phpstack-952332-3837345.cloudwaysapps.com Open in urlscan Pro
139.59.255.147 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://phpstack-952332-3837345.cloudwaysapps.com/
Submission: On January 09 via api (January 9th 2024, 6:31:14 pm UTC) from US — Scanned from US

Summary HTTP 165 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 52 IPs in 5 countries across 54 domains to perform 165 HTTP transactions. The main IP is 139.59.255.147, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is phpstack-952332-3837345.cloudwaysapps.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 27th 2023. Valid for: a year.

This is the only time phpstack-952332-3837345.cloudwaysapps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	139.59.255.147 139.59.255.147	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	104.18.10.248 104.18.10.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.17.2.184 104.17.2.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
3	13.35.102.145 13.35.102.145	16509 (AMAZON-02) (AMAZON-02)
3	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
6 16	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	18.173.132.67 18.173.132.67	16509 (AMAZON-02) (AMAZON-02)
3	142.251.40.131 142.251.40.131	15169 (GOOGLE) (GOOGLE)
4	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
3	141.95.33.120 141.95.33.120	16276 (OVH) (OVH)
4 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	23.4.232.54 23.4.232.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.107.227 18.164.107.227	16509 (AMAZON-02) (AMAZON-02)
2	104.26.8.169 104.26.8.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 18	51.222.239.232 51.222.239.232	16276 (OVH) (OVH)
1	172.64.153.78 172.64.153.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
6	147.28.146.89 147.28.146.89	54825 (PACKET) (PACKET)
1 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	74.119.119.129 74.119.119.129	19750 (AS-CRITEO) (AS-CRITEO)
1	135.148.2.48 135.148.2.48	16276 (OVH) (OVH)
1 2	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
4	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
1	142.251.40.196 142.251.40.196	15169 (GOOGLE) (GOOGLE)
2	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1 5	35.244.159.8 35.244.159.8	() ()
1 2	52.6.62.160 52.6.62.160	() ()
2 5	23.83.76.57 23.83.76.57	() ()
1 1	52.85.61.37 52.85.61.37	() ()
4 4	69.194.240.13 69.194.240.13	() ()
1 1	50.116.194.21 50.116.194.21	() ()
1 3	67.220.228.202 67.220.228.202	() ()
1 1	74.121.140.211 74.121.140.211	() ()
1 1	213.19.162.80 213.19.162.80	() ()
3 5	68.67.160.186 68.67.160.186	() ()
1 1	63.251.28.134 63.251.28.134	() ()
9 15	8.43.72.97 8.43.72.97	() ()
1 1	80.77.87.163 80.77.87.163	() ()
1 1	82.145.213.8 82.145.213.8	() ()
1 1	23.105.12.143 23.105.12.143	() ()
2 6	52.46.143.56 52.46.143.56	() ()
6 6	8.28.7.82 8.28.7.82	() ()
3 3	8.28.7.83 8.28.7.83	() ()
1 1	198.148.27.131 198.148.27.131	() ()
2 2	8.18.45.76 8.18.45.76	() ()
5 6	3.225.218.10 3.225.218.10	() ()
5 5	35.211.178.172 35.211.178.172	() ()
1 1	199.38.167.130 199.38.167.130	() ()
2	104.19.158.19 104.19.158.19	() ()
2 2	151.101.2.49 151.101.2.49	() ()
1 2	44.194.162.111 44.194.162.111	() ()
3 4	131.153.242.59 131.153.242.59	() ()
1 1	23.32.172.185 23.32.172.185	() ()
2	23.56.163.106 23.56.163.106	() ()
3 3	34.111.113.62 34.111.113.62	() ()
5	147.75.198.144 147.75.198.144	() ()
1	37.157.2.228 37.157.2.228	() ()
1 1	34.150.170.96 34.150.170.96	() ()
1 1	162.248.18.34 162.248.18.34	() ()
2 2	104.18.36.155 104.18.36.155	() ()
1 3	63.251.86.50 63.251.86.50	() ()
1	8.28.7.105 8.28.7.105	() ()
1	138.199.41.120 138.199.41.120	() ()
5 6	69.173.151.100 69.173.151.100	() ()
1	13.107.42.14 13.107.42.14	() ()
2 2	52.73.63.104 52.73.63.104	() ()
1 1	108.139.47.34 108.139.47.34	() ()
1 2	18.173.219.124 18.173.219.124	() ()
1 1	54.157.90.217 54.157.90.217	() ()
1	104.117.182.185 104.117.182.185	() ()
165	52

