiA0iSWE4pfMdjsrtr0DZxCNLT0hsSZ"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=86400, max-age=120
cf-ray
8947e4944c84aac4-SYD
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect
www.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PHRQHT3TF9&gtm=45je46c0v9136826146za200&_p=1718510425670&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1070511193.1718510426&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718510426&sct=1&seg=0&dl=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&dt=The%20Crimson%20Market%20%7C%20Trade%20In%20Game%20Items&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=919&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PHRQHT3TF9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.html
wrappers.geoedge.be/ 		3 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-23.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

x-amz-version-id
SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date
Sat, 15 Jun 2024 23:01:12 GMT
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
83951
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3527
last-modified
Tue, 19 Dec 2023 13:15:23 GMT
server
AmazonS3
etag
"6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
bpEmsj395gnv4UOG_diTq1GCJK9Y8zX1ORPKcbMksny9g7imDULpcw==
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 812C 		589 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:34:00 GMT
x-amz-version-id
wid1UMUgODVMT91ndSpQM0U7kf9PtDfR
content-encoding
br
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 16 Jun 2024 03:12:16 GMT
server
AmazonS3
etag
W/"7f0277d487fa11581cfea725f7920122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
U5vAAdysgzbYfwsj7lfwrcmgudVSaKUfSNHn94cm15bKBxKM5-BAqw==
tag
btloader.com/ 		101 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f555a86c9c69cdf8f3329d839245450714b443cf2bd0c7317beea3b9f0a6e851

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 16 Jun 2024 03:38:52 GMT
server
cloudflare
age
1293
etag
"cdea0e967da81498f8d0bf18dd305ef4"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8947e4976e22a80d-SYD
content-length
29467
gpp-bf4f755.min.js
s.nitropay.com/ 		261 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.nitropay.com/gpp-bf4f755.min.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33361bf68bdc76d93661566ef309ec2a3fa2515cbde9de1f0799343474e1aa9a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
448099
x-guploader-uploadid
ABPtcPpDfFqw9s1GLK_uUurlIxUCxEjl0z0hhSFxPE4mO0ncVB8Um1tJvl1wXCS5HJ3nQEN2vncCR3YnUw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 May 2024 05:20:26 GMT
server
cloudflare
etag
W/"30c6e780bb669ffa970e2624c9933298"
vary
Accept-Encoding
x-goog-hash
crc32c=fF0HnQ==, md5=MMbngLtmn/qXDiYkyZMymA==
x-goog-generation
1716873626804716
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=604800
x-goog-stored-content-length
267561
access-control-expose-headers
Content-Type
cf-ray
8947e4976d5eaaf5-SYD
expires
Mon, 17 Jun 2024 23:32:07 GMT
1811
tracker.nitropay.com/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/a/1811?d=eyJocmVmIjoiaHR0cHM6Ly93d3cudGhlY3JpbXNvbm1hcmtldC5jb20vIiwidiI6MzEsImEiOmZhbHNlLCJzIjp0cnVlLCJjIjoiQVUiLCJyIjoiTlNXIn0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
o9.js
v.nitropay.com/ 		781 KB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v.nitropay.com/o9.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.38.229 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
84-17-38-229.bunnyinfra.net
Software
BunnyCDN-SG1-1093 /
Resource Hash
b7e1f0b6cb6c8752fc70e6587a8f3954a1dca3f2aa9d129fdf44efec9f1e36ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
br
cdn-edgestorageid
1022
perma-cache
HIT
cdn-storageserver
DE-566
cdn-cachedat
03/30/2023 21:29:54
cdn-pullzone
602660
last-modified
Thu, 20 Oct 2022 00:05:48 GMT
server
BunnyCDN-SG1-1093
cdn-fileserver
473
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"635090dc-c3556"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
cache-control
public, max-age=31919000
cdn-requestid
b98faae59006bf1555438f87d6b7cffc
cdn-requestcountrycode
AU
cdn-status
200
cdn-requestpullsuccess
True
oa.css
v.nitropay.com/ 		25 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.nitropay.com/oa.css
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.38.229 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
84-17-38-229.bunnyinfra.net
Software
BunnyCDN-SG1-1093 /
Resource Hash
4144937e0db08cfe72f574dda72b1f5f08a1a70614a8faa4e8d8fac6eac1ffd2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
br
cdn-edgestorageid
1030
perma-cache
HIT
cdn-storageserver
DE-165
cdn-cachedat
03/31/2023 10:12:07
cdn-pullzone
602660
last-modified
Wed, 19 Oct 2022 23:21:04 GMT
server
BunnyCDN-SG1-1093
cdn-fileserver
453
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63508660-654d"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
37cca1b2b3608968dce084cddb85ed61
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
openrtb2
a.nitropay.com/v4/ 		57 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
40d3b92dbd5126865b3dd9785f1aaae90802e339d82630d6690a632b0426849a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
auction
tlx.3lift.com/header/ 		19 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		641 B
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef850418688a622c6bbbc03f318da336009f7d1bac07f40de58cd05771565122

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
409
cdb
bidder.criteo.com/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=57619010121&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
97e84bad8a19bdfef26c1704f22c2cc906bce3009883a39f12a6022166b66896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3bebda84da6a1f5306c79259272371a24330b839b2b7b6ab3c379fbc40999bdf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
an-x-request-uuid
c60e2252-0362-4181-a0dc-42e17751b2b2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb2
a.nitropay.com/v4/ 		57 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
01a7f0ca9263919b4423d10d7d2e4bec33f782c30710658aa21e13fa550df77a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
cdb
bidder.criteo.com/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=97519361043&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b6bf04e75b269ebc363813b90ad77f38c8cd582b343e49cb59a332247a4e7d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
ib.adnxs.com/ut/v3/ 		19 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
7c9fe8effa148a1d86538e737b52f1e2fd161047c88d4478b34ad8e680dda9a5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
an-x-request-uuid
66a5dbae-ec8b-430d-b9e3-907445d3218f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		511 B
725 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1dc3f4d4fb442bc98f8bd2e26a7001ad028c366c2e97df31881c943c5dd037d3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
363
auction
tlx.3lift.com/header/ 		18 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
037beb1008f9628e1b5e943f76682fd8928795c80c962d9fccd914332baf92da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
zstd
observe-browsing-topics
?1
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
7696
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
openrtb2
a.nitropay.com/v4/ 		57 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
c827cbf4718d33fd04f915d087087c801913f391d36d6a670217b3cf95fe9730

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
auction
tlx.3lift.com/header/ 		19 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=71914722074&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
v1
btlr.sharethrough.com/universal/ 		507 B
713 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0c1a39344f9c8e4b238efdc60cf17b08fc0361270b7e912820c06df2b0e84fbc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
352
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
1463e5ac0404428174bdd3116a6b322e48af51aa79d816ef4cfe488864ec4403
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
an-x-request-uuid
ac6b0e2c-51e7-4a11-8fe3-4f83772c4ee3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb2
a.nitropay.com/v4/ 		57 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6d7ae92e2bdba10b49026749d82a321f38cb50050c805cfcbde19d8c6cd246b9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
auction
tlx.3lift.com/header/ 		19 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
94bbdd60a9ec068a592dd11ec19b0047944308f0e6e18be6f6e8053a1a31b4ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
an-x-request-uuid
844491ad-81b0-41c4-ab92-eb5213d0d6ea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		611 B
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
28755d6e545969916283b96704f3fba05a662a17a60c7fd8f62fe4532751abc2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
418
cdb
bidder.criteo.com/ 		0
231 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=94054654731&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
openrtb2
a.nitropay.com/v4/ 		57 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
2ccefa227ada56a6ac6c4fb15c47a9fbe4b364627545d7d0d422a519ac2f318f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
openrtb2
a.nitropay.com/v4/ 		57 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
24f2707149722fcf958374790742e44ab26e34cb1378915896861e6e82268fdf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
1.gif
s.nitropay.com/ 		42 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/1.gif?x=1&adslot=
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:26 GMT
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
HIT
age
448098
x-guploader-uploadid
ABPtcPpPCdGoq3Hi_U9R-HiyzAJ0yS5HTNl_CekXZGw9scmuXC5QeXBEyCxeV8P8Aewmhmt5lok
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
42
x-goog-meta-
last-modified
Fri, 22 Jan 2021 08:58:45 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
vary
Accept-Encoding
x-goog-generation
1611305925409947
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=604800
x-goog-stored-content-length
42
accept-ranges
bytes
cf-ray
8947e4988e8eaaf5-SYD
expires
Mon, 17 Jun 2024 23:32:08 GMT
discord_button.c8bd69fba633c5c45b31.webp
www.thecrimsonmarket.com/static/media/ 		11 KB
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/discord_button.c8bd69fba633c5c45b31.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
947b6bd77594f47bcd4a65793e8280bf06a66b4514b9e68f1cc980ad27114860
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2a4a-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
10826
discord_button_hover.ea8127c20a2a134d81cf.webp
www.thecrimsonmarket.com/static/media/ 		11 KB
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/discord_button_hover.ea8127c20a2a134d81cf.webp
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
302df49b3ba62fbee350256f737bec51b87c8d842cdf1c270454c5575f55cff2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"2bec-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
11244
config
pixel-config.reddit.com/pixels/a2_eo5x6ae13p22/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_eo5x6ae13p22/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
a2_eo5x6ae13p22_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_eo5x6ae13p22_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1718510427028&id=a2_eo5x6ae13p22&event=Custom&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=PageViewEvent&m.products=&m.conversionId=&uuid=4c128be4-f08d-4e1f-a6d5-376f7f6f5556&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
main.f74ed22b.js
s.pinimg.com/ct/lib/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.f74ed22b.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
x-cdn
akamai
etag
"446a72b73c00f6022c92a764d3c540bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20114
/
www.google.com/pagead/1p-user-list/11267327650/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11267327650/?random=1718510426227&cv=11&fst=1718510400000&bg=ffffff&guid=ON&async=1&gtm=45je46c0v9136826146za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Crimson%20Market%20%7C%20Trade%20In%20Game%20Items&npa=0&pscdl=noapi&auid=569239467.1718510426&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLu3WygJ_vTAD5XYIEsoghu4ld-_sAsg&random=1034884895&rmt_tld=0&ipr=y
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/11267327650/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/11267327650/?random=1718510426227&cv=11&fst=1718510400000&bg=ffffff&guid=ON&async=1&gtm=45je46c0v9136826146za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&hn=www.googleadservices.com&frm=0&tiba=The%20Crimson%20Market%20%7C%20Trade%20In%20Game%20Items&npa=0&pscdl=noapi&auid=569239467.1718510426&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLu3WygJ_vTAD5XYIEsoghu4ld-_sAsg&random=1034884895&rmt_tld=1&ipr=y
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recorder.js
js.reactflow.com/assets/engine/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.reactflow.com/assets/engine/recorder.js?37ae517057
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.85.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
b45da5817bb39f71840f12c0f08b72695683aa93be7b3a32a4d0fa3e0ed8c5a5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2861223
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 May 2024 01:13:24 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGf3rJGPlHkS155jzRgIcp0h8VdtHZb%2BQWkuGYavtj%2FpitP3A2fWkCZnLV6KoafJBcLVw6pY7bG8RI4xJs2Z1I%2Fw02yGAe89%2B%2BkL3CZBUexoZoJurPWTabtCBVJlV%2B59oKVT"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=25920000, max-age=120
cf-ray
8947e498f83faac4-SYD
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
749533
x-guploader-uploadid
ABPtcPp-mbJH0EqdfqfsCsqkUPrdegTzVAU8sM_rcJrgG5pM_uta1K06yGxgnG7mU1kSyQ5auFh4HB5UJA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ffUL18uu3tSg1q6%2F2u%2FPxrb4HaZsDK0b240kuqPbaUm8EIwptHAvDrrOhQt4uWM9zKWsRsQYwncbm5XubR%2FSf5XAZD0ieRGfRXE1AQXFEarEORVbEIpU%2BfqmuzDYaoZjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8947e4993e435741-SYD
expires
Mon, 17 Jun 2024 04:00:27 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 18:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 18:27:53 GMT
px.gif
ad-delivery.net/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8206529561964795
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
749533
x-guploader-uploadid
ABPtcPp-mbJH0EqdfqfsCsqkUPrdegTzVAU8sM_rcJrgG5pM_uta1K06yGxgnG7mU1kSyQ5auFh4HB5UJA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJdTJOGRUhPNs402vOyewirO2RbA75g1w9451V2hv%2B8%2FhWDl3hUasKOBMNzWtPVSNjcF9Ze2lkl7dtIwza9c7KOPPWZzy%2FiUzskoL6KCbQ36kX7HtfOU4kQSG9KZhweEag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8947e4993e425741-SYD
expires
Mon, 17 Jun 2024 04:00:27 GMT
additional-consent-providers.csv
consent.nitrocnct.com/ 		116 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-bf4f755.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.33.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6186
x-guploader-uploadid
ABPtcPqNLjaJyPDmysseKfJho8PTx1RBDy8ualupAFJlzivQJ7aBsFpmpnnu4f8i8QtQyK8JHQ
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 07:31:30 GMT
server
cloudflare
etag
W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary
Accept-Encoding
x-goog-hash
crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation
1689147090287559
content-type
text/plain
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2B5mGMu72E9UR3EUNgHnnMHMP72pU98%2BTTCWG5%2FRHCm4158mJxxN9ykr68tKwhNqePPYAQrw%2BHSqPdFczowVTK3sYoO6dI24XenfC7FGdZyiSB2a%2B%2F5HF5QIM771PGW2PcGje5iqZP4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
119221
cf-ray
8947e4994e81aaea-SYD
expires
Sun, 23 Jun 2024 01:44:44 GMT
/
ct.pinterest.com/user/ 		321 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614392718996&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1718510427064&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.865586cb.1718510427.70e7390
x-envoy-upstream-service-time
0
content-length
186
x-pinterest-rid
1442264411974817
pin-unauth
dWlkPVlqQXdOalZrTmpJdFlUVXdZeTAwTTJRNUxXSTVOMkV0TWpSaVlUSXlZamN5TUdSbA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		321 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%22bdd85441-bc01-4ee1-98d0-30a35060965e%22%7D&tid=2614392718996&cb=1718510427066&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.865586cb.1718510427.70e7392
x-envoy-upstream-service-time
0
content-length
186
x-pinterest-rid
4723866373122496
pin-unauth
dWlkPU5EZzVNMlV6TURndE1tUmlNaTAwTjJaa0xUa3lNbVF0WkRFNVpEVmxaakExWW1ReA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2614392718996&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thecrimsonmarket.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.61%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1718510427067
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.865586cb.1718510427.70e7391
content-type
image/gif
access-control-allow-origin
https://www.thecrimsonmarket.com
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
1171917876636240
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22event_id%22%3A%22bdd85441-bc01-4ee1-98d0-30a35060965e%22%7D&tid=2614392718996&cb=1718510427306&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thecrimsonmarket.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f74ed22b%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.61%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.f74ed22b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.865586cb.1718510427.70e74f4
content-type
image/gif
access-control-allow-origin
https://www.thecrimsonmarket.com
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
1843610655562100
expires
Sat, 01 Jan 2000 00:00:00 GMT
playlist
a.nitropay.com/v3/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v3/playlist
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
180940cd7768738b5c59e8ac76443f16a2decef3411d0cc03b4f57443bc763d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:27 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.865586cb.1718510427.70e75e8
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
content-length
2108
ct.html
ct.pinterest.com/ Frame 0232 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.99.188.232 Sydney, Australia, ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU),
Reverse DNS
a104-99-188-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

akamai-grn
0.865586cb.1718510427.70e76a1
alt-svc
h3=":443"; ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 04:00:27 GMT
pinterest-version
d80afdeb0d64359b34f4a708f18dc7ee1019dc51
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
4379153449265138
auction
tlx.3lift.com/header/ 		19 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=33721316282&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
prebid
ib.adnxs.com/ut/v3/ 		20 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b9d6b6af662c323ddcb879fc4b91dbfe4934946cda806cf3c009bcd54c1a5f38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
content-encoding
gzip
an-x-request-uuid
5f9c2e11-e81b-44db-9e2a-aec526856ca8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		612 B
740 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1ec78a5c65c2bfaa77df9911792234c6760d5926bda0abd59171aa2a70d19d23