39 139.59.255.147 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 952332.cloudwaysapps.com

phpstack-952332-3837345.cloudwaysapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.10.248 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adengine.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnx.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
argus-fra1.snigelweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.2.184 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.102.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-102-145.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.65.194 (Plainview, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-67.jfk52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.4.232.54 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-232-54.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 51.222.239.232 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.78 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.148.2.48 (United States)

ASN16276 (OVH, FR)
PTR: ip48.ip-135-148-2.us

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.81.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.196 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (None, ) 1 redirects

ASN- ()

snigel-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.62.160 (None, ) 1 redirects

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.83.76.57 (None, ) 2 redirects

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.37 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.194.240.13 (None, ) 4 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.194.21 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.202 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (None, ) 1 redirects

ASN- ()

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.186 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.134 (None, ) 1 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 8.43.72.97 (None, ) 9 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (None, ) 1 redirects

ASN- ()

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.143 (None, ) 1 redirects

ASN- ()

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.143.56 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.28.7.82 (None, ) 6 redirects

ASN- ()

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.83 (None, ) 3 redirects

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.18.45.76 (None, ) 2 redirects

ASN- ()

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.225.218.10 (None, ) 5 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.211.178.172 (None, ) 5 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (None, ) 1 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.158.19 (None, )

ASN- ()

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.162.111 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 131.153.242.59 (None, ) 3 redirects

ASN- ()

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.172.185 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.163.106 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (None, ) 3 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.198.144 (None, )

ASN- ()

sync.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.228 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.34 (None, ) 1 redirects

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN- ()

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.50 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.105 (None, )

ASN- ()

ow.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.41.120 (None, )

ASN- ()

id.rtb.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.151.100 (None, ) 5 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.63.104 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.34 (None, ) 1 redirects

ASN- ()

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.219.124 (None, ) 1 redirects

ASN- ()

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.90.217 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.185 (None, )

ASN- ()

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	cloudwaysapps.com phpstack-952332-3837345.cloudwaysapps.com	374 KB
25	rubiconproject.com 16 redirects pixel-eu.rubiconproject.com pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	30 KB
18	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1105	8 KB
15	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net	173 KB
14	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1119 assets.a-mo.net c3.a-mo.net sync.a-mo.net	11 KB
14	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464 aax-eu.amazon-adsystem.com s.amazon-adsystem.com	83 KB
11	pubmatic.com 10 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com ow.pubmatic.com	4 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	92 KB
8	yahoo.com 6 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
7	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 2047 rtb-csync.smartadserver.com ssbsync-global.smartadserver.com	4 KB
7	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1007 snigel-d.openx.net us-u.openx.net	2 KB
7	snigelweb.com cdn.snigelweb.com — Cisco Umbrella Rank: 21890 adengine.snigelweb.com — Cisco Umbrella Rank: 33729 cdnx.snigelweb.com — Cisco Umbrella Rank: 59574 argus-fra1.snigelweb.com — Cisco Umbrella Rank: 24784	259 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	2 KB
5	criteo.com gum.criteo.com — Cisco Umbrella Rank: 597 bidder.criteo.com — Cisco Umbrella Rank: 878	8 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 658 cdn.id5-sync.com — Cisco Umbrella Rank: 1218	31 KB
3	lijit.com 1 redirects ap.lijit.com ce.lijit.com	1 KB
3	tapad.com 3 redirects pixel.tapad.com	1 KB
3	a-mx.com 2 redirects id.a-mx.com	2 KB
3	1rx.io 3 redirects sync.1rx.io	2 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2287 mp.4dex.io — Cisco Umbrella Rank: 3130	25 KB
3	33across.com 1 redirects cdn-ima.33across.com — Cisco Umbrella Rank: 1919 lexicon.33across.com — Cisco Umbrella Rank: 2501	5 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	intentiq.com 1 redirects sync.intentiq.com sync1.intentiq.com	2 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	618 B
2	dotomi.com 2 redirects prebid-match.dotomi.com	672 B
2	sharethrough.com 1 redirects match.sharethrough.com	532 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	63 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338	601 B
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 4701	12 KB
1	yahoo.net hb.yahoo.net	651 B
1	ipredictive.com 1 redirects sync.ipredictive.com	516 B
1	primis.tech 1 redirects live.primis.tech	557 B
1	linkedin.com px.ads.linkedin.com	516 B
1	rtb.mx id.rtb.mx	477 B
1	simpli.fi 1 redirects um.simpli.fi	657 B
1	adform.net cm.adform.net	106 B
1	rfihub.com 1 redirects p.rfihub.com	759 B
1	contextweb.com 1 redirects bh.contextweb.com	858 B
1	opera.com 1 redirects t.adx.opera.com	537 B
1	admanmedia.com 1 redirects cs.admanmedia.com	597 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	513 B
1	mathtag.com 1 redirects sync.mathtag.com	672 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	492 B
1	turn.com 1 redirects ad.turn.com	434 B
1	smaato.net 1 redirects s.ad.smaato.net	458 B
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3973	653 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
0	rlcdn.com Failed api.rlcdn.com Failed
165	54