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
379
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 3286 		589 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:34:00 GMT
x-amz-version-id
wid1UMUgODVMT91ndSpQM0U7kf9PtDfR
content-encoding
br
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 16 Jun 2024 03:12:16 GMT
server
AmazonS3
etag
W/"7f0277d487fa11581cfea725f7920122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
U5vAAdysgzbYfwsj7lfwrcmgudVSaKUfSNHn94cm15bKBxKM5-BAqw==
1811
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoibGVmdC1iYW5uZXItYWQiLCJjcmVhdGl2ZUlkIjoiNTU2XzE2XzU3Mjg4OTI0MiIsImJpZGRlciI6ImNyaXRlbyIsInRpbWVUb1Jlc3BvbmQiOjU1OCwiaGVpZ2h0Ijo2MDAsIndpZHRoIjoxNjAsImNwbSI6MC4wODYxNTIsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJEb21haW5zXCI6W1widm9kYWZvbmUuY29tLmF1XCJdLFwibmV0d29ya05hbWVcIjpcIkRWMzYwXCJ9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWFjOC03MDAwLTg5MWMtZDk3ODM0MTNlYjliIiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3NzA5LCJmIjoiMXc4b2xucCJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
n.svg
s.nitropay.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.nitropay.com/n.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
age
174
x-guploader-uploadid
ABPtcPomb5oEvAAFzRafMdiERRoTz57Jf94Pw6JFebr50JhUHP0WSz9sXTFNNJibtB85aeIsZmI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Oct 2022 06:19:07 GMT
server
cloudflare
etag
W/"47ce57ca1cac5f9545f1e2fb9c6bd90d"
vary
Accept-Encoding
x-goog-hash
crc32c=Tm86FQ==, md5=R85XyhysX5VF8eL7nGvZDQ==
x-goog-generation
1664950747723912
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1437
cf-ray
8947e49d3b4eaaf5-SYD
expires
Sun, 16 Jun 2024 04:57:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0550 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGJqxlpECMAE&v=APEucNU3MXjLDcPZozNjH7MPCagYY_7AnbEHx404oYdHuCCRMZX7cB2uVe6hSrrhBGKQtiKGV2XbYbLkBNDjXPzVMu1BjEsaNgeA9PV1llryVDuBf4bs1x4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 04:00:27 GMT
expires
Sun, 16 Jun 2024 04:00:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3286 		0
0
tpd
cat.sg1.as.criteo.com/ Frame 3286 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3286 		0
0
sync
apac-jp-sync.bidswitch.net/ Frame 3286 		0
0
https_A_B_Bghent-gce-jp.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCBqGBW2NuZtuDDLKqid4P5I6a8A7jtpiPePD94vOAE5EvEAEgg____3mH2ClgI...
media.grid.bidswitch.net/imp/tnAIM8QGxcS0cNfyxxxk4fyT5FUh4Xc_pH5GpvEN0oK_rgsmMGA-YNocgiqEAadOUMte43Op8C37LMlMIsPQ9-q5tY7L3B0lTwvF7VVu3Cpf6dN1koZ_fflsulzzNP6rVR7TZNJl1LGFUoT2I7jALP_mjNXzjI0BNRqsXp_F... Frame 3286 		0
0
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 3286 		0
0
cdb
bidder.criteo.com/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=49530796002&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d445cee0d5b64938a0f11e36a6316d3c97ebb5accda3d7a891e3292b71d27d26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
tlx.3lift.com/header/ 		19 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4a605a5951e2ba7a2595c95b0142a5d82451bc9983e4757a0701edbaf5e193d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
content-encoding
gzip
an-x-request-uuid
cada20bd-96d7-4eb7-876b-8bc3fba99758
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		574 B
729 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
70eadc784f58537235a4fde6c87f808a31fd88b9f1ddb60a62e8b98ef781247b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
368
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 19B8 		589 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:34:00 GMT
x-amz-version-id
wid1UMUgODVMT91ndSpQM0U7kf9PtDfR
content-encoding
br
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 16 Jun 2024 03:12:16 GMT
server
AmazonS3
etag
W/"7f0277d487fa11581cfea725f7920122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
U5vAAdysgzbYfwsj7lfwrcmgudVSaKUfSNHn94cm15bKBxKM5-BAqw==
nmedianet.js
contextual.media.net/ Frame 19B8 		0
0
log
qsearch-a.akamaihd.net/ Frame 19B8 		0
0
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 19B8 		0
0
trk.js
cdn.adnxs.com/v/s/244/ Frame 19B8 		0
0
it
sin3-ib.adnxs.com/ Frame 19B8 		0
0
1811
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjQyNjYxOTA3OSIsImJpZGRlciI6ImFwcG5leHVzQXN0IiwidGltZVRvUmVzcG9uZCI6OTc4LCJoZWlnaHQiOjYwMCwid2lkdGgiOjE2MCwiY3BtIjowLjAyMTExNTA3OTk5OTk5OTk5OCwiaHJlZiI6Imh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tLyIsImFjY2VwdGFibGUiOmZhbHNlLCJtZXRhIjoie1wiZGNoYWluXCI6e1widmVyXCI6XCIxLjBcIixcImNvbXBsZXRlXCI6MCxcIm5vZGVzXCI6W3tcImJzaWRcIjpcIjExODgyXCJ9XX0sXCJicmFuZElkXCI6MTIxMzUyOH0iLCJyZXF1ZXN0SWQiOiIwMTkwMWYzNC0xYjFmLTcwMDAtYjFmYy1kOWI4NmMyNTMwNDEiLCJjIjoiQVUiLCJyIjoiTlNXIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0aW1lc3RhbXAiOjE3MTg1MTA0Mjc5MTcsImYiOiIxdzhvbG5wIn0%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjQyNjYxOTA3OSIsImJpZGRlciI6ImFwcG5leHVzQXN0IiwidGltZVRvUmVzcG9uZCI6OTc4LCJoZWlnaHQiOjYwMCwid2lkdGgiOjE2MCwiY3BtIjowLjAyMTExNTA3OTk5OTk5OTk5OCwiaHJlZiI6Imh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tLyIsImFjY2VwdGFibGUiOmZhbHNlLCJtZXRhIjoie1wiZGNoYWluXCI6e1widmVyXCI6XCIxLjBcIixcImNvbXBsZXRlXCI6MCxcIm5vZGVzXCI6W3tcImJzaWRcIjpcIjExODgyXCJ9XX0sXCJicmFuZElkXCI6MTIxMzUyOH0iLCJyZXF1ZXN0SWQiOiIwMTkwMWYzNC0xYjFmLTcwMDAtYjFmYy1kOWI4NmMyNTMwNDEiLCJjIjoiQVUiLCJyIjoiTlNXIiwidHlwZSI6MCwiZHVyYXRpb24iOjAsInJlZnJlc2giOmZhbHNlLCJ0aW1lc3RhbXAiOjE3MTg1MTA0Mjc5MTcsImYiOiIxdzhvbG5wIn0%3D&v=false&t=0
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame E538 		589 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:34:00 GMT
x-amz-version-id
wid1UMUgODVMT91ndSpQM0U7kf9PtDfR
content-encoding
br
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 16 Jun 2024 03:12:16 GMT
server
AmazonS3
etag
W/"7f0277d487fa11581cfea725f7920122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
U5vAAdysgzbYfwsj7lfwrcmgudVSaKUfSNHn94cm15bKBxKM5-BAqw==
ttj
ib.3lift.com/ Frame E538 		0
0
notify
tlx.3lift.com/header/ Frame E538 		37 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.942&ts=1718510427&aid=23467352917286761170240&ec=5989_123802_564367576&n=GgDyAsQCCAASFzIzNDY3MzUyOTE3Mjg2NzYxMTcwMjQwGAAgASjlLjCaxwdAAUgBUAFgCmgAcPJXkAEAmAEAqAEAuAFkwAGuB8gB9gjwAQD4AfYIgAKuB5ECAAAAAAAA8D%2BZAlzKTFFnZsY%2FqAIAsAIByAIE2AIA%2BAKFL4ADoAGIA9gEkAMAmAMAoAMBqAMLuAOJqQnIAwDSAwk1NjQzNjc1NzbaAwk2NDA3OTYzMjfgA7%2Fi0HLpAwAAAAAAAAAA8AP2CPkDAAAAAAAAAACABAmJBFK4HoXrUcg%2FuAQMwARXygQfCAMZAAAAAAAAAAAhAAAAAAAAAAApexSuR%2BF6hD8wAMoEHwgFGQAAAAAAAAAAIQAAAAAAAAAAKfB5ZkKSmZm%2FMAHQBADaBBkyMzQ2NzM1MjkxNzI4Njc2MTE3MDI0MCAx4AQA8AQA%2BAIMiAMAkgMEYzYyN5gDAaADl%2BkgqAMAugMNMTIxLjEyNy40Ny43NA%3D%3D
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 15 Oct 1992 20:10:00 GMT
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-encoding
gzip
vary
Accept-Encoding
content-type
image/gif
1811
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjU5ODlfMTIzODAyXzU2NDM2NzU3NiIsImJpZGRlciI6InRyaXBsZWxpZnQiLCJ0aW1lVG9SZXNwb25kIjo1MDksImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuOTIzMTYsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJOYW1lXCI6XCJoYmYuY29tLmF1XCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImhiZi5jb20uYXVcIl0sXCJtZWRpYVR5cGVcIjpcImJhbm5lclwiLFwibmV0d29ya0lkXCI6XCI1OTg5XCJ9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWFlOC03MDAwLThiY2MtY2NkZjRjZGY0ZTM0IiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3OTQ4LCJmIjoiMXc4b2xucCJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoibGVmdC1iYW5uZXItYWQiLCJjcmVhdGl2ZUlkIjoiNTU2XzE2XzU3Mjg4OTI0MiIsImJpZGRlciI6ImNyaXRlbyIsInRpbWVUb1Jlc3BvbmQiOjU1OCwiaGVpZ2h0Ijo2MDAsIndpZHRoIjoxNjAsImNwbSI6MC4wODYxNTIsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJEb21haW5zXCI6W1widm9kYWZvbmUuY29tLmF1XCJdLFwibmV0d29ya05hbWVcIjpcIkRWMzYwXCJ9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWFjOC03MDAwLTg5MWMtZDk3ODM0MTNlYjliIiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3NzA5LCJmIjoiMXc4b2xucCJ9&v=false&t=210
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1811
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoibGVmdC1iYW5uZXItYWQiLCJiaWRkZXIiOiJibGFuayIsImhlaWdodCI6MCwid2lkdGgiOjAsImNwbSI6MCwiY3JlYXRpdmVJZCI6IiIsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWIwNS03MDAwLWJmYjEtM2YzMGExZTI3ZGVkIiwidGltZVRvUmVzcG9uZCI6MCwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3OTU3LCJmIjoiMXc4b2xucCJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		253 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83050dcbb586aef632ab267b90d3a108fe6f7cb8c7ec80c010603b8b58025807

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54bbcb24307b2779cb1a3a1384ab390ce45c96ec0c72e5a946122c91e8a6029b

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
manifest.mpd
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/manifest.mpd
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
a26b3dff7b6d094d1534a88dc29803a1c5142319efa8ddb1739a2717497b05e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
979
x-guploader-uploadid
ABPtcPoJ0gVSMm8sMXyZSZ7DCDK7TJFVI8Gu89dTg3McyhRyXb3Z87qZ9JTE2jNlTMzaqt2UqsUAWwLHXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
cdn-cachedat
06/12/2024 18:01:23
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
content-length
8400
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653326769
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-hash
crc32c=88BQIw==, md5=TZYlV4/asZ+XaR9XrsGe7A==
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
8400
cdn-cache
HIT
cdn-requestid
a474ecaae900344405bf37c7b4e7a66f
accept-ranges
bytes
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d665d55cbf98b91edfa41f6bb5f3c97fe813c8cb4690522e2610cd78da67700

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
manifest.mpd
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/manifest.mpd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
a26b3dff7b6d094d1534a88dc29803a1c5142319efa8ddb1739a2717497b05e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://www.thecrimsonmarket.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
979
x-guploader-uploadid
ABPtcPoJ0gVSMm8sMXyZSZ7DCDK7TJFVI8Gu89dTg3McyhRyXb3Z87qZ9JTE2jNlTMzaqt2UqsUAWwLHXw
x-goog-storage-class
STANDARD
Content-Range
bytes 0-8399/8400
x-goog-metageneration
1
cdn-cachedat
06/12/2024 18:01:23
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
8400
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653326769
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-hash
crc32c=88BQIw==, md5=TZYlV4/asZ+XaR9XrsGe7A==
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
8400
cdn-cache
HIT
cdn-requestid
a474ecaae900344405bf37c7b4e7a66f
accept-ranges
bytes
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
flavicon.ico
www.thecrimsonmarket.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.thecrimsonmarket.com/flavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
1109c745650a162bef4ed1b67aad881a0f37a84a4fae4e91c2e62663f2c3cf1e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:17:33 GMT
x-powered-by
Express
etag
W/"5de-1901c79a6c8"
content-type
image/x-icon
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1502
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 1765 		589 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:34:00 GMT
x-amz-version-id
wid1UMUgODVMT91ndSpQM0U7kf9PtDfR
content-encoding
br
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 16 Jun 2024 03:12:16 GMT
server
AmazonS3
etag
W/"7f0277d487fa11581cfea725f7920122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
U5vAAdysgzbYfwsj7lfwrcmgudVSaKUfSNHn94cm15bKBxKM5-BAqw==
nmedianet.js
contextual.media.net/ Frame 1765 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7&ydspr=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.108.27 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
98245f3e2039775e0d9478c4123b400f352a44468dd0fd622e64ad7414b2d157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-mnt-h
22-s1v0
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 16 Jun 2024 04:00:28 GMT
server
Apache
etag
"d0b05593584e7e4b0f3c469e3d28211d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
37334
expires
Sun, 16 Jun 2024 04:05:28 GMT
log
qsearch-a.akamaihd.net/ Frame 1765 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=7febcfc8538f80d7bb7df6039ca372a6&algo=default&bdp=0.0900&bidfp=0.0000&capd=0&cc=AU&cid=8CU2CV286&crid=752115612&ct=Sydney&dc=apac_sg&dfpbd=0.0432&dn=thecrimsonmarket.com&iwb=1&ogcbdp=0.0900&other_bids=0.09&other_prv=460&pbshr=100.0000&prdp=0.0432&requrl=thecrimsonmarket.com%2F&sat=1&sc=NSW&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=2273450&ugd=4&ver=9.6.13&cliIP=2038378314&time_stamp=2024-06-16%2004%3A00%3A27&seat=BID_API&itype=appnexus_experiment&req_id=1068367579246123691&dfp_bucket=0.0&level_base=0&bdp_bucket=0.1&app_type=prod&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36&br_ver=126.0.0.0&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_others_1-cid_1&ogerpm=0.0900&ogerpm_used=false&rawbid=0.0900&totalTimeBucket=2&as_cache=1&sub_bidder=196&current_day=0.0&current_hour=3&cut=52&floor_bucket=0.00&model_version=202406160226_generic_others_1-cid_1&erpm_bucket=0.10&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.3400&stid=31814545&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=0.8207&bdp_wider_bucket=1&splid=31814545&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=50&advurl=similarsearch.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-common-54947dd674-89m8r.SG&dmm_m1=2024-06-16%2004%3A00%3A27.906943835&bd_d1=500671&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0900&adtyp=0&gpid_format=DEFAULT&gpid=31814545&gpid_sent=true&pst=EMS&bcrid=426619079&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=21&wsip=mowx-778b57b645-hb2m8&rel_cut_bkt=50&djvm=9.6.13&optimal_cut=0.0&cut_cluster=0.0&skip_dmm=0&dma=898&bro_isapp=false&bro_iswebview=false&bro_cookie_support=false&devbrand=Google&devmodel=Chrome%20-%20Windows&zip=2000&szs=160x600&win_rate_wt=9.0&margin_wt=4.0&dmm_co=def
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.201 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 16 Jun 2024 04:00:28 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 16 Jun 2024 04:00:28 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 1765 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Sun, 16 Jun 2024 04:00:28 GMT
x-guploader-uploadid
ABPtcPqFW0rqw3lNHOwTyPrD2OQcL7W0ot1SAeeRqZx3zgh80wJtGDF9uJHC-iLxNVkv9OnIcb8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Sun, 16 Jun 2024 05:00:28 GMT
trk.js
cdn.adnxs.com/v/s/244/ Frame 1765 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/244/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.57.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-57-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0925deab3dc0ca10e7df8e8664eeefaabf037f246e17f3a4cc57dbd2918eaa18

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 04:00:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 May 2024 05:00:50 GMT
Server
AkamaiNetStorage
ETag
"1cad5a6edbbf8da3391ec0f9966ccca0:1716267650.316022"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Mon, 16 Jun 2025 04:00:28 GMT
it
sin3-ib.adnxs.com/ Frame 1765 		0
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.thecrimsonmarket.com%252F&e=wqT_3QLeBfBM3gIAAAMA1gAFAQjbxrmzBhDZ3euOj465jxoY1-qqhcLAnMpNKjYJQpdw6C0epj8Rd_e5BwwFoT8ZAAAAYI_CxT8hd_e5BwwFoT8pQpcJJMgxAAAA4FG4nj8wkeeVDzjzPEDqXEjgA1DH4bbLAVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCIWh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tL4ADAIgDAZADAJgDF6ADAaoDQRIYMTA2ODM2NzU3OTI0NjEyMzY5MV9zYmlkGhMxODgyMTkyODY4MDMyNTczMTQ1Igk0MjY2MTkwNzkqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMjEuMTI3LjQ3Ljc0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlJliIBQGYBQCgBau1iZTy1ObpDsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF2IhK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-eMC2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAboHCCoEMS0tLUAByAcA0gcNCRExAS8I2gcGAWfwpBgA4AcA6gcCCADwB5bOCooIcgpuAAABkB80G3gaHuRw8dru2QNMVF_eG4X0tv4pQmQ-9lcZlyfYtaXGlM7-2gkJOObbyU00z2EROYBCnWyEJoqASUYir0uLfj0ckxv0fLS9N5OpmT8XtwjngcWCp3D11mUe9nEjplt-8aVeb1Bh_Y0QAZUIAACAP5gIAcAI_uEB0ggJCP___z8QABgA2ggECAAgAA..&s=00086beaa12997bdc831098a7f4794c0a38ffed8
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
an-x-request-uuid
cbb4bf89-a93b-4c5e-951e-ca1381c5fcfb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1811
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoibGVmdC1iYW5uZXItYWQiLCJjcmVhdGl2ZUlkIjoiNDI2NjE5MDc5IiwiYmlkZGVyIjoiYXBwbmV4dXNBc3QiLCJ0aW1lVG9SZXNwb25kIjo2OTIsImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuMDMyNTc3MTYsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImRjaGFpblwiOntcInZlclwiOlwiMS4wXCIsXCJjb21wbGV0ZVwiOjAsXCJub2Rlc1wiOlt7XCJic2lkXCI6XCIxMTg4MlwifV19LFwiYnJhbmRJZFwiOjEyMTM1Mjh9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWI0My03MDAwLWE2MGYtNjVkZGQ3NmUwNzkxIiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI4Mzk5LCJmIjoiMXc4b2xucCJ9
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjU5ODlfMTIzODAyXzU2NDM2NzU3NiIsImJpZGRlciI6InRyaXBsZWxpZnQiLCJ0aW1lVG9SZXNwb25kIjo1MDksImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuOTIzMTYsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJOYW1lXCI6XCJoYmYuY29tLmF1XCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImhiZi5jb20uYXVcIl0sXCJtZWRpYVR5cGVcIjpcImJhbm5lclwiLFwibmV0d29ya0lkXCI6XCI1OTg5XCJ9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWFlOC03MDAwLThiY2MtY2NkZjRjZGY0ZTM0IiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3OTQ4LCJmIjoiMXc4b2xucCJ9&v=false&t=438
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grumi.js
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame D4FF 		589 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:34:00 GMT
x-amz-version-id
wid1UMUgODVMT91ndSpQM0U7kf9PtDfR
content-encoding
br
via
1.1 ddbdc753f03fb9542b090928fc2d074a.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
age
1588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 16 Jun 2024 03:12:16 GMT
server
AmazonS3
etag
W/"7f0277d487fa11581cfea725f7920122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
U5vAAdysgzbYfwsj7lfwrcmgudVSaKUfSNHn94cm15bKBxKM5-BAqw==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGJqxlpECMAE&v=APEucNUAG97FGneonZkiBpQZT7kZMK5SE8Z1F9_a84FBOYFUi30z9u4erMB1AXcsUWsqejQ50N2ExnOw9H05k8vbaaT1hv98mDFM01W5D5n5lhx7tR7RHhI
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 04:00:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D4FF 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35122
x-xss-protection
0
server
cafe
etag
2418474175030562626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 16 Jun 2024 04:00:28 GMT
tpd
cat.sg1.as.criteo.com/ Frame D4FF 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/tpd?dd=i39xA19hQTRCTHl6OXpBJTJGMGNtJTJCVjFlVUdyUG5DRzlBbXN1VXJsZFFTYlFHOXlWUjhwTkxvN3N3U1Y5dUpTak5CJTJGekhtaVMzWTBPJTJGRDk0VW9kdHJGblR3dFpxSmdBMFVWck56NnJwUGY5YUI2WEFPYXRqaFpWWHdJM1NRSXJVV1ZVdWd4Y2lIYlNKNktsRnV4JTJCOGhzU1JhMSUyQjNFS1d0THlYUlgzYmFadW5EdGtyQ2V0N1hFbmRpdnNVaCUyRkpERE05a2xUQk5zRmoyZWZMWm83VkRyckJxM2JqVzdHJTJGVmNyMFVnOGxpYkMlMkZRWGpNTEllelQyR1lqSGhHakRxNHhBblkyWUE3UjFocjZmaDFMM3pSS2ZIVzR6YWJaeDJsZ1l6dEFnVTVkR2tXeXAlMkIlMkY1b2oyekRUcjUwYXpOM3ZtJTJCZUtjQjY2OVRVRjBBWThHanNnakQ3Mlp2aEolMkJjemIlMkJlYVhzMmxlVHlKUzNOM3JLaSUyRlhCUURsQjVGaVcwZzBxTjd6Qm5YVW90a2VYVWZreHZDQ1FaMXRjS004OEFYbjRhckF6VUJWWXFxOWhYNXJKRiUyQkpoVjdCVkFDUzM3SktiJTJGSzJVY0xxSCUyQlltUm00emNKZlpncW5FTkNQWnlscmtOeXVIVTlXM1FrVnl6cTh3RzQ0d2pDMVdvZm8wS0dFRE0wUTNzcnl4aENrUlMyY2xyWGtJdXE0VGRjJTJGU0FEV3dBZXhKdjNEZnkwazVPcndhbG50JTJGREZwTmNHYXNjaFhYYXZ4d0tSblFvSzVoJTJCWGlHM0NmWmZPUnZ3NmhBNkRkR3ZjNEtrMG14YTROMGdoRERscHRJJTNE
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
474799
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4FF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DnLghm_1Ms7wPBBWFbP9w1YU9uKnk8fDiJdk_IVoOKMzfLvaeH4dos8pSrFsxZ8H0phjQEtpgVXO9vRkg5m-Um4ZfdZTLjTVHbsuLcb_s1Ts1flwQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
apac-jp-sync.bidswitch.net/ Frame D4FF 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apac-jp-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 04:00:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
moatad.js
z.moatads.com/iponweb503341958152/ Frame D4FF 		318 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/iponweb503341958152/moatad.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
036bdc0553a647c807c73a07d98eacbd0d0df44fcffaca637b0eeb3cbb15d6a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 04:00:28 GMT
content-md5
HLuefsMpUKtA4baoPNh6iQ==
storage-tier
Standard
content-length
110843
last-modified
Fri, 31 May 2024 13:04:23 GMT
opc-request-id
iad-1:pFnMWWNGz2S6BEjJr3Yp0NHq9VrA5i-bHZDGZP4dNeQs_0z0vCkm7s5G5-n9Slaw
x-api-id
native
etag
678b637d-4815-4c2b-b6cb-52dd0a1224b1
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
3527fe68-9d8f-4d3e-8410-b3f5a6c6b95a
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=8212
access-control-allow-credentials
true
accept-ranges
bytes
https_A_B_Bghent-gce-jp.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCOgtGXGNuZpaeAbmVpt8PpoSXwAXjtpiPePD94vOAE5EvEAEgg____3mH2ClgI...
media.grid.bidswitch.net/imp/5e3OgcPvXlPw4pmf-1SSolaPT2KUCTmdXAVzrAJaDwz6t-WHxST2gxieUEOoVbusD1YtWEGqrrg-IGCtRxRz7q6Au4mqhV5T9gYo9zxUPFSX5acUOhlbxMdy5CM7JcnZrrROQAjf__kClmOGDfdZ3MwKCHj_74gosgnlhel1... Frame D4FF 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.grid.bidswitch.net/imp/5e3OgcPvXlPw4pmf-1SSolaPT2KUCTmdXAVzrAJaDwz6t-WHxST2gxieUEOoVbusD1YtWEGqrrg-IGCtRxRz7q6Au4mqhV5T9gYo9zxUPFSX5acUOhlbxMdy5CM7JcnZrrROQAjf__kClmOGDfdZ3MwKCHj_74gosgnlhel1GHc4uz1qfckJOrCNVRk2FXPO0htU8pIuibhcsAbYri4Kd9GW-Yz86Jx3RmLwHVCdvBtoHXWq5JbR5tX9V4cVBAQB9cgLNgyPmIvH6VkqGdxhurViskY9GyChtrrs6hqRjo2DQKN-pVtOlEzEA3sET-4vxvQHNA_PjSjG1NFZcZd7i82InOJ3g1TfGpQ55jM-UO3YPAfVPyINCY-9r2tsC5Saa166OGGIIIQs0w/https_A_B_Bghent-gce-jp.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCOgtGXGNuZpaeAbmVpt8PpoSXwAXjtpiPePD94vOAE5EvEAEgg____3mH2ClgICAkAGgAaO-9JIByAEJqQLU6o1RrTKmPqgDAcgDmwSqBP4BT9Ctscb-kUl7iYCgUrBNcItV2hJ6CWUz-hqlKE8xxGh82KM-JfBMZ____XYdFnGh8qasIRzSDAXAK1N1jT6sN-iKgmtQqxvkXxJMvbaGmkh7l7owwuUyBh4NalEkbUcvWp03KdNhsENq7CURtZ-0QdDC61RtZI69jZw3cofv6PnIn1TVNvrhafItM5CySQRzJz8QlGvzqYSEBNbE8zXVqh18Y5jpCJlK9mo3-DNpc-w7Iwr0OyV6SiiI5uK9eKolifO8MqZJvh42jrxjbCVT0jB95gQrbWfFeWijLox3XuhASyESY0Pdxrq1I8vXX5ED5iOfE1M3QQ22yqM0yCWBR____ABI6N4PrUBOAEA4gFyM6bvk-SBQYIAxABGAGSBQYIGxABGAGSBQsIIhABGAFIp____OyApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAHxcGL7QKoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH____p6xAqgHr76xAqgH98KxAtgHAPIHChDY8AcYmrGWkQLSCCQIgGEQARhfMgKKAjoJgECAwICAgKAoSL39wTpYoJzrnJ7fhgPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2UwNjBkZYAKBMgLAdoMEQoLEIChk5nHoZy2mgESAgEDsBOR9oAYyBPe1YnlA9gTDYgUAdgUAdAVAYAXAbIXCAoGCAASABgAshgJEgLraBhMIgEA__Jsigh__RBFi6SEL6b0M__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDaQooLf4wVPykw7d-NSreGkt33mCOHPpHd05SIZZhb5sCAFQmiB6Ht8____bXYvV1____zbwGAE_B6oZyK8-MXUOmz2elSrjL3sOcrFa4817MBC1jHqE1JNQz92B-2i9O7mPnE__W7__7GibaLqXaVObRukOGYTqYpjH2nFuZzzVed4FefqwCCHDpyPuvGh-abghCA8kCFtKPqzNHM4A9Fy6lpazB1fu-sLnFGfUhdSUpD3t9-mSjjxOcYfHnr7jaiRP2wVBoMcYdln1ae7SOfH8BFH5CaEAACBENvPQblnwehHNJMs7kuAVrYJqnJlPHv9mZbjN6RAhnE7zNXxsRQTngkQfrn3HetDzCxhvTAGLYFTmVVlOXTsx__X9rY1pz7PynwHH8z8GoC__o0uQbUNYUbPIIVnf__A__Im0RtwR5VX9gCcByUqOsuoL71710SyWi6N0vitfze-vvNmWEPdprwf7WHGg-ZPvI9F6ECmtcfRgAmbB38N3CSRSMCclhQkitCBmKRkiDj__H-sxv-eHIZ675NeJ2FTUMi__vGx1__Gj31eUsZdhdmV-iH7hDDQFUaEqyfx____ZSlIBnjETBNup-BghT9UTjPKjU7zje__CakLQMyKDEh4E__Ntuzc5TCRu9tEAnDIi8RDzNF8t5rK5__v3mWWMn03LC0qyshvKh013NmtS8q5NrazaMU5VSmRLUGjAe5hjZt9AMdc6590LlLzaiNZoKMqN90x3OvFTCDj9zaiLEPt3puZ____Qun__SKiKYXaTKmOWsTnIjdLpHxZc2BZMa-Iu6qMq65SRDz9tarQfKyU7MrgBLgE28Z51nyA7urZqdbsTRHD7J8b4rbnbe__xZBC3zktLh5rWo2lkRyXbJQaBaebH5v3kPY1FiYKiIBhDYjlHt14GzBFBvG770UDwx5DrMnXouh6RJs3uwraBSA3uDg7NETZnKi4hW1gaWya5Xp4zgJcru8XytomaAiFvorM5bhQczaFPx5WKTeVxFWjXiIofOXbr6SC7AfFfgFCNp7GMT__97pFKQPXYKwBFK1yF3PCIRRiapQU5hqJ0baV7dnqCUNkFJALKusU8SodB0PRGrK1ayGQ-0yghpxjcyfpWtrwho6562SADsr5WxZES-f5SSIH8Jk5YP5eO2k-77Qgsi5lItHyk-soHMfjRDuGjATGBKPh__pxiBdCwBtAJWE__vWfELBE-TlzsVU8owJ6mVrjO7-UZWmHO7ZaP-UafA015mGZ10c1X1VJY6v876ncV-oL1Iv9dgxkm6ucjkozrVvsqnf0PBIO__t4yLsirtG9-Oae1qhGYSlMuf7TM9WnT4feEU42VZOWYxr0oNsv3O5EwefEFtbS_B
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.34.3 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
3.34.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 04:00:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-overlap
grid-mercury.criteo.com/notifications/ Frame D4FF 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=thecrimsonmarket.com&bid_id=9a5d756e-3589-4447-862b-0478dd3d7573&ads_txt_id=98HKW6&has_bsw_id=0&bid_price_usd=0.113608
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.140 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
1811
tracker.nitropay.com/i/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjU1Nl8xNl81NzI4ODkyNDIiLCJiaWRkZXIiOiJjcml0ZW8iLCJ0aW1lVG9SZXNwb25kIjo1MTcsImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuMTEzNjA4LCJocmVmIjoiaHR0cHM6Ly93d3cudGhlY3JpbXNvbm1hcmtldC5jb20vIiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJhZHZlcnRpc2VyRG9tYWluc1wiOltcInZvZGFmb25lLmNvbS5hdVwiXSxcIm5ldHdvcmtOYW1lXCI6XCJEVjM2MFwifSIsInJlcXVlc3RJZCI6IjAxOTAxZjM0LTFiNTItNzAwMC1iNDVkLWNmZTUzNWUyZjUxNCIsImMiOiJBVSIsInIiOiJOU1ciLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcxODUxMDQyODQ0NiwiZiI6IjF3OG9sbnAifQ%3D%3D
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 2F3E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2430&&kkdd=3*%7CH%7CAn*9&5t=(w(Kf(sRFKK7KfDRFFD&ZYbp=s&aobV=s&Oovb=s&~Y5=(Ff7&lo~3=-fLF&~tY=KdrRWC!Bw&~b~Y=wpXb(wW~psYPy8-1rFAZ4m%3D%3D&~ptY=FfF7LRKfs&ot_3=(7s47ss&~~=Ur&o~=ABC&~vTa=iUXx2Ag&btY=Kc2N!irmK&lbtY=6F(LLRF&vllbo=(&ppp=l_XHv-~MH-HlPfdpy25xK.gP1OMslswSc(W1b-GD3E9Y6YbLqLuZEU%3D%3D&To3=f&MO=(&SZY=R&VYl(=KdrFd)FK7&VYlF=wfF((f7(F&eYVlV=oYF%3DTSMM*tSpMyM%3DFs*.Z3pba%3DsIsD*5Oy34~%3DsILR*5toyoY%3DLwK*Y~F%3D(*o~Y%3DToO*5yVoT%3D7ss7K*5MFpyoY%3DFsFRs7(f(w*tSpMye%3D(fFKIK7*SpMylQ~%3Ds*olY%3D%2F%23M3qlHeVTT3pHVY*MVol%3D*5toySpMye%3DsIwL*tb%3DFYCc9U*qee%3Ds*5toySpMyM%3DRs*pttbSV%3Ds%2Cs*3l%3Dw*p~%3D(*ptoStY%3Ds%2Cs*p3qyp%3DfYw*pboyoY%3DFsFRs7(fFF*5toye%3DwKFIKL*SpMye%3DsI7f*5MFpySpMye%3Ds*5MFpySpMy5t%3DFF*SpMyl5t%3Ds*3~by33p%3D(IKD*SpMyM%3DFs*Z~Vl%3Dfss7w(*ee%3D(D7*55%3Ds*MFpye%3D(sss*3pba%3DsIsD*5MFpySpMyQ~%3DsGs*ea%3D(*VLbye%3DFIFR%2CRDIKF*otY%3DFfF7LRKfs*oY%3Ds*StY%3D(i3k_N5TQs!S6MOMU_*elY%3D(7fFFf7sLLsw7wD77D7sLL(RDRDDfFLL77fw7DL(wws(FwfKsRfLK7KsRs7(w(RsR7sKwswwRDssFDsDsRfDFRDfRDsKKKLRwFDRf(fF*5OS%3DsILR*YFbyM%3D(s*Lb~q%3D(sss*Sta%3Ds*VbbyT%3DT.TyVbb*YaayolpZ%3DvVpa.TJ*5pySpMye%3DwLFIK7*YFbye%3DsIDw*ey_%3DFsss*.ZYFbye%3DsIDw*5SpMye%3DsIDf*eSZY%3DR*oo%3DAU*~~%3DUr*StO%3DH(*~3%3Ds*pboye%3DRDIKF*5SpMyM%3DFs*dz%3DL(wF*QeyS~%3DHF*Tlo%3D(*Qey~~Qo%3DHF*~l%3DoJYT3J*34bo~.p3%3DH(*be%3DsIR*eVotoF%3D(D7*eYl%3D(w(Kf(sRFw*eVoto(%3D(D7*toX3q%3Ds*t5SpMye%3D(Is7*totq%3Ds*etY%3DsIsD*Y~%3DK*5MFpye%3DFIFR*t5SpMyM%3DFs*~eYb%3DsIsRL*tlJb3ytY%3DF(*o3MM3pylVZytY%3D%2F%23M3qlHeVTT3pHVY*oSbbMJylVZytY%3DL(K(RfRf*5t3OVetMtlJ%3DsILR(fK(*b.o%3Ds*~Vppt3pzY%3Ds*.ZetY%3DsIsDssss*eqMp%3DsIsss*oStY%3DffDsF(KLDDfFw(FFF7L*Yl~%3DVbV~yoZ*Yaay3pba%3DqVMo3*Yaa%3DvVpa.TJ*eYb~VbY%3Ds*YVMZ%3DY3qVSMl*tToM%3Ds*o.eb%3D*vlaM%3D(*Y~Sl%3Dfs*Y.Ze%3DsH(*Yaayoqa%3Da.O4yBJol3ayR7s*te~%3D(*To_%3D(*lZo%3D(7s47ss*eoV%3D)(*eoe%3DL*eob%3DH(*la4%3DKf*a4eQl%3Ds&Tl5=s&aaa=VxdKdZDRRVO-m_dZm5ZZHPYQN~RAvzYm7BHaU(dv2C~zNdEUcmcGvU%3D%3D&tO=(7s&tTzqp=(&eYpzY=R7s&etY=LffFR7&QllM3=6v3%20dptao.T%20xVpQ3l%3A%20i.a3&a~q=w7R7R&V~tY=wq3e~q~KfLKqKsYweewYq7sLD~VLwFV7&JYobp=(&QVlbp3=(&QVletY=H(sL&~VY.aVtT=l_XHv-~MH-D.ubkOa341Bob)FQb!Ulie8rDKMMrMl5G%3D&JbMb=(&totY=f&VY5=BtatMVp%20B3Vp~v&V~l=c!z%2FR%2FLT4Vqqq_R4S_3ARSRqp4A%2F_3RSULA&bZtY=bsfRwRDDLRwlFsFRs7(7sRss&bZtYo=(&ooMY=%7B%22ootb%22%3A%22(F(I(FwIRwIwR%22%2C%22oo~~%22%3A%22Ur%22%2C%22ooo~%22%3A%22ABC%22%2C%22oo~lJ%22%3A%22BJYT3J%22%7D&vlaMop~=(&sflct=480548&ure=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.108.27 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28208
content-type
text/html
date
Sun, 16 Jun 2024 04:00:28 GMT
expires
Sun, 16 Jun 2024 04:00:28 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-s8by
bping.php
lg3.media.net/ Frame 1765 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2137&&vgd_cdv=1256&vgd_cage=1&vgd_tsce=L532&vgd_mcf=76464&gdpr=0&mspa=0&wshp=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=252634850&vi=1718510428868594229&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=170785191&r=1718510428489&rrr=tzR-hLcl-L-tK5Cr_OvM8oYKqwl0t07uP1JqpLE9eFjdTdp3f3DgFA%3D%3D&requrl=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9i~eBMJ-Nv9.AH~e8QMQOvAhW~ONfvu~QNOvzQB~eM1QzvF99FW~ejfLMQOvf9fH9FuXuh~8xLjMGvuXfW.WF~xLjM7UNv9~Q7OvS%23jJk7oG1zzJLo1O~j1Q7v~e8QMxLjMGv9.hA~8EvfOp0dK~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vh~LNvu~L8Qx8Ov9%2C9~LJkMLvXOh~LEQMQOvf9fH9FuXff~e8QMGvhWf.WA~xLjMGv9.FX~ejfLMxLjMGv9~ejfLMxLjMe8vff~xLjM7e8v9~JNEMJJLvu.Wi~xLjMjvf9~yN17vX99Fhu~GGvuiF~eev9~jfLMGvu999~JLEYv9.9i~ejfLMxLjMUNv949~GYvu~1AEMGvf.fH%2CHi.Wf~Q8OvfXfFAHWX9~QOv9~x8OvuqJtlZezU9Rx_jBjKl~G7OvuFXffXF9AA9hFhiFFiF9AAuHiHiiXfAAFFXhFiAuhh9ufhXW9HXAWFW9H9FuhuH9HF9Wh9hhHi99fi9i9HXifHiXHi9WWWAHhfiHXuXf~eBxv9.AH~OfEMjvu9~AENkvu999~x8Yv9~1EEMzvzmzM1EE~OYYMQ7Lyvw1LYmz5~eLMxLjMGvhAf.WF~OfEMGv9.ih~GMlvf999~myOfEMGv9.ih~exLjMGv9.iX~GxyOvH~QQvIK~NNvKP~x8Bvou~NJv9~LEQMGvHi.Wf~exLjMjvf9~%3DVvAuhf~UGMxNvof~z7Qvu~UGMNNUQvof~N7vQ5OzJ5~J-EQNmLJvou~EGv9.H~G1Q8QfvuiF~GO7vuhuWXu9Hfh~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.9F~8Q8kv9~G8Ov9.9i~ONvW~ejfLMGvf.fH~8exLjMjvf9~NGOEv9.9HA~875EJM8Ovfu~QJjjJLM71yM8OvS%23jJk7oG1zzJLo1O~QxEEj5M71yM8OvAuWuHXHX~e8JB1G8j875v9.AHuXWu~EmQv9~N1LL8JLVOv9~myG8Ov9.9i9999~GkjLv9.999~Qx8OvXXi9fuWAiiXfhufffFA~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vX9~OmyGv9ou~OYYMQkYvYmB-Mb5Q7JYMHF9~8GNvu~zQlvu~7yQvuF9-F99~GQ1v%2Fu~GQGvA~GQEvou~7Y-vWX~Y-GU7v9&ssld=%7B%22QQ8E%22%3A%22ufu.ufh.Hh.hH%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22Ibp%22%2C%22QQN75%22%3A%22b5OzJ5%22%7D&vgd_bid=355246&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=60068&vgd_rakh=1718510428195543884&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_pgid=p0547499347t202406160400&vgd_pgids=1&vgd_mspa=0&vgd_mspad=a&vgd_wshp=0&vgd_uspa=0&hvsid=00001718510428486020383783149484&gdpr=0&mspa=0&wshp=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Sun, 16 Jun 2024 04:00:28 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
35
expires
Sun, 16 Jun 2024 04:00:28 GMT
checksync.php
contextual.media.net/ Frame 9E72 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU2CV286&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C359%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=1&usp_consent=1&uspstring=1-N-
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.116.108.27 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-116-108-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
10280
content-type
text/html; charset=UTF-8
date
Sun, 16 Jun 2024 04:00:28 GMT
expires
Tue, 18 Jun 2024 04:00:28 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 1765 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=6473&lper=1&itypeid=21&itype=APPNEXUS_EXPERIMENT&itype_override=APPNEXUS_EXPERIMENT&cc=AU&cid=8CU2CV286&reqid=1068367579246123691&vid=1068367579246123691&dn=thecrimsonmarket.com&rawDn=thecrimsonmarket.com&requrl_dn=thecrimsonmarket.com&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fwww.thecrimsonmarket.com&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=NSW&ct=Sydney&zip=2000&pubid=pub-appnexus-exp&tgtval=pub-appnexus-exp&csip=rtb-common-54947dd674-89m8r.SG&dtc=apac_sg&zone=b&ptype=23&tmax=150&xtmax=120&gdpr=0&gsi=0&gpp_present=false&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&ortb_device_id=2&asn=60068&sckfl=1&suid=5590218399527122263&sckfl2=0&smbrid=7795&usp_status=1&usp_enf=1&usp_string=1-N-&ufca=26&mspa_enforced=true&pexid=APPNEXUS_EXPERIMENT-999525&geoll=false&is_ortb=true&s_ip=103.43.90.0&s_city=sydney&commit_id=5dbc2a15&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-06-14+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=AU&ipcc=AU&is_msnnative_src=false&proxy=g-ase1b-rtb-common-envoy-12.srv.media.net&header_lang=false&DSARequired=0&PubAdRender=0&DatatoPub=0&homepage=true&imp_count=1&tgt_imp_count=1&q_time=1&audit=1&rtttime=28&req_tid_present=true&pvid=460&prvAccId=252634850&prvApiId=8CU4JWBS7&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=752115612&prspt=headerBid&prvReqId=17835349086353_1674371258_7521156124601_0&size=160x600&chnl=HARMONY&bdp=0.090000&bid_uuid=e6e21b412923395079c75936f7b3888d&cbdp=0.043199&og_cbdp=0.090000&ogbdp=0.09&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=similarsearch.net&dfpBd=0.04&mowxReqId=7febcfc8538f80d7bb7df6039ca372a6_1&dsrc=-2&dp=0&dbf=1&epc=252634850&s=1&snm=SUCCESS&adj_ttl=600&pcrid=8CU4JWBS7-252634850-25-22&tpbTkn=false&exid=218&bidflr=0.000&pbidflr=0.000&basebidflr=0.000&opbidflr=0.000&spbf=0&viewability=34&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1718510427905&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.09&dmm_erpm=true&dmm_ogerpm=false&bcrid=426619079&strg=HARMONY&stagid=31814545&vls=0&scrid=426619079&mang=1&pvdTmax=85&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&bdata_len=1265&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_badv_count=17&mx_isMfaD=false&mx_epbc=8CU4JWBS7&mx_ssProfile=0&mx_sua_os_n=%22Win32%22&mx_lr=0&mx_TAS=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_bssMetrics=%7B%7D&mx_dup_profile=0&mx_bsAlgoBucket=MARK_NOT_BLOCK&mx_dup_algo=NOT_APPLICABLE&mx_bsVerdictAlgo=V1&mx_selectedScId=NA&mx_gpid_format=DEFAULT&mx_bsAlgoProfile=NOT_ENOUGH_DATA&mx_aurl_hc=0&mx_aabpc=0&mx_dnbkt=46&mx_isLossNtf=false&mx_ssBucket=0&mx_bcat_count=2&mx_gpid_sent=true&mx_commit_id=cbc83f763c&mx_exp_tokens%3C%3E=VidThrtl%3ADEFAULT%23%23bsTEExp%3A5RA_48h%23%23IPBLOCK_DM%3AGCS%23%23ProfileUpgradationNew%3ACURRENT_PROFILE%23%23bsTEExp%3Acpm_3%23%23PRD%3ADEFAULT%23%23bsTE%3Ac1%23%23dup_vsid%3Actrl%23%23bsTEExp%3ARTB_avg_cpm_mrk_0.01%23%23CNEXEMPT%3ADEFAULT%23%23opProfl%3A-1%23%23duplication-actual%3ACONTROL%23%23sscDN%3A0%23%23BF_store%3AGCS%23%23dup_pub%3Ainv%23%23NedCkflDupExp%3ADEFAULT%23%23dup_vsid_bsw%3Acpm%23%23duplication%3AEXTREMELY_AGGRESSIVE%23%23sct%3A1%23%23VW%3Acpm%23%23multi-sc%3ADEFAULT%23%23loss_notification_exp%3Atrue%23%23NedCkflWithData%3ALesBlk%23%23qpsBkt%3A1%23%23pre_fltr%3Atrue%23%23prll_req%3Atrue%23%23dup_inv%3Ap&mx_bdbp=0.0&mx_sdr=false&mx_sua_cvg=0011010&mx_tid_sent=false&mx_SPRIG=0&mx_ep_sent%3C%3E=badv&mx_fo=1&mx_bcrids_count=0&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sid=8CU4JWBS7&mx_SC=0&mx_nsz=1&mx_GCID=0&mx_mrpp_key=cilium&mx_maq_call=false&mx_aurt=0&mx_e_flrl=1&mx_divid=31814545&mx_tgs=160x600&mx_bssMetric=AVG_CPM&mx_primaryScId=sc_default&mx_IAB2=0&mx_ssb_lc=0&mx_dup_bucket=NOT_APPLICABLE&mx_PC=0&mx_gpid=31814545&mx_bsWhitelistBucket=4&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_ad_src=ADCODE_API&mx_isNed=1&mx_bndbp=0.0&isFledge=false&acid=7febcfc8538f80d7bb7df6039ca372a6&rtime=11.0&wsip=mowx-778b57b645-hb2m8&ltime=22.0&act=headerBid&abs=0%7C0%7Cxtmax%3D120%7Cbrr%3D0&adj_ttl_exp=false&bx_exp=false&adtypes=0&impId=1882192868032573145&reftime=15000&reftype=0&dsid=31814545&insl=0&gpid=%2F%23left-banner-ad&ecp=0.17&req_size=160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=31814545&supplyTagId=31814545&mnrfc=-1&sst_blk_verdict%3C%3E=NP%3AMNB%23%23C%3AMNB%23%23EC%3AMNB&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-06-16+04%3A00%3A27&__expireat=1718511028158&mview=1&skip_dmm=0&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.090000&lo_cbdp=0.043199&actltime=22&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.09~vw_exc%3D0.34~vis_sd%3D378~dc2%3D1~scd%3Dnsw~v_asn%3D60068~vl2r_sd%3D2024061517~iurl_b%3D1528.86~url_tkc%3D0~std%3D%2F%23left-banner-ad~last%3D~vis_url_b%3D0.73~ip%3D2dWPjA~fbb%3D0~vis_url_l%3D40~riipua%3D0%2C0~et%3D7~rc%3D1~risuid%3D0%2C0~ref_r%3D5d7~rps_sd%3D2024061522~vis_b%3D782.83~url_b%3D0.65~vl2r_url_b%3D0~vl2r_url_vi%3D22~url_tvi%3D0~ecp_eer%3D1.89~url_l%3D20~gcat%3D500671~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.09~vl2r_url_kc%3D0E0~bm%3D1~a3p_b%3D2.24%2C49.82~sid%3D252634850~sd%3D0~uid%3D1HeXzGvnk0BuTlwlAz~btd%3D16522560330767966960331494995233665769317701275804538680406171404608707749002909045924954908883472945152~vwu%3D0.34~d2p_l%3D10~3pcf%3D1000~uim%3D0~app_n%3Dnon_app~dmm_strg%3Dharmony~vr_url_b%3D732.86~d2p_b%3D0.97~b_z%3D2000~ogd2p_b%3D0.97~vurl_b%3D0.95~bugd%3D4~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D49.82~vurl_l%3D20~CI%3D3172~kb_uc%3D-2~nts%3D1~kb_ccks%3D-2~ct%3Dsydney~expscore%3D-1~pb%3D0.4~basis2%3D196~bdt%3D1718510427~basis1%3D196~isRef%3D0~ivurl_b%3D1.06~isif%3D0~bid%3D0.09~dc%3D8~vl2r_b%3D2.24~ivurl_l%3D20~cbdp%3D0.043%7Eitype_id%3D21%7Eseller_tag_id%3D%2F%23left-banner-ad%7Esupply_tag_id%3D31814545%7Eviewability%3D0.341581%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.090000%7Ebflr%3D0.000%7Esuid%3D5590218399527122263%7Edtc%3Dapac_sg%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D50%7Edogb%3D0-1%7Edmm_sfm%3Dmowx_System_460~ibc%3D1~nsz%3D1~tgs%3D160x600~bsa%3DV1~bsb%3D3~bsp%3D-1~tmx%3D85~mxbkt%3D0&utime=604&sf=0&cpr=0.96640573403281
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 16 Jun 2024 04:00:28 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1296 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7795&pub_id=999525
Requested by
Host: www.thecrimsonmarket.com
URL: https://www.thecrimsonmarket.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
74603
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 16 Jun 2024 04:00:28 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
290, 84707
X-Served-By
cache-lga13626-LGA, cache-syd10124-SYD
X-Timer
S1718510429.562046,VS0,VE0
rd_log
sin3-ib.adnxs.com/ Frame 1765 		0
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&e=wqT_3QLHB_BMxwMAAAMA1gAFAQjbxrmzBhDZ3euOj465jxoY1-qqhcLAnMpNKjYJQpdw6C0epj8Rd_e5BwwFoT8ZAAAAYI_CxT8hd_e5BwwFoT8pQpcJJMgxAAAA4FG4nj8wkeeVDzjzPEDqXEjgA1DH4bbLAVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQgAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCIWh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTIxLjEyNy40Ny43NKgEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEx-G2ywGIBQGYBQCgBau1iZTy1ObpDsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHqBQsKB0RpYWJsbzQSAOoFDQoJZ2FtZWl0ZW1zEgDqBQgKBHNlbGwBGzgQCgxzZWN1cmV0cmFkZXMBExwOCgpob3d0bwUSARE0DwoLaW4tZ2FtZWdlYXIBEjQQCgxhdWN0aW9uaG91cxElAG0lKwxwbGFjBRIcFAoQVGhlQ3IlRwBNBRwBPAgLCgcBWghpbmcBDiQRCg1EYXJrYW5kAQcAZQVeCBMKDw1wHGN1cnJlbmN5ASowFAoQcGxheWVyLXRvLQkKARcQBwoDYnUFIQgTCg8NWRxwbGF0Zm9ybQEgHBQKEHZpZGVvAb8NHwEXCAkKBQEOZGUSAPAF2IhK-gUECAAQAJAGAJgGALgGAMEGKVAs8D_QBvnjAtoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgHANIHDQkRMQEvCNoHBgFn8KEYAOAHAOoHAggA8AeWzgqKCHIKbgAAAZAfNBt4Gh7kcPHa7tkDTFRf3huF9Lb-KUJkPvZXGZcn2LWlxpTO_toJCTjm28lNNM9hETmAQp1shCaKgElGIq9Li349HJMb9Hy0vTeTqZk_F7cI54HFgqdw9dZlHvZxI6ZbfvGlXm9QYf2NEAGVCAAAgD-YCAHACP7hAdIIBggAEAAYANoIBAgAIAA.&s=8a4226163aaa266c6b5f93965738217876babb15&bdref=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.thecrimsonmarket.com%2F,https%3A%2F%2Fwww.thecrimsonmarket.com%2F&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
an-x-request-uuid
3f0d8883-ee35-4fff-bae7-7de5662e3004
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4FF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2771840867904&version=m202406030101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4FF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2771840867904&version=m202406030101&ct=76&x=38&cor=17055164108528867000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D4FF 		94 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXL6zBEwhDfnvOIYDb1E-2TsEQCEv2w1a0fbOfrKn_JZM5eHW_s7dbSnlMfzvNV7dR6nSlv4MetfMJLD6Duvx9EEqSWA7JaWDuL48WP1QBp4DxicMMyok54bq3w4fJOPHeGnuSEjoIiUpwWPPal3i4G67nRFuFLwpIpu_LW8ZWjpuEPvscqubGgWNvOEWJY9w_2p-qJHSlkH9D05hhoXI2zE44taeL2pxtdv9uFp16nQ8WrOQ&dbm_d=AKAmf-BKBEdCcsHa7fQ_jrl-IYS_fdAk8m89KsOEE1lUOglaH0YasJNRuBvIKZ5BDuFo3-48_e_8bavruYwVqtTPKpXm_CBHyrB47Z41yO-Z9FUI4NonMMuIKxyf3VH-kP-dghwQIpW87w1yUi0j3aUi3ZaHQ1OKvoRwKyGUCCR5_Ykf_YpgT-HJbNvObtHeOlQ3-gTpjs3S841kmExvCATS21bds7Gj0Ri0PypJ3NzuqqDPTHfZat70bT5kL6-df4Ng8MxLOumSaiX596xFI5PsvByySZJuG4QF4FtzkgxPoEkIM_XpYv_zJ53x0fpHEJjiV4o88TVch9uDA0WKcO5Rd22XR2w7XCuahf2hd0tBATJduz2p5HzhUfS-2I5ZCEaEFjjsdJIUR8-TVsEGnaOgVCjikZHyIP66O8GJ5iOlAIw61Qo3G0I3jjxMs5Rp9eAT80NcYNPLyu9fEqrgIvt32PMSKR-BhAQFpLJpfE239ORzgOyIonCZDvjbdy7yYgWN0c_lYaMfqzKGGhrUYHYMEcBsiXfP6qXOdG2YX-FtS4nri7QECiQxH3HNvAJRYx0ZkVmAmS5Nu7NHQwCsaghH-h0Jx6TR9vmr6YzEgAqCwxY8YBQwgQQCJ4k5oFdqL4ECaM4A_b0xYrii_B9fYwBedOZqB_me4jnusxNgNYeUgr-Ac6DrualzAJKSC3iZWvU47xD6KYUkvbz6VDs8nOHcReNw_8Ke2Hykx4qbkHtFxMddx0l5qejcZDTIhaRVMvkKaxEnbX1ph1aDDoGGuJwtfx58qi74fKf90A-hDHOffWTl35H476VKKxUgkxE2imgmyMNLZJtD2syNYHtzV6ZZt8wyf0nv_MTZTOFL0usBD41A3PwIt2sruixWPvH0SgSR6ndMyI-JzIPAr50ukQOTTMBVVIkor7lRdlEb5KmgohzZZuJVwzWEHbQENBR_S7gWt14CKWT9bBmpxP6cu21ORS1ldtfGC3s3_ntL57ZSBnSSHjqFX82c-1sqaixVQuLWjPKaRrikgayyi0ilEZQd02x-7ntdy_P2IaqJifc7KnqWWThUsOAKwFou3-14MEhXwA9nMlPovnGIY9j3hJxPt6JhNiATjvbI-C2dbr2jM7VQ1kPoR06Ydug-a5F5QfcFn5AsDlqxg-NS0sbhAK9LZCsePYaHNqzqFBmbi6SiCMfTKnpJilI3MNActDahXHCeYLFVuptL6TAlvIdol4HyiD_cusbPjTE1Y9fD2lOCXgbvYI-K2d9YTjY6uNTfFyB0BfnjlfU7ZK-8w3R-N9TquwxyQbcLWbJF1Rw2zkAaYtbszKt6nQPajcaUQon4kO57sZEJDC2uLgJwkulByUK11DXPBHv5cHfFMeBPi03Sde8x0IRoO4jZKhCwU9WVkfVYh0ZmqKaMSBavgKM6dkZgv6W7HhDIo1m-rwfEeY8ihTNZUVNJDow-94G9seHT4t_Twiw2pG2QTW4QSTJo6pIPVsacggRehw6TpYZj7hoW6IWG09Alx0X-oboWQlmRjum_FiA7SPD3riga7T5Nudev_PR-89MYzOU_p2lymwDN7sp_JmCWQ5Q35lLVCPU63eBP3HtPH9FNXeJoEEYG1K0byisvRK0LXq4_uc9uR-vn_LjLnhaW82v86qNUybfeig7pxBY7i8_NNdgKhc-MEPbMUSgsSWSXuCKgb8UTDW5HL5l0TSqK-v_YxvSDR6j_RXxtyzfkxuHLC5NMxJ2JscMoklb7LajKblV1NiuywSjwyXdLixdKThRfNNITMCqwyMyzGx6gd36Dy_cnpMBjICZf52987rnl_I5ju-k5W9qVk0gqokKdIqp4migZQkKNB9M8KNl9fvUW9520e52zRNY_olBg-SjStxEBTJMjn3ptax7Q-flDp_G7D01LAntZq0Kkcv6RnkiiBImW_stGxddbeopLh2SBa99WRAog1U4l9bgeiiVQAqIzkJMDovxXoqHn_XhP0BY6fx4rQJdtPC-0r7hUpWJwkJt8U9BdY7GdahppvmUFHBLUJReeFApox_jmUcTX2dEnm73ykD_a2dfNRxOOKZIxbb_T2DlE4lru4c1ZyVcXrasuZ6RRfpyMax0GZlDCbpjlIRHdfxn6U26UHWvX-xcNF1nKymCZZ17UXr83VWPVLzIRmKN9wFQGFob4EKtGA1arcVg7U1L_0JkTKdubFS7BAS3FDCq4ufAAD89BNZQ-mOAe16X4DYYxy2-SfhIXZafx6nvSz_7MIVBG8oTWUKIYYirrdSwML6tK5kSFM8I-Eqb6zZ9rtiYhR8zZ_yVDgNUtrSIZdJCXUEjGYgzmKfpQh6XWw8Zw8mrKyp9oh2iLfvD8rFMjTKGp3yfnjaRK-x-gAWsGwysGAT-3pAm9cS2BnDuRiMRoYTr0vSb4CpJHR6fvZEWvQpp6Ox7KsZwK9v6duXoN_BG1UMUaYirsXPrlqfcd-KTl4kkEYFkyaXfnnfIwlAdTLUtR-vgm45vfvYF9k42RhuCuydpn5Vh11zbnWcCTZI-mRdGvFqFwFufnKwxetbM79BDhPvu7Es_SLgKaG8SG2_68ie3YTYnjVBEU5bqSSb_wGA4XppRXR9iDJ1uLQNlrNK0axd-Uhq3qE0pKVksBdgaXjZjyrNgA84KgbkzEYkEHnASuL7WfTeDU4Jn4p79Ul0PEFQ2QQp34hE_kfI0rm17p3iP0T4D1Sk5lqgoge1laabKlpBvgfTDbytjf2Y7x-im8lf5gi7ChefFo6yA0oqYSo7AGKQdOKQhmyvBBCU2nIk30aNt9Tw8jgfrA_jKHdMsDPuR0KeRkEzjbmiBVqPILBNCpW_pljHgaGE6oIvp_neZQZGfaloihL_5tokwdYot86sL-OM6MXJVRC1x8gnQc6DcXS0aUMU4e48Aht0mhcAG7lBHI2BmYU2nnxgh042fdR-lb7sguKXCK_vIL4Sk6KOXqnkGPPsB14aSimAlEXFQtz-yxowSwyhRw1hXVL1_IEhxAWypge8FEvWL607igJ_Fgck2rmV2LHQTOsGWT-STo3xocCN6Uk9d2hLN1KZLkzj--2lQfa-3mDptP_s4vr76EavT5BRu1GfLAR7zHv7Mk31R_lQjpl_GO299B1jy8OW5cD03_ngvDplXTkLzRdZzTl2iLslXAoVUPiPYnPzrkSyZOR_XHP57Nbii2D2UuWqOqQWbbetU0TqBAio5XfoKc8nv3ViTlnr2uoduHri_bAyfvgHl9LEEiXBU5nswQ3XLK8tjgyxZ2G3xy8LJIUhFrTCbS0zQyxHZYsTdqKN8Zr7GjrFdSx504ddla76k9QkzKl8JG7NaKsbZd_VnB4_bBzmiLhDw7Ye60sBddU0mh3NPsNIldfB4Xr5FikFDvW-tRW7uN_j1GAUWjMi4BK2zzMUe9sWVYmy35keT-qF15qEK2ZQpzPl0CeoyXvMzXAte0TAQN0kKLdffjSprYrxxjrkx7EZFi1LZUa5iZxGdp2r4TqT0Ss7SNVDiaG9rk9OSZXS42iGFDz_93j5Y0YkyCMzYtZUQivKyHXdKS1T0wuVQ8lTUPx56PuzXP3n_5-lFexMfNPI65YPb-LJmRBeXla8tBQufhVI28sNM1TJu7FnFyO28ENF_3SPLtKk3tJ-7SfZmKrJzI4atW4N1DOFv4xIir7rXcXsNOeKty_o4ubhj-_aphlMolw6KvUSaiiShGXjFyuGWUMoNT0PeoCo-DynuwUctsNbo4az08K-caY6Ydh5d7obQ&cid=CAQSMgDaQooLf4wVPykw7d-NSreGkt33mCOHPpHd05SIZZhb5sCAFQmiB6Ht8_bXYvV1_zbwGAE&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&ds=l&xdt=0&iif=1&cor=17055164108528867000&adk=1751844666&idt=122&cac=0&dtd=31
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
53eea8efba5fffb5b28789c49a576d03ffee0c9044d63206116add39f4f3f772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39813
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f62a4acbbff9aa8522dee2631be35333fdfc666f683019923e780ce677be7b6

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		675 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
22ef4d1c10ffa6b9c6e743a2b6b8872bc25ba4680f139a02b36a828bef31320e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-674
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 0-674/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
675
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-cache
HIT
cdn-requestid
aea0476e58e6e2cd73e1dec6dfc0de7d
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		594 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
d8b3c4314237df1c0c5b38474988a046954f4cd8bc5dffe46229aa3884867b0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-593
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 0-593/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
594
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-cache
HIT
cdn-requestid
b34ef38a8c5fa3191f5227baaa536c19
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoibGVmdC1iYW5uZXItYWQiLCJjcmVhdGl2ZUlkIjoiNTU2XzE2XzU3Mjg4OTI0MiIsImJpZGRlciI6ImNyaXRlbyIsInRpbWVUb1Jlc3BvbmQiOjU1OCwiaGVpZ2h0Ijo2MDAsIndpZHRoIjoxNjAsImNwbSI6MC4wODYxNTIsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJEb21haW5zXCI6W1widm9kYWZvbmUuY29tLmF1XCJdLFwibmV0d29ya05hbWVcIjpcIkRWMzYwXCJ9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWFjOC03MDAwLTg5MWMtZDk3ODM0MTNlYjliIiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3NzA5LCJmIjoiMXc4b2xucCJ9&v=true&t=1000
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		43 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
f92f1b7bd33c739ba84407f4a6bdb668d3f53f636da348a8d2aaa32e15eb61a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=675-44381
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 675-44381/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
43707
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
28bb773e59e86cbde09270d8317506d5
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
4dace3ab75fc5ad74ac87c729bf4024f9d568af6cd64029af30b5ed24ed43181

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=594-54330
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 594-54330/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
53737
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
c66eccc7ad3f03476fc4a79b2af5d95f
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
init
gw.geoedge.be/api/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.28.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-28-111.syd3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 16 Jun 2024 04:00:29 GMT
via
1.1 14ad4e3e12857f3153259ccd2089a180.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD3-P2
content-length
0
x-amz-cf-id
fBglOftdSPUyC41GNy37HhXefDEpCO4jOIlhz4eVVKrSii6VGpnrug==
x-cache
Miss from cloudfront
vevent
sin3-ib.adnxs.com/ Frame 1765 		0
991 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&e=wqT_3QLeBfBM3gIAAAMA1gAFAQjbxrmzBhDZ3euOj465jxoY1-qqhcLAnMpNKjYJQpdw6C0epj8Rd_e5BwwFoT8ZAAAAYI_CxT8hd_e5BwwFoT8pQpcJJMgxAAAA4FG4nj8wkeeVDzjzPEDqXEjgA1DH4bbLAVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCIWh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tL4ADAIgDAZADAJgDF6ADAaoDQRIYMTA2ODM2NzU3OTI0NjEyMzY5MV9zYmlkGhMxODgyMTkyODY4MDMyNTczMTQ1Igk0MjY2MTkwNzkqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMjEuMTI3LjQ3Ljc0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlJliIBQGYBQCgBau1iZTy1ObpDsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF2IhK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-eMC2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAboHCCoEMS0tLUAByAcA0gcNCRExAS8I2gcGAWfwpBgA4AcA6gcCCADwB5bOCooIcgpuAAABkB80G3gaHuRw8dru2QNMVF_eG4X0tv4pQmQ-9lcZlyfYtaXGlM7-2gkJOObbyU00z2EROYBCnWyEJoqASUYir0uLfj0ckxv0fLS9N5OpmT8XtwjngcWCp3D11mUe9nEjplt-8aVeb1Bh_Y0QAZUIAACAP5gIAcAI_uEB0ggJCP___z8QABgA2ggECAAgAA..&s=00086beaa12997bdc831098a7f4794c0a38ffed8&type=nv&nvt=5&jm=1003&px=0&py=363&bw=160&bh=600&sid=2891275451403186106&vd=ct~0|rr~0&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=31814545&sw=1600&sh=1200&pw=1600&ph=1461&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/244/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
an-x-request-uuid
0707c191-8987-4c5c-90f2-7f68ff83e0a7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_279.js
s0.2mdn.net/879366/ Frame D4FF 		116 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_279.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f6.1e100.net
Software
sffe /
Resource Hash
f4d9dedffa6ec9dd7ec66eef0915017183e812e17b39f30e2407c8da747de77b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Origin
https://www.thecrimsonmarket.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 04:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000
content-length
41555
x-xss-protection
0
last-modified
Thu, 02 May 2024 19:23:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 04:38:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/elements/html/ Frame D4FF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 23:27:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
16353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jun 2024 23:27:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/ Frame D4FF 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
da563995c8336482dcbb5111f35e29613d82abeb5f6b6cdf1b553077d644f3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 23:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
14917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11747
x-xss-protection
0
server
cafe
etag
6973848925928707074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jun 2024 23:51:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D4FF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 22:50:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
191386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 22:50:42 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=IPONWEB1&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1718510428839&de=754568095097&m=0&ar=77fe512667-clean&iw=1ceb636&q=2&cb=0&ym=0&cu=1718510428839&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&bo=display&bd=2&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&gw=iponweb503341958152&fd=1&it=500&ti=0&ih=2&pe=1%3A365%3A365%3A2140%3A59&fs=45&na=756121517&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:28 GMT
init
gw.geoedge.be/api/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.28.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-28-111.syd3.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 16 Jun 2024 04:00:29 GMT
via
1.1 14ad4e3e12857f3153259ccd2089a180.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD3-P2
content-length
0
x-amz-cf-id
7kHUsj1MO-6oSmCvkls8BV5TgyBMM0raOrCFT6jR37qNKFXoO7fPhg==
x-cache
Miss from cloudfront
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		307 KB
308 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
f01d492271dc04d25e58ac07b66f5454a8f4bdb0307a3c9e58edb20d94e7b6a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=44382-358717
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 44382-358717/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
314336
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
bea0b314389856764a01a07ed159bf33
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 23C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
199742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 20:31:27 GMT
expires
Fri, 13 Jun 2025 20:31:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D4FF 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:24:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
2176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65936
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jun 2024 04:24:12 GMT
index.html
s0.2mdn.net/sadbundle/12029605298126695505/VOHUHA0082_EOFYS_GenericOffer-160x600/ Frame 43D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12029605298126695505/VOHUHA0082_EOFYS_GenericOffer-160x600/index.html?ev=01_251
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f6.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
181027
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2004
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 01:43:22 GMT
expires
Sat, 14 Jun 2025 01:43:22 GMT
last-modified
Wed, 29 May 2024 08:03:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame D4FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssEGTjMAehcc0EMs0aKM0lvF3xEGmU_dlwEYiOwzXgQf9jgT8xqi5Opi1-o-vgsbejt8JjzUyr8100JDsNZ1ISbXzbYrdr-Uy3zy3kfZvzfNNVoVJLV-cVsYMswkFaMVd02zqDbV1aqp2NCH4sH7kllQF5KWPPXkqSyc8FBAvDhxNKPr1YywjlkUp-1CNpT57jibSwY0LFU6CSRl7_npSpzKmaOnh9SVSbdrnBhKnmn980Mm9-ECDUhXIogvcS_RrhFTis&sai=AMfl-YQnpf5N5peNIkaCykpWZPpJrE2NX8VLpiLa438uS1_AsWVIPbc0SgHOqI2MA4AbfcSDSDLHsarcT-oMuBXsnJzmzQBFZr2_5NrEgF4rStniHGyYgQa7FNnA-CkkPxRVMyuV19df_z7gao8GpoZZfTEOj2Wi2uLKaQ&sig=Cg0ArKJSzDS9QnjUJlvHEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly92b2RhZm9uZS5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=146&cbvp=1&cstd=138&cisv=r20240612.22105&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x50175c17ef7a8200000000000000000","13":"0x68a370b639af26b60000000000000000","14":"0x5b4b98ed5dd811690000000000000000","15":"0x3c84b10575dbe9c00000000000000000"},"debug_key":"5770217396321145112","debug_reporting":true,"destination":["https://vodafone.com.au","https://tpg.com.au","https://iinet.net.au"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["11611197"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["11205859"]},"max_event_level_reports":2,"priority":"0","source_event_id":"4436731709073269886"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
expires
Sun, 16 Jun 2024 04:00:29 GMT
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjU5ODlfMTIzODAyXzU2NDM2NzU3NiIsImJpZGRlciI6InRyaXBsZWxpZnQiLCJ0aW1lVG9SZXNwb25kIjo1MDksImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuOTIzMTYsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImFkdmVydGlzZXJOYW1lXCI6XCJoYmYuY29tLmF1XCIsXCJhZHZlcnRpc2VyRG9tYWluc1wiOltcImhiZi5jb20uYXVcIl0sXCJtZWRpYVR5cGVcIjpcImJhbm5lclwiLFwibmV0d29ya0lkXCI6XCI1OTg5XCJ9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWFlOC03MDAwLThiY2MtY2NkZjRjZGY0ZTM0IiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI3OTQ4LCJmIjoiMXc4b2xucCJ9&v=true&t=1014
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 25F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 04:00:29 GMT
etag
expires
Sun, 16 Jun 2024 04:00:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 17 Jun 2024 04:00:29 GMT
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
25fdb77ddd3fb1c8e786c6c4e5e963002927c47eff175d4d894e325ba4a7a98b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=54331-107151
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 54331-107151/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52821
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
99ded2d9897078fe4a6b1601671abc06
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
openrtb2
a.nitropay.com/v4/ 		57 B
74 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nitropay.com/v4/openrtb2
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d2df3a3f75fc9bbfc59b8dd7fdde7d5b69dc98f34f88aeacc86281eb9234e82e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
via
1.1 google
last-modified
Sun, 16 Jun 2024 04:00:29 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
max-age:0, private, no-store, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
cdb
bidder.criteo.com/ 		0
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.44.0&cb=702083489&lsavail=1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://www.thecrimsonmarket.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
tlx.3lift.com/header/ 		19 B
705 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.44.0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&tmax=2200&gdpr=false&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		596 B
726 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.194.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-194-87.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5a8e73748298fa7d76819c7e8558381dd431235d7a9883e7edfd71757b9e1acf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
content-encoding
gzip
x-openrtb-version
2.5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
365
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3b245fca42441ad2b43c2e325b90bfaa4a4a84613e8c2fe1c5f00d9f2490de31
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:29 GMT
an-x-request-uuid
74bcae90-f618-4415-8b78-8f9cb66f0a53
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame D4FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssEGTjMAehcc0EMs0aKM0lvF3xEGmU_dlwEYiOwzXgQf9jgT8xqi5Opi1-o-vgsbejt8JjzUyr8100JDsNZ1ISbXzbYrdr-Uy3zy3kfZvzfNNVoVJLV-cVsYMswkFaMVd02zqDbV1aqp2NCH4sH7kllQF5KWPPXkqSyc8FBAvDhxNKPr1YywjlkUp-1CNpT57jibSwY0LFU6CSRl7_npSpzKmaOnh9SVSbdrnBhKnmn980Mm9-ECDUhXIogvcS_RrhFTis&sai=AMfl-YQnpf5N5peNIkaCykpWZPpJrE2NX8VLpiLa438uS1_AsWVIPbc0SgHOqI2MA4AbfcSDSDLHsarcT-oMuBXsnJzmzQBFZr2_5NrEgF4rStniHGyYgQa7FNnA-CkkPxRVMyuV19df_z7gao8GpoZZfTEOj2Wi2uLKaQ&sig=Cg0ArKJSzDS9QnjUJlvHEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly92b2RhZm9uZS5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=450&vt=11&dtpt=304&dett=3&cstd=138&cisv=r20240612.22105&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
attribution-reporting-info
preferred-platform=os
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x50175c17ef7a8200000000000000000","13":"0x68a370b639af26b60000000000000000","14":"0x5b4b98ed5dd811690000000000000000","15":"0x3c84b10575dbe9c00000000000000000"},"debug_key":"13102746550962956375","debug_reporting":true,"destination":["https://vodafone.com.au","https://tpg.com.au","https://iinet.net.au"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["11611197"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["11205859"]},"max_event_level_reports":2,"priority":"0","source_event_id":"9689497471755015847"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
timing-allow-origin
*
expires
Sun, 16 Jun 2024 04:00:29 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F12029605298126695505%2FVOHUHA0082_EOFYS_GenericOffer-160x600%2Findex.html%3Fev%3D01_251&i=IPONWEB1&ol=3566765667&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-7OElZQwprWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-BtcrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-yQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=50&qd=50&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&f=0&j=&t=1718510428839&de=754568095097&cu=1718510428839&m=582&ar=77fe512667-clean&iw=1ceb636&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1461&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A365%3A365%3A2140%3A59&as=0&ag=70&an=0&gf=70&gg=0&ix=70&ic=70&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=70&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=139&cd=0&ah=139&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=45&na=1929570845&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:29 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		402 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
sffe /
Resource Hash
cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141204
x-xss-protection
0
expires
Sun, 16 Jun 2024 04:00:29 GMT
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoibGVmdC1iYW5uZXItYWQiLCJjcmVhdGl2ZUlkIjoiNDI2NjE5MDc5IiwiYmlkZGVyIjoiYXBwbmV4dXNBc3QiLCJ0aW1lVG9SZXNwb25kIjo2OTIsImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuMDMyNTc3MTYsImhyZWYiOiJodHRwczovL3d3dy50aGVjcmltc29ubWFya2V0LmNvbS8iLCJhY2NlcHRhYmxlIjpmYWxzZSwibWV0YSI6IntcImRjaGFpblwiOntcInZlclwiOlwiMS4wXCIsXCJjb21wbGV0ZVwiOjAsXCJub2Rlc1wiOlt7XCJic2lkXCI6XCIxMTg4MlwifV19LFwiYnJhbmRJZFwiOjEyMTM1Mjh9IiwicmVxdWVzdElkIjoiMDE5MDFmMzQtMWI0My03MDAwLWE2MGYtNjVkZGQ3NmUwNzkxIiwiYyI6IkFVIiwiciI6Ik5TVyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJyZWZyZXNoIjpmYWxzZSwidGltZXN0YW1wIjoxNzE4NTEwNDI4Mzk5LCJmIjoiMXc4b2xucCJ9&v=true&t=1000
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1811
tracker.nitropay.com/i/ 		0
10 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracker.nitropay.com/i/1811?d=eyJhZFVuaXRDb2RlIjoicmlnaHQtYmFubmVyLWFkIiwiY3JlYXRpdmVJZCI6IjU1Nl8xNl81NzI4ODkyNDIiLCJiaWRkZXIiOiJjcml0ZW8iLCJ0aW1lVG9SZXNwb25kIjo1MTcsImhlaWdodCI6NjAwLCJ3aWR0aCI6MTYwLCJjcG0iOjAuMTEzNjA4LCJocmVmIjoiaHR0cHM6Ly93d3cudGhlY3JpbXNvbm1hcmtldC5jb20vIiwiYWNjZXB0YWJsZSI6ZmFsc2UsIm1ldGEiOiJ7XCJhZHZlcnRpc2VyRG9tYWluc1wiOltcInZvZGFmb25lLmNvbS5hdVwiXSxcIm5ldHdvcmtOYW1lXCI6XCJEVjM2MFwifSIsInJlcXVlc3RJZCI6IjAxOTAxZjM0LTFiNTItNzAwMC1iNDVkLWNmZTUzNWUyZjUxNCIsImMiOiJBVSIsInIiOiJOU1ciLCJ0eXBlIjowLCJkdXJhdGlvbiI6MCwicmVmcmVzaCI6ZmFsc2UsInRpbWVzdGFtcCI6MTcxODUxMDQyODQ0NiwiZiI6IjF3OG9sbnAifQ%3D%3D&v=true&t=1000
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.144.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.144.244.35.bc.googleusercontent.com
Software
nginx/1.25.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
via
1.1 google
server
nginx/1.25.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
sin3-ib.adnxs.com/ Frame 1765 		0
991 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&e=wqT_3QLeBfBM3gIAAAMA1gAFAQjbxrmzBhDZ3euOj465jxoY1-qqhcLAnMpNKjYJQpdw6C0epj8Rd_e5BwwFoT8ZAAAAYI_CxT8hd_e5BwwFoT8pQpcJJMgxAAAA4FG4nj8wkeeVDzjzPEDqXEjgA1DH4bbLAVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCIWh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tL4ADAIgDAZADAJgDF6ADAaoDQRIYMTA2ODM2NzU3OTI0NjEyMzY5MV9zYmlkGhMxODgyMTkyODY4MDMyNTczMTQ1Igk0MjY2MTkwNzkqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMjEuMTI3LjQ3Ljc0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlJliIBQGYBQCgBau1iZTy1ObpDsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF2IhK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-eMC2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAboHCCoEMS0tLUAByAcA0gcNCRExAS8I2gcGAWfwpBgA4AcA6gcCCADwB5bOCooIcgpuAAABkB80G3gaHuRw8dru2QNMVF_eG4X0tv4pQmQ-9lcZlyfYtaXGlM7-2gkJOObbyU00z2EROYBCnWyEJoqASUYir0uLfj0ckxv0fLS9N5OpmT8XtwjngcWCp3D11mUe9nEjplt-8aVeb1Bh_Y0QAZUIAACAP5gIAcAI_uEB0ggJCP___z8QABgA2ggECAAgAA..&s=00086beaa12997bdc831098a7f4794c0a38ffed8&type=pv&jm=1003|1030&px=0&py=363&bw=160&bh=600&sf=1&sid=2891275451403186106&vd=ct~0|rr~5&sv=244&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=31814545&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/244/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:29 GMT
an-x-request-uuid
cfece2d8-41e1-4883-b667-e24192cdae54
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
121.127.47.74; 121.127.47.74; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		64 B
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.thecrimsonmarket.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
0153d24fbc4bfbee1d31f3202ed505060c969318325bed83bc5dc6032a07c74e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
x-xss-protection
0
expires
Sun, 16 Jun 2024 04:00:30 GMT
bridge3.646.1_en.html
imasdk.googleapis.com/js/core/ Frame 1BBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.646.1_en.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
197925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
256657
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 21:01:45 GMT
expires
Fri, 13 Jun 2025 21:01:45 GMT
last-modified
Thu, 13 Jun 2024 15:32:15 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jun 2024 04:00:30 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B1AD 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
sffe /
Resource Hash
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 03:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13943
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 19:10:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 16 Jun 2024 04:05:42 GMT
bqi.php
lg3.media.net/ Frame 1765 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2331&lf=3&&vgd_hb_audit_1=8CU2CV286&vgd_hb_audit_2=752115612&vgd_tsce=L532&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=355246&vgd_cdv=1256&vgd_cage=1&vgd_rensize=160_600&vgd_ren_page_h=1461&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9i~eBMJ-Nv9.AH~e8QMQOvAhW~ONfvu~QNOvzQB~eM1QzvF99FW~ejfLMQOvf9fH9FuXuh~8xLjMGvuXfW.WF~xLjM7UNv9~Q7OvS%23jJk7oG1zzJLo1O~j1Q7v~e8QMxLjMGv9.hA~8EvfOp0dK~kGGv9~e8QMxLjMjvH9~L88Ex1v9%2C9~J7vh~LNvu~L8Qx8Ov9%2C9~LJkMLvXOh~LEQMQOvf9fH9FuXff~e8QMGvhWf.WA~xLjMGv9.FX~ejfLMxLjMGv9~ejfLMxLjMe8vff~xLjM7e8v9~JNEMJJLvu.Wi~xLjMjvf9~yN17vX99Fhu~GGvuiF~eev9~jfLMGvu999~JLEYv9.9i~ejfLMxLjMUNv949~GYvu~1AEMGvf.fH%2CHi.Wf~Q8OvfXfFAHWX9~QOv9~x8OvuqJtlZezU9Rx_jBjKl~G7OvuFXffXF9AA9hFhiFFiF9AAuHiHiiXfAAFFXhFiAuhh9ufhXW9HXAWFW9H9FuhuH9HF9Wh9hhHi99fi9i9HXifHiXHi9WWWAHhfiHXuXf~eBxv9.AH~OfEMjvu9~AENkvu999~x8Yv9~1EEMzvzmzM1EE~OYYMQ7Lyvw1LYmz5~eLMxLjMGvhAf.WF~OfEMGv9.ih~GMlvf999~myOfEMGv9.ih~exLjMGv9.iX~GxyOvH~QQvIK~NNvKP~x8Bvou~NJv9~LEQMGvHi.Wf~exLjMjvf9~%3DVvAuhf~UGMxNvof~z7Qvu~UGMNNUQvof~N7vQ5OzJ5~J-EQNmLJvou~EGv9.H~G1Q8QfvuiF~GO7vuhuWXu9Hfh~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.9F~8Q8kv9~G8Ov9.9i~ONvW~ejfLMGvf.fH~8exLjMjvf9~NGOEv9.9HA~875EJM8Ovfu~QJjjJLM71yM8OvS%23jJk7oG1zzJLo1O~QxEEj5M71yM8OvAuWuHXHX~e8JB1G8j875v9.AHuXWu~EmQv9~N1LL8JLVOv9~myG8Ov9.9i9999~GkjLv9.999~Qx8OvXXi9fuWAiiXfhufffFA~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vX9~OmyGv9ou~OYYMQkYvYmB-Mb5Q7JYMHF9~8GNvu~zQlvu~7yQvuF9-F99~GQ1v%2Fu~GQGvA~GQEvou~7Y-vWX~Y-GU7v9&vgd_lbt=1000&vgde_timeobj=%7B%22e8YE78YJ%22%3AHAf%2C%22jujm1O%22%3AWX%2C%22j78YJQLN%22%3Au%7D&gdpr=0&mspa=0&wshp=0&prid=8PRVCXX19&cid=8CU4JWBS7&crid=252634850&rrr=tzR-hLcl-L-tK5Cr_OvM8oYKqwl0t07uP1JqpLE9eFjdTdp3f3DgFA%3D%3D&requrl=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&vi=1718510428868594229&ugd=4&cc=AU&sc=NSW&bdrid=460&subBdr=196&startTime=1718510428480&l1ch=1&l1hcsd=l1!Ss1v0|3957&mmm=aMC8Cg944awLQzCgQvgg-KdkGc4NhIdQ6S-mA1ChOWcIGCFAPQPEhA==&buid=355246&sttm=1718510428486&upk=1718510428.28384&hvsid=00001718510428486020383783149484&acid=7febcfc8538f80d7bb7df6039ca372a6&verid=3111299&infr=1&stime=1718510428395&tsrc=entity&vgd_mspa=0&vgd_wshp=0&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1718510428195543884&vgd_sc=NSW&vgd_ecrid=426619079&vgd_mspad=a&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0547499347t202406160400&vgd_pgids=1&vgd_end=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.225.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-225-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Sun, 16 Jun 2024 04:00:30 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
15
expires
Sun, 16 Jun 2024 04:00:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D4FF 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstojBi9axJr0JvCpSDYEDA-o_bGggPewpk6pw3HDYYDjqIfv2CnNAYACVweu8KSTknjpLMFWSTySarc7lFZam46r_-Vfg3MvkVQwfUqW9qBTW87EZ7GwB6FAIBOceTvCi2lYPjJCl57HsDVPYZxcDxx&sig=Cg0ArKJSzGZDnQ68MN4hEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&vs=4&r=v&co=1444322900&rst=1718510428411&rpt=621&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		203 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
00c2b3d80468548156fa4c08c3f7f6e4da7bf3673827401dd1ad34a0d15f076c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=358718-566301
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 358718-566301/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
207584
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
e58fb42ee295bdde9c375a903ec42fd9
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		51 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
b90d3810a0d0e14f760929ae60dbe39852ef7364758ff3211886fa080a574f19

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=107152-159883
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 107152-159883/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52732
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
445683bc70095458d7b2f81536c47a20
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=IPONWEB1&ol=3566765667&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-7OElZQwprWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-BtcrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-yQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=50&qd=50&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&f=0&j=&t=1718510428839&de=754568095097&cu=1718510428839&m=1644&ar=77fe512667-clean&iw=1ceb636&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1461&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A365%3A365%3A2140%3A59&as=1&ag=1141&an=70&gi=1&gf=1141&gg=70&ix=1141&ic=1141&ez=1&ck=1141&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1141&bx=70&ci=1141&jz=1009&dj=1&aa=1&ad=1040&cn=0&gn=1&gk=1040&gl=0&ik=1040&co=1040&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=139&ah=1009&am=139&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=45&na=620388594&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:30 GMT
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		282 KB
283 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
0b1cd660a363f186fcd6856933347c394161d01c9243db1658bd0a036d0facea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=566302-854823
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 566302-854823/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
288522
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
f985d0bcb18c4bfaa23f2550718c27a6
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
86f4170e90691bed21c6604aa03697ff971b611903493bdd64bf69483a893ac4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=159884-212669
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 159884-212669/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52786
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
e8287c343f90c4e4e908d5ea5a063466
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=IPONWEB1&ol=3566765667&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-7OElZQwprWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-BtcrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-yQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=50&qd=50&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&f=0&j=&t=1718510428839&de=754568095097&cu=1718510428839&m=1645&ar=77fe512667-clean&iw=1ceb636&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1461&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A365%3A365%3A2140%3A59&as=1&ag=1141&an=1141&gi=1&gf=1141&gg=1141&ix=1141&ic=1141&ez=1&ck=1141&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1141&bx=1141&ci=1141&jz=1009&dj=1&aa=1&ad=1040&cn=1040&gn=1&gk=1040&gl=1040&ik=1040&co=1040&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=45&na=1658709569&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:30 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=IPONWEB1&ol=3566765667&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-7OElZQwprWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-BtcrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-yQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=50&qd=50&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&f=0&j=&t=1718510428839&de=754568095097&cu=1718510428839&m=1646&ar=77fe512667-clean&iw=1ceb636&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1461&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A365%3A365%3A2140%3A59&as=1&ag=1141&an=1141&gi=1&gf=1141&gg=1141&ix=1141&ic=1141&ez=1&ck=1141&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1141&bx=1141&ci=1141&jz=1009&dj=1&aa=1&ad=1040&cn=1040&gn=1&gk=1040&gl=1040&ik=1040&co=1040&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1009&cd=1009&ah=1009&am=1009&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=45&na=1077122079&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:30 GMT
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		210 KB
211 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
d47fae77aa4b06cf995680648507781af3a1fad8f65d28d69f019d690bb49c7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=854824-1070062
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 854824-1070062/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
215239
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
936cf155b69381073893b6dc48d0ca48
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gen_204
pagead2.googlesyndication.com/pagead/ Frame D4FF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2771840867904&version=m202406030101&ct=76&x=38&cor=17055164108528867000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		239 KB
240 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
489a77133121b7d53adb598dd759ee889216cf7e7686175f4af32f1cc2617d6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=1070063-1314871
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 1070063-1314871/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
244809
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
de58e39d066673b5aaefd4846635bce2
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
rid
match.adsrvr.org/track/ 		109 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=aqo03op&fmt=json
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
76b14af3fe9d8415bb8776a973f5a8bd39a9cf9641d4a84a5527efe3978c5fed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thecrimsonmarket.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 16 Jul 2024 04:00:30 GMT
fld0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		262 KB
263 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/fld0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
0de532c40d5fc64075e5b5a96f1905526d4718be8739b59ab970ee87497439bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=1314872-1582705
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:30 GMT
cdn-edgestorageid
783
x-guploader-uploadid
ABPtcPrHfjTCKi22u8VpadlmzycohdgDwdDbzgSEV0bPHqFKUpRT3m72UoitV1UFCL7qn46EBbN7NKKOIA
x-goog-storage-class
STANDARD
Content-Range
bytes 1314872-1582705/6923182
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:43
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
267834
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653192213
x-goog-hash
crc32c=Am01vg==, md5=alYxkU29SlILv4ittp0s7A==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
6923182
cdn-requestid
c3848177db5407975889b3b42c20542e
content-type
video/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
syncframe
gum.criteo.com/ Frame D27C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thecrimsonmarket.com&us_privacy=1---
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 04:00:30 GMT
server
Kestrel
server-processing-duration-in-ticks
558680
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:29 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 17 Jun 2024 04:00:29 GMT
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
021f42e31931635372fcbd87e46f8e1d047bfde43fcd0286a9a7c9d77c1ff43c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=212670-265578
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:31 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 212670-265578/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52909
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
65f519dda977577e00d2aea23139e70b
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
804ea7e9198461836f3d812cfbeeef039452fffb9c86698a61ab7d0e3a0b3cd5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=265579-318318
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:31 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 265579-318318/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52740
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
72ff2a6471e0f474506faf5dd5f206c7
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
705003288db9dec5540dea9e0e3eeba355b146a221f931a231c3bf81cfd7fc67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=318319-371200
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:31 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 318319-371200/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52882
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
5fa58dadfe621cc5d787659b96aac5b1
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
a0000000000.m4s
nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/ 		52 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitropay-1811.b-cdn.net/7c69f8a1ff7c4a7682a935522ca568b8/a0000000000.m4s
Requested by
Host: v.nitropay.com
URL: https://v.nitropay.com/o9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.127.213.215 Singapore, Singapore, ASN60068 (CDN77 _, GB),
Reverse DNS
79-127-213-215.bunnyinfra.net
Software
BunnyCDN-SG1-1180 /
Resource Hash
6b50d9d3816c552289b67ed01ecec7e3e6a8f0b4ec5c8b2ec2f2278dde2cbf32

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=371201-424027
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:31 GMT
cdn-edgestorageid
1174
x-guploader-uploadid
ABPtcPqIuh24z2g2pjx-AMUxTWSIimyJLHz6pbVry25_2uSxESM9SaXi5LBK6_mpEAjoUnuRQ0xjjkWtAQ
x-goog-storage-class
STANDARD
Content-Range
bytes 371201-424027/1636075
x-goog-metageneration
1
cdn-cachedat
06/12/2024 17:55:48
cdn-pullzone
1960421
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
Content-Length
52827
last-modified
Wed, 21 Feb 2024 19:44:13 GMT
server
BunnyCDN-SG1-1180
cdn-proxyver
1.04
cdn-requestpullcode
206
x-goog-generation
1708544653214835
x-goog-hash
crc32c=wWEJ/A==, md5=1O7l64s2CIsf4/ZJ0jMyzw==
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
c085a939-6c50-4510-9dba-7bc4c3f6831f
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-goog-stored-content-length
1636075
cdn-requestid
c8a652f1d36f37d0b66b557ed4c384b5
content-type
audio/mp4
cdn-requestcountrycode
AU
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sync
eb2.3lift.com/ Frame 4B58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1118
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 04:00:32 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6BB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s.nitropay.com
URL: https://s.nitropay.com/ads-1811.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
74607
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 16 Jun 2024 04:00:32 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 May 2024 08:31:56 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
290, 84713
X-Served-By
cache-lga13626-LGA, cache-syd10124-SYD
X-Timer
S1718510433.723467,VS0,VE0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D
  • https://b1sync.zemanta.com/usersync/sharethrough?cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_user_id%3D__ZUID__%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT_80%7D&s=2
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=3Cf_Za85-MjP4CHkMwPY
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=3Cf_Za85-MjP4CHkMwPY
Protocol
H2
Server
54.169.108.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-108-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 16 Jun 2024 04:00:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=utf-8
location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=3Cf_Za85-MjP4CHkMwPY
p3p
CP="We do not support P3P header."
cache-control
no-cache, no-store, must-revalidate
content-length
136
expires
Thu, 01 Dec 1994 16:00:00 GMT
c.gif
c.bing.com/ 		42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=STMS_pd&uid=10cbceb5-a3ec-442d-b213-b8af7ba0f48e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 04:00:32 GMT
last-modified
Fri, 01 Mar 2024 20:23:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 152D8CFC3AA24AC5835E11AC63482E66 Ref B: SYD03EDGE1410 Ref C: 2024-06-16T04:00:32Z
etag
"4113e049166cda1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKSWtFN00zTWNBQUJPNlNWV0JYZw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJIkE7M3McAABO6SVWBXg&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?ev=AAJIkE7M3McAABO6SVWBXg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJIkE7M3McAABO6SVWBXg&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAJIkE7M3McAABO6SVWBXg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=1505479457681862679&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAJIkE7M3McAABO6SVWBXg&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAJIkE7M3McAABO6SVWBXg&gdpr=0
Protocol
H2
Server
54.169.108.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-108-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 16 Jun 2024 04:00:35 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAJIkE7M3McAABO6SVWBXg&gdpr=0
Date
Sun, 16 Jun 2024 04:00:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A&_test=Zm5...
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Zm5jYAAABOgrJwAD
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Zm5jYAAABOgrJwAD
Protocol
H2
Server
54.169.108.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-108-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 16 Jun 2024 04:00:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-served-by
cache-syd10151-SYD
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1718510433.966910,VS0,VE0
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Zm5jYAAABOgrJwAD
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1ebee955-d472-43e8-911a-b628e46e578a&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1ebee955-d472-43e8-911a-b628e46e578a&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.169.108.244 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-108-244.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.thecrimsonmarket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 16 Jun 2024 04:00:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=1ebee955-d472-43e8-911a-b628e46e578a&gdpr=0&gdpr_consent=
date
Sun, 16 Jun 2024 04:00:32 GMT
server
Kestrel
content-length
323
TCMWallPcAdBanner.f4fbc8c90ebb2d278a03.webp
www.thecrimsonmarket.com/static/media/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/TCMWallPcAdBanner.f4fbc8c90ebb2d278a03.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
8a285b113e5f1088e2a85ad0c9a03b5d19d75363646e02f619765237479a91d4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1f708-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
128776
TCMWallPcAdBanner_Hover.0abcfaf6304574e71015.webp
www.thecrimsonmarket.com/static/media/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thecrimsonmarket.com/static/media/TCMWallPcAdBanner_Hover.0abcfaf6304574e71015.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.219.49.92 Camden West, Australia, ASN7545 (TPG-INTERNET-AP TPG Telecom Limited, AU),
Reverse DNS
203-219-49-92.tpgi.com.au
Software
/ Express
Resource Hash
dbf7bdb9d604041bd2a337a6ac69a62a1ff31e476109c51e7d9657c614cf7e6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:00:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 15 Jun 2024 15:18:39 GMT
x-powered-by
Express
etag
W/"1fc3e-1901c7aa898"
content-type
image/webp
cache-control
public, max-age=0
accept-ranges
bytes
content-length
130110
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=IPONWEB1&ol=3566765667&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-7OElZQwprWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-BtcrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-yQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=50&qd=50&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&f=0&j=&t=1718510428839&de=754568095097&cu=1718510428839&m=5661&ar=77fe512667-clean&iw=1ceb636&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1461&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A365%3A365%3A2140%3A59&as=1&ag=5159&an=1141&gi=1&gf=5159&gg=1141&ix=5159&ic=5159&ez=1&ck=1141&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5159&bx=1141&ci=1141&jz=1009&dj=1&aa=1&ad=5058&cn=1040&gn=1&gk=5058&gl=1040&ik=5058&co=1040&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5027&cd=1009&ah=5027&am=1009&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=45&na=1876130666&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:34 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&sst=1&wf=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=IPONWEB1&ol=3566765667&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-7OElZQwprWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-BtcrX%2FQ2oUtvHw%3D%3D&sc=1&os=1-yQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBCrOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4BS8BMCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=50&qd=50&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.thecrimsonmarket.com%2F&id=1&ii=4&f=0&j=&t=1718510428839&de=754568095097&cu=1718510428839&m=5863&ar=77fe512667-clean&iw=1ceb636&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1461&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A365%3A365%3A2140%3A59&as=1&ag=5360&an=5159&gi=1&gf=5360&gg=5159&ix=5360&ic=5360&ez=1&ck=1141&kw=1009&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5360&bx=5159&ci=1141&jz=1009&dj=1&aa=1&ad=5259&cn=5058&gn=1&gk=5259&gl=5058&ik=5259&co=1040&cp=1009&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5228&cd=5027&ah=5228&am=5027&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=themediagrid%3Athemediagrid_98HKW6%3Athecrimsonmarket.com%3A1&bo=display&bd=2&gw=iponweb503341958152&zMoatOrigSlicer1=display&zMoatOrigSlicer2=2&zMoatDomain=thecrimsonmarket.com&zMoatSubdomain=thecrimsonmarket.com&zMoatDspID=16&zMoatImpID=f2dfeb82_f330756a-3896-4416-b7d1-5ddc113b3f15&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=45&na=1248945408&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.thecrimsonmarket.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

unused62
8096267
pragma
no-cache
date
Sun, 16 Jun 2024 04:00:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 16 Jun 2024 04:00:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Domain
cat.sg1.as.criteo.com
URL
https://cat.sg1.as.criteo.com/tpd?dd=GXQKUF9IUmdDdGZodWxhOUdxTXB3N0Z4ejBMSTA3S2xZUWxTS09mVnNISFR6V3NzdkE2dU56eWQ0aktNd2dCWW0lMkZoYkFIelNqRmREVHpneDFtTmg5JTJCOEFqc3hNMUdtZ2ZBZDFubGFWZWU2T3J6NFc1TzNCMGxVNTh1WDV0RFF0VVFwNGolMkZUQkxHUHdBRkg2dVUyZ1ltdVQ4Q2VVMjZOYUFGenlhbnNyTUc5Q3dmSmF3dU5JUUFEYjl1ejN2eFoxT0dDYmdycXBlJTJCbWE3V2N5VENQJTJCQ2RLanc3RWpFcU5hdUVWMFFlUmhkVDhsTUh6Y3NxMExESnFsZ24zTXZQV2t1cjdXRE9DSHlZNGVmMThydmNFQmhCTEdxTE1oVkxna3klMkI5WEhIQ0hTQ1VPUGw1NU5pOTQyaldUMGk0V2klMkZ2eEdRTmpudE1acjYyanhhRUt0SUhrU1BQYVBCVyUyRnJmc2hVbW5NdjhPQWFRUjVOc1RUcXRlN2pjS0lEU3RBVlVUdWhpVVZDcUhvamVLa3pUMEp3NTlURmNZZkNQNUNlSllNUkhhMHR4ZCUyRmMyMUNTckt5Y0hhR1RFWVNCY2l3NnNiWThYR0czJTJGZkJ1a2ZnVEQ2eWtxUXU2MXQlMkZpbFFDdldlUnkweFc5OGFCcTJMOGhnaXBFeTVTM1N2Q0hRQ05VSFNYJTJGUHkzd3dURE9vZVA2VWtQUkp4QzNUJTJCY0x1cSUyRnEyNE1OeDB3amJYbktvbFJyWFhwYjFTdEIwa1hTZnYycmNRaDhlYUhqd1hBcVhLR2RkN01pc2FxSk85NkQxNWYlMkZnNG0zWDZQTHlFOG1wTkV4akFjJTNE
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cl69wVcw08XATLmtx56sSy4dNC7tpGOWho4krCcppxQqi8IHxBT0nTSahbG4KGEyblOkVh8CaOh7mQUVihFLs_ohmEgivy4lmW_7M-kIc98KtwDzg
Domain
apac-jp-sync.bidswitch.net
URL
https://apac-jp-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
Domain
media.grid.bidswitch.net
URL
https://media.grid.bidswitch.net/imp/tnAIM8QGxcS0cNfyxxxk4fyT5FUh4Xc_pH5GpvEN0oK_rgsmMGA-YNocgiqEAadOUMte43Op8C37LMlMIsPQ9-q5tY7L3B0lTwvF7VVu3Cpf6dN1koZ_fflsulzzNP6rVR7TZNJl1LGFUoT2I7jALP_mjNXzjI0BNRqsXp_FoqhEHcdvHpLUvCZZXEuDGDs1LVU_2LkChkakJ4XfSAJpvxTTpnHzy7g-WnJneQb_GYRTfibeIREVKBs1ZG1tztxMt-wlCEXujRK5PRCy3LbkimHpb80Yjoh1Wc7ko8QoExDXDW52UCtVVO5MSi0JeOWhr3Kzz5FxZ1_-MeU1HFb6NXdgYSEQ18bOy18XsdJtJRRfH_7RuDZ1Me1v7iJn_wftWvYj1yhIQLiv/https_A_B_Bghent-gce-jp.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCBqGBW2NuZtuDDLKqid4P5I6a8A7jtpiPePD94vOAE5EvEAEgg____3mH2ClgICAkAGgAaO-9JIByAEJqQLU6o1RrTKmPqgDAcgDmwSqBPgBT9A1CWziBiXaYghrAud4TFXnOy07zSerbvpJxiOITl-q0sMNK5lA28InAru2F3L3rPcCMO1uWwTbwAeFcXzfcM8YU1CN7Ac3BMtgwLxpIpm4y9mu1vxBmy4TNLAMET937gWnBZCxRKFjL6agSKIjkWQl24PEskNm-lvquv7Bo3fq03ESGYtnNCXRVoktz0txD-____-XOs9ouV9VInw1GUUFSYlxGaxYC7EUKGzKgOXJvONPBvH08nqqYJX4-QwGOnm-HKZMA19giRib9yz____BRizDyKRyUA-JEoDltbVEGbS5-0OsSSSvbYCgigX1rz11lOdu8gbFkuutTABI6N4PrUBOAEA4gFyM6bvk-SBQYIAxABGAGSBQYIGxABGAGSBQsIIhABGAFIp____OyApIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAHxcGL7QKoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH____p6xAqgHr76xAqgH98KxAtgHAPIHChDs____AUYmrGWkQLSCCQIgGEQARhfMgKKAjoJgECAwICAgKAoSL39wTpYsfq4nJ7fhgPyCBpiaWRkZXItdGhlbWVkaWFncmlkX2UwNjBkZYAKBMgLAdoMEAoKELCx3e23kP6oThICAQOwE5H2gBjIE97VieUD2BMNiBQB2BQB0BUBgBcBshcICgYIABIAGACyGAkSAutoGEwiAQA__Jsigh__RSVWB2cd1tH4__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDaQooLUH1QJGyMa4j1v2Hsbr8GfWkGm3XifxRvzgqdn73VhoGnVojfctgsur6UyMDZGAE_Bgn-tBOb8a2lhZFvRk2jrk12HDPtgFuT6AAGf8qAKU5Cf9ixPMjRMThuPlygtBHvO9pvMNNoWCEay3L0fkDRf92VgTBCnHKVpBbsUYdkNFfQHHdkfUNKt0X8ON9oTVnlljAJ63CmH8fRCsoXRjQgkzMPclfAP__IaDPyqggjdE1ozbyBdqka-sLvyTnh__b9RXY1frM-ADCOcdyAZSv0IWiFgBTtaDajJQ4x6-hSYmArgpUZt-85OAJ5sbUjw-ovS1czpD6cf2I4zjFKbCFonuYR4vxQ5K3AOSUP8-h2ILJyrIREmIYt6Gpf3TzzjL-eomeh__4mX9g9XZd5K8KfSn7S6397Pm2xNsPIdbpO0kvjbQ2R4D9WZxbfzSvRYU9i3lbzpmpuFFPQnPhI7O__Dys2yZml-C1r-n6vICEZMGjSobBSW7Ioto__8SEZBLsbL7XwRaCAEI9j-XzjcZnrxwSEDadR64bd3p13ch29HFUAj9vrQAfL4NVear-ksD9N__kerTvwPsbSFBpXcU3G5yZAXwM6ZCMh02g-ORJ8yuv4ZFARP95Kpnbp__ie2XEtFuH7Kipy0JKK2VbX3u9gTV6LZXl5CtJUDfV2iKx1jtPxO4LLGueeWylbq3oQhpwIcDxnrtTBChg4uS2TWv0____RgvSwNzHx6L5VUUOhx31Gl60t6t-rzRdgCpImhZoIQVbLqEhVnjRC8B2KR0gXiUZ70BokBkcT9dNpPod__7Vo826wChpEy7X5gs67unM-pi0m80xIanlhr6-veg0THzddHFgFFAoOMzZAaGIEb8lcaTvTB3ltm7eVeSML3HaPdRJd2r0IJRGgvRbDFcY3FctjC-SDxMUUFfKKi6bi__qRhz6o27qmPwcVT-__GqHBjq12t1X2mVo-LGPXLcsII__zC6NmgK8D__IzAzx__yU4mQJI2E2gXsrXdsc3aAUXMt2cFfQcpe-rvwyDNWHs9hY36ZCeOZvw7QE8PmjEoII9eXHqhUzGlxyakSTWXNxR7o7bk-63WKr0OL2uP5ZrJ9tWGaKEAlGDjUpZT7zwpHEGwbkSAw5YjRrICNKZC12w9Myl-hArpti4-ecaFdgdtP8K6bk-xm4ZnCJAR5EE62w7dbeOyRgZtMtg-qBanu__VUhtGpR6HT-rnUcPbqMKre7298l55bJ5Mpcgzvgb01-LE0ukeIvk5mgpR1Smm0Enn8keE3zH7hcDN7bB6__ihrhSLgui5y0jdKNoVoNYyARuzq__-WZ9vcncqjhVPpHgkmvqITAj7eNmQ_B
Domain
grid-mercury.criteo.com
URL
https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=thecrimsonmarket.com&bid_id=50ce465d-d0a1-495f-a4d7-aa099f689acd&ads_txt_id=98HKW6&has_bsw_id=0&bid_price_usd=0.086152
Domain
contextual.media.net
URL
https://contextual.media.net/nmedianet.js?cid=8CU4JWBS7&ydspr=1
Domain
qsearch-a.akamaihd.net
URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=9a99c4f3e3cc47c5162b989c624f03ac&algo=unison26&bdp=0.0700&bidfp=0.0000&capd=0&cc=AU&cid=8CU2CV286&crid=752115612&ct=Sydney&dc=apac_sg&dfpbd=0.0280&dn=thecrimsonmarket.com&iwb=1&ogcbdp=0.0700&other_bids=0.07&other_prv=460&pbshr=100.0000&prdp=0.0280&requrl=thecrimsonmarket.com%2F&sat=1&sc=NSW&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=3238719&ugd=4&ver=9.6.13&cliIP=2038378314&time_stamp=2024-06-16%2004%3A00%3A27&seat=BID_API&itype=appnexus_experiment&req_id=1439359771052607006&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=prod&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F126.0.0.0%20Safari%2F537.36&br_ver=126.0.0.0&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_others_1-cid_1&ogerpm=0.0700&ogerpm_used=false&rawbid=0.0700&totalTimeBucket=3&as_cache=1&sub_bidder=196&current_day=0.0&current_hour=3&cut=60&floor_bucket=0.00&model_version=202406160226_generic_others_1-cid_1&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.3400&stid=31814545&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=0.7442&bdp_wider_bucket=1&splid=31814545&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=60&advurl=similarsearch.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-common-54947dd674-nsjvb.SG&dmm_m1=2024-06-16%2004%3A00%3A27.512128978&bd_d1=500671&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0700&adtyp=0&gpid_format=DEFAULT&gpid=31814545&gpid_sent=true&pst=EMS&bcrid=426619079&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=21&wsip=mowx-778b57b645-q24jr&rel_cut_bkt=60&djvm=9.6.13&optimal_cut=0.0&cut_cluster=0.0&skip_dmm=0&dma=898&bro_isapp=false&bro_iswebview=false&bro_cookie_support=false&devbrand=Google&devmodel=Chrome%20-%20Windows&zip=2000&szs=160x600&win_rate_wt=1.25&margin_wt=1.0&dmm_co=def
Domain
warp.media.net
URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Domain
cdn.adnxs.com
URL
https://cdn.adnxs.com/v/s/244/trk.js
Domain
sin3-ib.adnxs.com
URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.thecrimsonmarket.com%252F&e=wqT_3QKrBeirAgAAAwDWAAUBCNvGubMGENLQj5nikcbaKxgAKjYJeekmMQisnD8RLT9wlScQlj8ZAAAAYI_CxT8hLQ0SACkRJMgxAAAA4FG4nj8wkeeVDzjzPEDqXEjgA1DH4bbLAVja801gAGiQnmZ4AIABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL-4QHgAqnJXeoCIWh0dHBzOi8vd3d3LnRoZWNyaW1zb25tYXJrZXQuY29tL4ADAIgDAZADAJgDF6ADAaoDQRIYMTQzOTM1OTc3MTA1MjYwNzAwNl9zYmlkGhMzMTQ5NDUwNTEzMTY5NTA4NDM0Igk0MjY2MTkwNzkqBU0xMTczwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA0xMjEuMTI3LjQ3Ljc0qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQlJliIBQGYBQCgBZ6M0Izfwuj8E8AFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF2IhK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AG-eMC2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAboHCCoEMS0tLUAByAcA0gcNCRExAS8I2gcGAWfweRgA4AcA6gcCCADwB5bOCooIRwpDAAABkB80G3grtRiOIyPoUqYMLp8utqXgL5hSAMlmliIhZL_IWytiI_VYQldsqa0trtKkRBdyYb7BM1hjsokNU06ExhABlQgAAIA_mAgBwAj-4QHSCAkI____PxAAGADaCAQIACAA&s=eb85682ac72414ac767c61a2609fc0c07be49524
Domain
ib.3lift.com
URL
https://ib.3lift.com/ttj?inv_code=Nitropay_RON_Display_pb

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| event object| fence object| sharedStorage object| dataLayer function| gtag object| nitroAds object| google_tag_manager object| google_tag_data function| rdt function| pintrk function| onYouTubeIframeAPIReady object| GooglebQhCsO function| rcf_whitelist_all object| _RCF_CONFIG object| _RCF_ERRS object| prm number| consoleType object| gaGlobal object| ads object| nads object| napbjsChunk object| napbjs object| _pbjsGlobals function| __uspapi object| __gpp_queue object| __gpp_events number| __gpp_lastId function| __gpp object| Criteo function| redditNormalizeEmail object| __bt object| __bt_intrnl object| __bt_tag_d object| nitroAdsCMP object| regeneratorRuntime object| __npcmp_queue function| __npcmp string| __npcmp_geo string| __npcmp_region boolean| __npcmp_init boolean| __npcmp_gdpr object| _HS_RCF string| page_source_code object| the_node number| _target undefined| index object| node_array string| stars function| oldInsertRule function| oldDeleteRule function| _RCF_TAGS string| pre_path object| after_path undefined| mapEl number| removedNodeIndex object| tagConfig object| dashjs function| OpenPlayer function| OpenPlayerJS object| openplayerjs object| selectionRaw object| select_data string| nodeName string| nodeVal string| currentVal object| _mNDetails object| googDdmPs number| lnt_z object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ggeac object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| closure_lm_584636 object| googletag object| closure_lm_940873 object| criteo_syncframe_state

70 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQvuXQ-YEyCgoI5gEQvuXQ-YEyCgoIhwIQvuXQ-YEyCgoItwIQvuXQ-YEyCgkIOhC-5dD5gTIKCQgbEL7l0PmBMgoKCIwCEL7l0PmBMgoKCKwCEL7l0PmBMgoKCK0CEL7l0PmBMgoJCF8QvuXQ-YEy
www.thecrimsonmarket.com/ Name: route
Value: 1718510426.385.172.571885|cdb649eb234287fe090c6cff7761b419
.nitropay.com/ Name: __cf_bm
Value: 5pFdPcV2gy2_jb8llUc6cyUzLvVga9ZwcLSufQ_CXA8-1718510426-1.0.1.1-YRiK9QOU0HbqJmAS3FYa.wiUxJQNrClIQrRmLjh7LOaAlvwSMsl5LpYEzACztdfeo7xybSK7sFpTY1hGZiCFQA
.thecrimsonmarket.com/ Name: _gcl_au
Value: 1.1.569239467.1718510426
www.thecrimsonmarket.com/ Name: _RCF_lastSession
Value: 1718510426
www.thecrimsonmarket.com/ Name: _RCF_temp_id
Value: 8dj4nnwe4ig
www.thecrimsonmarket.com/ Name: _RCF_eligible
Value: 1
.thecrimsonmarket.com/ Name: _ga_PHRQHT3TF9
Value: GS1.1.1718510426.1.0.1718510426.0.0.0
.thecrimsonmarket.com/ Name: _ga
Value: GA1.1.1070511193.1718510426
.thecrimsonmarket.com/ Name: _rdt_uuid
Value: 1718510427022.4c128be4-f08d-4e1f-a6d5-376f7f6f5556
.thecrimsonmarket.com/ Name: ncmp.domain
Value: thecrimsonmarket.com
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.sharethrough.com/ Name: stx_user_id
Value: 112ae837-cc09-4208-9b4d-1104176c7b2d
.pinterest.com/ Name: ar_debug
Value: 1
.thecrimsonmarket.com/ Name: _pin_unauth
Value: dWlkPVlqQXdOalZrTmpJdFlUVXdZeTAwTTJRNUxXSTVOMkV0TWpSaVlUSXlZamN5TUdSbA
.3lift.com/ Name: tluid
Value: 1496282047737363440495
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZhN1UzYm5iTjhUbmJ0RjZuZStnWHRyQ2tSeVJtbzl4VFdFZzlSQ3BkTmdTTENmbU1wTFArWjFuekRsZGhwbEZzbzZ0cUoyVlRlS2RPMUpuSmJEWnlIamNLT1JyTzRzNldUNXNXVGkxNEpQND0mcnpOZU92UWg0akliOEZuMUlCOGkyOC9BRXNnPQ=="
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmHDzhutr1YLBxvI4QcsxGY3CDqrL9gd_CWPMdnTMTXO1OpdOvJ1bF3s5WG
.adnxs.com/ Name: XANDR_PANID
Value: Na5e79Y8RLNDgmuNL1MWlxvOPyQ3YiYvI9hUgD6JaIBFp-bJfvZxPgBO2Ktza1wlaXJI6OpTGZR0dxM2ISviroOAwvfEXFbrWxJ7pg52tlw.
.adnxs.com/ Name: uuid2
Value: 1620825533685554376
.media.net/ Name: usp_status
Value: 1
.casalemedia.com/ Name: CMID
Value: Zm5jXIsFVXUAAGPyAHmzmwAA
.casalemedia.com/ Name: CMPS
Value: 4797
.casalemedia.com/ Name: CMPRO
Value: 4797
.media.net/ Name: visitor-id
Value: 3615120287831478000V10
.doubleclick.net/ Name: APC
Value: AfxxVi776rC6jN1-yIw9_5f0s3318NlxLIKuYRoW8_9rFyIFdxiSnQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.media.net/ Name: data-g
Value: CAESEPXC-2WkVebgivSBR--1nMs~~10
.doubleclick.net/ Name: ar_debug
Value: 1
.adnxs.com/ Name: icu
Value: ChgI5YA9EAoYAyADKAMw3ca5swY4A0ADSAMQ3ca5swYYAg..
.csync.loopme.me/ Name: viewer_token
Value: e9b39547-9701-4dc2-ae55-88736504d440
.media.net/ Name: data-lop
Value: e9b39547-9701-4dc2-ae55-88736504d440~~1
www.thecrimsonmarket.com/ Name: _RCF_srv
Value: 3
.adsrvr.org/ Name: TDID
Value: 1ebee955-d472-43e8-911a-b628e46e578a
www.thecrimsonmarket.com/ Name: na-unifiedid
Value: %7B%22TDID%22%3A%221ebee955-d472-43e8-911a-b628e46e578a%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-06-16T04%3A00%3A30%22%7D
www.thecrimsonmarket.com/ Name: na-unifiedid_cst
Value: TyylLI8srA%3D%3D
.criteo.com/ Name: uid
Value: 7d6f107b-fb18-4d4c-978d-a07c2a7fb877
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.thecrimsonmarket.com/ Name: cto_bundle
Value: k0nTnF9tRDQ2UXk4SlliSzFITGF4bEhXUTVsa0VqTU8lMkJGRG1sb3lMUXhCVzNNQ2FXaUMlMkJYa3AxZDBCbXZkeDNNU1ZZMUw4eFhiTGZYTnJXY1M3N0sweElpRHZxTnRvZDBJckZ6TUkzc0hmNHRCSEZsc3Y2SzNnVTRBUTdIaDJoWXNFa0hFVWlhMjhNY0Z5dnloeGxUZm1JemgyZG44TEtQRjBETGJLaE9DOCUyRlppJTJCTSUzRA
.bing.com/ Name: MUID
Value: 043EEAA0D9946D022AC8FE00D8A66CB6
.c.bing.com/ Name: MR
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zm5jYAAABOgrJwAD
.3lift.com/ Name: tluidp
Value: 1496282047737363440495
.linkedin.com/ Name: li_sugr
Value: 57ce9b57-5c06-41b3-9482-04810f29bf92
.linkedin.com/ Name: bcookie
Value: "v=2&a3b7312b-45fa-481f-8d95-97b9ae3a9bb7"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2889:u=1:x=1:i=1718510433:t=1718596833:v=2:sig=AQHVTgYlF6mS7ofO5lWsiEURIlSgKwJ1"
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI3KuR7tzwhj0QBRIWCgdzdng5dDUwEgsI4uvL8tzwhj0QBRgBIAEoAjILCLjizp_z8IY9EAU4AVoHc3Z4OXQ1MGAC
.yahoo.com/ Name: A3
Value: d=AQABBGFjbmYCEPQitU3Yf8-vBniaH2SgkPcFEgEBAQG0b2Z4ZgAAAAAA_eMAAA&S=AQAAAuLfM_nMty_V_TCC3Q9ywvs
.zemanta.com/ Name: zuid
Value: 3Cf_Za85-MjP4CHkMwPY
.bidr.io/ Name: bito
Value: AAJIkE7M3McAABO6SVWBXg
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidswitch.net/ Name: tuuid
Value: 3cabff42-08c6-444a-a7d3-8d28352c3aa8
.bidswitch.net/ Name: c
Value: 1718510433
.bidswitch.net/ Name: tuuid_lu
Value: 1718510433
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e3b803f7-db9f-5059-746b-5d13771aa0b0.l677NIEA9FZ0zW1rUUxQiopDs6vPVBtIU06ja99NKNk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e3b803f7-db9f-5059-746b-5d13771aa0b0.l677NIEA9FZ0zW1rUUxQiopDs6vPVBtIU06ja99NKNk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A47gD99ufUFl0a10TdxqgsHl_L0o.%2FoW%2B6V3jCLzKRmKh9hGbhkBzYZCGzBc6vmwmjHBDn%2B0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A47gD99ufUFl0a10TdxqgsHl_L0o.%2FoW%2B6V3jCLzKRmKh9hGbhkBzYZCGzBc6vmwmjHBDn%2B0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIP86JvEonypmoVp66X7quCrEYEzQgNsWQJAxHLlp19G4EGcYBCDhxrmzBjABOgTwTC9rQgRH7RAu.EH8NEwouljDm0FbfY6Njw2dbBjIN3zP1CXC2PkL2RYo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIP86JvEonypmoVp66X7quCrEYEzQgNsWQJAxHLlp19G4EGcYBCDhxrmzBjABOgTwTC9rQgRH7RAu.EH8NEwouljDm0FbfY6Njw2dbBjIN3zP1CXC2PkL2RYo
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAJIkE7M3McAABO6SVWBXg
.pubmatic.com/ Name: PugT
Value: 1718510434
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7529676865895381807
.contextweb.com/ Name: V
Value: rq4dx7l8sO76
.contextweb.com/ Name: VP
Value: part_rq4dx7l8sO76
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ryn|7dN.0.AAJIkE7M3McAABO6SVWBXg
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1ryn|7dN.0.AAJIkE7M3McAABO6SVWBXg
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0f75cda5319b72df

5 Console Messages

Source Level URL
Text
security warning URL: https://s.nitropay.com/ads-1811.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://s.nitropay.com/ads-1811.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://s.nitropay.com/ads-1811.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://s.nitropay.com/ads-1811.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://s.nitropay.com/ads-1811.js(Line 1)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.nitropay.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
alb.reddit.com
apac-jp-sync.bidswitch.net
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.bing.com
cat.sg1.as.criteo.com
cdn.adnxs.com
cdnflow.co
cm.g.doubleclick.net
consent.nitrocnct.com
contextual.media.net
ct.pinterest.com
eb2.3lift.com
fonts.googleapis.com
googleads.g.doubleclick.net
grid-mercury.criteo.com
gum.criteo.com
gw.geoedge.be
hblg.media.net
ib.3lift.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
js.reactflow.com
lg3.media.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
media.grid.bidswitch.net
nitropay-1811.b-cdn.net
pagead2.googlesyndication.com
pixel-config.reddit.com
px.moatads.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rumcdn.geoedge.be
s.nitropay.com
s.pinimg.com
s0.2mdn.net
securepubads.g.doubleclick.net
sin3-ib.adnxs.com
static.criteo.net
sync-tm.everesttech.net
tlx.3lift.com
tpc.googlesyndication.com
tracker.nitropay.com
v.nitropay.com
warp.media.net
wrappers.geoedge.be
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
www.thecrimsonmarket.com
z.moatads.com
apac-jp-sync.bidswitch.net
cat.sg1.as.criteo.com
cdn.adnxs.com
contextual.media.net
grid-mercury.criteo.com
ib.3lift.com
media.grid.bidswitch.net
pagead2.googlesyndication.com
qsearch-a.akamaihd.net
sin3-ib.adnxs.com
warp.media.net
103.43.90.21
104.116.108.27
104.18.2.78
104.21.33.230
104.21.85.158
104.21.95.85
104.22.74.216
104.99.188.232
108.158.28.111
13.107.21.237
13.35.147.23
130.211.23.194
142.250.204.10
142.250.204.2
142.250.204.4
142.250.204.6
142.250.66.194
142.250.67.10
142.250.71.72
142.251.221.66
151.101.129.140
151.101.193.108
151.101.193.140
151.101.194.49
172.217.167.66
172.217.167.97
172.217.24.35
172.217.24.38
172.67.69.19
18.67.93.59
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.140
182.161.73.145
184.24.241.42
203.219.49.92
216.239.36.178
23.106.127.57
23.198.57.183
23.48.96.201
23.52.225.82
35.213.12.39
35.213.34.3
35.244.144.25
35.75.93.50
52.223.2.229
52.223.40.198
52.77.194.87
54.169.108.244
54.169.90.152
67.199.150.86
70.42.32.63
74.214.196.131
79.127.213.215
84.17.38.229
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
00c2b3d80468548156fa4c08c3f7f6e4da7bf3673827401dd1ad34a0d15f076c
0153d24fbc4bfbee1d31f3202ed505060c969318325bed83bc5dc6032a07c74e
01a7f0ca9263919b4423d10d7d2e4bec33f782c30710658aa21e13fa550df77a
021f42e31931635372fcbd87e46f8e1d047bfde43fcd0286a9a7c9d77c1ff43c
036bdc0553a647c807c73a07d98eacbd0d0df44fcffaca637b0eeb3cbb15d6a3
037beb1008f9628e1b5e943f76682fd8928795c80c962d9fccd914332baf92da
042c6eaed05ef615fe26558aa6f1b07938fb8533814a42bda1204793a9ef824c
047140fb02f7bc600a7782db76fd3237a70f219cbe86a0ab048b245e681400e0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053dda2653e213fcce4e6e4a7eb04cff161b4f4c1e33797d1538c1d29765ad01
0925deab3dc0ca10e7df8e8664eeefaabf037f246e17f3a4cc57dbd2918eaa18
0b1cd660a363f186fcd6856933347c394161d01c9243db1658bd0a036d0facea
0c1a39344f9c8e4b238efdc60cf17b08fc0361270b7e912820c06df2b0e84fbc
0de532c40d5fc64075e5b5a96f1905526d4718be8739b59ab970ee87497439bb
1109c745650a162bef4ed1b67aad881a0f37a84a4fae4e91c2e62663f2c3cf1e
11add018efa5f27eca5caa32d0a22907da7a33a25d58f38c4893bb2506644849
1463e5ac0404428174bdd3116a6b322e48af51aa79d816ef4cfe488864ec4403
15e48d5cd93d2405f17719b6f3590806f4d0308289d6576dd7b453602c1b2f72
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
163943dbf9d5b57cb3a57b9a747f6841ce4273111ca22fe528ffffa24173dd28
180940cd7768738b5c59e8ac76443f16a2decef3411d0cc03b4f57443bc763d0
1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b
1dc3f4d4fb442bc98f8bd2e26a7001ad028c366c2e97df31881c943c5dd037d3
1ec78a5c65c2bfaa77df9911792234c6760d5926bda0abd59171aa2a70d19d23
2065fee715d2f8a1ac3e94dfe5da328451953dcacba5670cfe6c6c4714601176
21a13e05a1c873dde48dad48c5a74bce851fca80ab59760d8d978e33e727482c
22ef4d1c10ffa6b9c6e743a2b6b8872bc25ba4680f139a02b36a828bef31320e
238c1e87fe1457993631e65ec169c96dec6b39537affa4e9210f6d61b7e8e4c3
24f2707149722fcf958374790742e44ab26e34cb1378915896861e6e82268fdf
2521b7736ac863d6b831ff57eb1be48cafd15da2faa5170b10883e78539e7679
25fdb77ddd3fb1c8e786c6c4e5e963002927c47eff175d4d894e325ba4a7a98b
2686e83183023ffeccf3d21f9644d53598d0b66985a3a7aae5f3c4a1c6be5404
27074e6240ca22f6d5a7cc51ee8cd8a0f091080ca80e6a1bea1c624e1cb40341
2860e9e51b3dd9456e354d006a534b3ec13b07d7d8c3160daab9e10160ecf7b2
28755d6e545969916283b96704f3fba05a662a17a60c7fd8f62fe4532751abc2
2b0a415702381d8b24dc82939760f74c25c83fb6d97ac9b11eb4579e21a70f49
2c42391fc43043ff71e168a5b881e9ed95bd1e18480f8d2dc5dc77e9624f7797
2ccefa227ada56a6ac6c4fb15c47a9fbe4b364627545d7d0d422a519ac2f318f
2e461e54ffe0eb70b242f70620c79208f815e699ed084b05d19da75cc8a8e0ec
302df49b3ba62fbee350256f737bec51b87c8d842cdf1c270454c5575f55cff2
33361bf68bdc76d93661566ef309ec2a3fa2515cbde9de1f0799343474e1aa9a
34cb28b0c7583eaf42354107997d426160a26d3f104b8d64913400c2c6120443
35f4108ae4ee8a216ba179119f2d4dc2b020947c23a5455cf90472f2f40432f5
3b245fca42441ad2b43c2e325b90bfaa4a4a84613e8c2fe1c5f00d9f2490de31
3bebda84da6a1f5306c79259272371a24330b839b2b7b6ab3c379fbc40999bdf
3f62a4acbbff9aa8522dee2631be35333fdfc666f683019923e780ce677be7b6
3f9f9212c6bbd506410cb92770ad143252d7abd89e0279c9f0fede798067ac0c
40d3b92dbd5126865b3dd9785f1aaae90802e339d82630d6690a632b0426849a
4144937e0db08cfe72f574dda72b1f5f08a1a70614a8faa4e8d8fac6eac1ffd2
414c60230883685b1c5a78f74bdb00ea47746c1e25ef83b1f23cf2ab1ac0efde
422a6e28e1ed8886f2ea4d00b9370628b49f8086f11df2844c4c51fa73f877fb
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
489a77133121b7d53adb598dd759ee889216cf7e7686175f4af32f1cc2617d6e
48c158b827dc6044ede0f360dde20e0e7d8d66e423b82077a40301c735d264b8
4a605a5951e2ba7a2595c95b0142a5d82451bc9983e4757a0701edbaf5e193d7
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
4dace3ab75fc5ad74ac87c729bf4024f9d568af6cd64029af30b5ed24ed43181
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e21b231fdbddba6e009962fff58f3eeef012780cb46dfbb8c6bcb79c07b91ce
50586926823b02b3e05416b93cd306650cb0696135058243b75c7f5c088a962c
529c9a3cef4cb80e1bd79b988af8dd2a70447cfa1c3ca249f24a0153336b101c
53eea8efba5fffb5b28789c49a576d03ffee0c9044d63206116add39f4f3f772
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bbcb24307b2779cb1a3a1384ab390ce45c96ec0c72e5a946122c91e8a6029b
5535819d911d4a54c61acab16a21249bb73d723a98f85e35fd289dde19933732
5a8e73748298fa7d76819c7e8558381dd431235d7a9883e7edfd71757b9e1acf
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6606f268d563a049ee659e7fac9da1bce37a3c5b7708f3c5c49a1aab53a65a4d
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6a9d493cf2081ae12ea814e3855432ac7d89077694f20b967f5adf00efe75599
6b50d9d3816c552289b67ed01ecec7e3e6a8f0b4ec5c8b2ec2f2278dde2cbf32
6cfed6e992bdc6a4037d8324770e3a8674787a569863f8a912f5916034fa64f7
6d7ae92e2bdba10b49026749d82a321f38cb50050c805cfcbde19d8c6cd246b9
6d7e9298120173710d3bae481bdae2ea4370127b862beb0d29fa7337b6b9f0da
705003288db9dec5540dea9e0e3eeba355b146a221f931a231c3bf81cfd7fc67
70eadc784f58537235a4fde6c87f808a31fd88b9f1ddb60a62e8b98ef781247b
738ca115f4b76e5d1cf31d733ae0b59899b9f2165cc37ab0361dbd0c9936ad88
74df1f61ab9d4bfaa961c65f8dc991deaae2885b0a6a6d6a60ed23980b3c8554
76b14af3fe9d8415bb8776a973f5a8bd39a9cf9641d4a84a5527efe3978c5fed
782c5073eee829adcd1e2453cdd1bdf9f6d4725501083df9fb61e85de22b5f6c
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c9fe8effa148a1d86538e737b52f1e2fd161047c88d4478b34ad8e680dda9a5
7fec385668dd8696487a02bb35060f6bea3b91dca953bf942b95ad6e4bd73a5d
804ea7e9198461836f3d812cfbeeef039452fffb9c86698a61ab7d0e3a0b3cd5
80a9a0d166a1b2ec17f36da2143b1869710e824ea941a477bd27467a3adad91b
83050dcbb586aef632ab267b90d3a108fe6f7cb8c7ec80c010603b8b58025807
830ea186acffc2316ed1a4e42319246ba3b46b04e33a211079249bf901193f04
86f4170e90691bed21c6604aa03697ff971b611903493bdd64bf69483a893ac4
88aabec3c66357d8caddd5a509b5965f0d263f821b9599e06b5281caf01134e8
898918979ff070d1239cb13fe04eb6b9b0fbac8277747f432211becfb8dfe1e9
8a285b113e5f1088e2a85ad0c9a03b5d19d75363646e02f619765237479a91d4
8d665d55cbf98b91edfa41f6bb5f3c97fe813c8cb4690522e2610cd78da67700
8ec76bf4afb8ee58d02ff0af0dda483086783f2d01f598a8c7bc2d6d0a72ee16
8f9c9ae4698834e30d851ea09d14e8cddfd289a259c1c79ae867a877ee4929f2
8fec3ec1b5ea90dee8c3809306382240e58b1afa5f0611f977996d5c8385a0aa
947b6bd77594f47bcd4a65793e8280bf06a66b4514b9e68f1cc980ad27114860
94bbdd60a9ec068a592dd11ec19b0047944308f0e6e18be6f6e8053a1a31b4ff
97e84bad8a19bdfef26c1704f22c2cc906bce3009883a39f12a6022166b66896
98245f3e2039775e0d9478c4123b400f352a44468dd0fd622e64ad7414b2d157
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ab8e43b95ef9399481e1528792ff1ba46a92a27dafd99ce5f1a69a9126c4b8c
9c9d840716e16b66a4c5093761d294516b3b47afe45a35b874f12f8b1ac1ab34
9e0c5ec84e79402598545fda8cfa40ef02fbcddd1007b7d42464937cda4e7197
a26b3dff7b6d094d1534a88dc29803a1c5142319efa8ddb1739a2717497b05e1
a39667a85f1719116d20a6acea7e04ac24600796fa11a01bcae7753794ab008f
a5237814371752b1ceab28731b4075bb8eb23c1114db783ce2f7d8f54096acc4
ab7ac40b89dff77bfab4c230ad3489f22a53499fe99af6512a54d05b5297890a
affe3a3f7d44f161697e718e6efd33a7c1c2bd85d0e324e664d8fdab7690d774
b36228382e469ae3277594d4d8a341852635c0552ded5ddea78d1e6291ec37e2
b45da5817bb39f71840f12c0f08b72695683aa93be7b3a32a4d0fa3e0ed8c5a5
b49c4aed4e03f2db9c210ba26cc1075cb2c15cb05c7d82c2d5c297e34e171803
b6bf04e75b269ebc363813b90ad77f38c8cd582b343e49cb59a332247a4e7d89
b7e1f0b6cb6c8752fc70e6587a8f3954a1dca3f2aa9d129fdf44efec9f1e36ff
b90d3810a0d0e14f760929ae60dbe39852ef7364758ff3211886fa080a574f19
b9d6b6af662c323ddcb879fc4b91dbfe4934946cda806cf3c009bcd54c1a5f38
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c11dea039e8ef0fdc2cdafb52e8692f34eb06e3e4c3933a010cfcdbff5b2b281
c38cb75227a169610ad48a6bb19944e32487084052200b15a84b3d89979c6815
c827cbf4718d33fd04f915d087087c801913f391d36d6a670217b3cf95fe9730
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb2766a17f0c07186dd637183fed48cdb5a5d27195f04a0de319401c880dc7b5
cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0361702f45e199305d60bc01985c4c5b6dbe83e218704d7d37eba20fb5d1bf8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d20ae7cdb7e13aaf3e39660b2c791b59b339f030729bbd40a847bdf4c2b82308
d24a2fcbdf63415201962f0b02fe4c015c2e57f540792e24aa90bc8ff64e26d8
d2df3a3f75fc9bbfc59b8dd7fdde7d5b69dc98f34f88aeacc86281eb9234e82e
d445cee0d5b64938a0f11e36a6316d3c97ebb5accda3d7a891e3292b71d27d26
d47fae77aa4b06cf995680648507781af3a1fad8f65d28d69f019d690bb49c7f
d8b3c4314237df1c0c5b38474988a046954f4cd8bc5dffe46229aa3884867b0a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9bdcc6b7cfde9ec82e06a0d434a3817d7cc0feb961b877029b9c0d462f38705
da563995c8336482dcbb5111f35e29613d82abeb5f6b6cdf1b553077d644f3de
dbf7bdb9d604041bd2a337a6ac69a62a1ff31e476109c51e7d9657c614cf7e6e
dcaa629a9bbc5ce853201071e76543229fd0cddc35f2e6285b06a7d2c3de53d6
dcc596d440303c91ef4128328426dd079035dad745cff93dbe8facc9607b705f
ddad39040dc3ea00ec46362448c4d90531652b1690121c025b6fab65498eb289
dfa7ac0e9241a3b1a4502e16d17f2cf9aa2fc4b7f65ee3deb5017d0c5ed9d373
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9632017fc5e1d005631debbcc1b45afcd01834266a49cf8f22bce3140555249
ec367a1d38fca507c3b765c1bbb5e97250262ba06e6eeb6af148d0246b4b83d3
eddcbe865b543458cd3a5ac99a94a17231d390f5e215064843b0c4d0d2f99c95
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef850418688a622c6bbbc03f318da336009f7d1bac07f40de58cd05771565122
f01d492271dc04d25e58ac07b66f5454a8f4bdb0307a3c9e58edb20d94e7b6a7
f11a05f1c758bc8989e6b071d90f09bf791793e66c0b44ddce37dfe39f7709c0
f25ceeeabb0f3e740668ba1678ca80c2a538b5f94d1d8efb464571648bd604bc
f27e071bd6694aa4ed7d0cea0325401f82e7ca0784882035d099d44d24e40611
f4d9dedffa6ec9dd7ec66eef0915017183e812e17b39f30e2407c8da747de77b
f52685be7afbd81a08db8cd82c7920337409819e41a9e5c986a11dc6b2aa05a2
f555a86c9c69cdf8f3329d839245450714b443cf2bd0c7317beea3b9f0a6e851
f79c1fb227f26d8207d696ff4d37c6c970a45fc29e02beb44914b773c4b5d473
f888ab50a0f92d264932da2d1a51342e202cd061d8aa8ac1119371c42eab487c
f92f1b7bd33c739ba84407f4a6bdb668d3f53f636da348a8d2aaa32e15eb61a9
fe957c7a4e8627f3c2a6b4b4dd1f289add2e4800e8a9408acc3fbdac96fc6cd1