	Domain	Requested by
39	phpstack-952332-3837345.cloudwaysapps.com	phpstack-952332-3837345.cloudwaysapps.com
18	onetag-sys.com	2 redirects cdn.snigelweb.com onetag-sys.com
15	pixel.rubiconproject.com	9 redirects onetag-sys.com
11	cm.g.doubleclick.net	6 redirects onetag-sys.com snigel-d.openx.net
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	ups.analytics.yahoo.com	5 redirects assets.a-mo.net
6	image8.pubmatic.com	6 redirects
6	s.amazon-adsystem.com	2 redirects onetag-sys.com snigel-d.openx.net
6	prebid.a-mo.net	cdn.snigelweb.com assets.a-mo.net
5	sync.a-mo.net
5	x.bidswitch.net	5 redirects
5	ib.adnxs.com	3 redirects
5	rtb-csync.smartadserver.com	2 redirects
5	match.adsrvr.org	4 redirects cdn.snigelweb.com
5	pagead2.googlesyndication.com	cdn.snigelweb.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	gum.criteo.com	cdn.snigelweb.com static.criteo.net gum.criteo.com
4	cdn.snigelweb.com	phpstack-952332-3837345.cloudwaysapps.com cdn.snigelweb.com
3	pixel.tapad.com	3 redirects
3	id.a-mx.com	2 redirects
3	us-u.openx.net	snigel-d.openx.net
3	image2.pubmatic.com	3 redirects
3	aax-eu.amazon-adsystem.com	1 redirects
3	sync.1rx.io	3 redirects
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	id5-sync.com	cdn.snigelweb.com cdn.id5-sync.com
3	fonts.gstatic.com	fonts.googleapis.com
3	securepubads.g.doubleclick.net	cdn.snigelweb.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	cdn.snigelweb.com c.amazon-adsystem.com
2	ce.lijit.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	ssum.casalemedia.com	2 redirects
2	eus.rubiconproject.com	assets.a-mo.net eus.rubiconproject.com
2	pr-bh.ybp.yahoo.com	1 redirects snigel-d.openx.net
2	sync-tm.everesttech.net	2 redirects
2	assets.a-mo.net	prebid.a-mo.net assets.a-mo.net
2	prebid-match.dotomi.com	2 redirects
2	match.sharethrough.com	1 redirects
2	snigel-d.openx.net	1 redirects cdn.snigelweb.com
2	static.criteo.net	cdn.snigelweb.com static.criteo.net
2	lb.eu-1-id5-sync.com	cdn.snigelweb.com cdn.id5-sync.com
2	lexicon.33across.com	1 redirects
2	rtb.openx.net	1 redirects cdn.snigelweb.com
2	script.4dex.io	cdn.snigelweb.com script.4dex.io
2	challenges.cloudflare.com	1 redirects phpstack-952332-3837345.cloudwaysapps.com
1	hb.yahoo.net
1	sync.ipredictive.com	1 redirects
1	sync1.intentiq.com
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	px.ads.linkedin.com
1	id.rtb.mx	assets.a-mo.net
1	ow.pubmatic.com
1	ap.lijit.com
1	image4.pubmatic.com	1 redirects
1	um.simpli.fi	1 redirects
1	cm.adform.net
1	secure-assets.rubiconproject.com	1 redirects
1	c3.a-mo.net	1 redirects
1	p.rfihub.com	1 redirects
1	bh.contextweb.com	1 redirects
1	ssbsync-global.smartadserver.com	1 redirects
1	t.adx.opera.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	argus-fra1.snigelweb.com	cdn.snigelweb.com
1	www.google.com	tpc.googlesyndication.com
1	8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	prg.smartadserver.com	cdn.snigelweb.com
1	bidder.criteo.com	cdn.snigelweb.com
1	hb-api.omnitagjs.com	cdn.snigelweb.com
1	mp.4dex.io	cdn.snigelweb.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.id5-sync.com	phpstack-952332-3837345.cloudwaysapps.com
1	cdn-ima.33across.com	phpstack-952332-3837345.cloudwaysapps.com
1	secure.cdn.fastclick.net	phpstack-952332-3837345.cloudwaysapps.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdnx.snigelweb.com	cdn.snigelweb.com
1	adengine.snigelweb.com	cdn.snigelweb.com
1	fonts.googleapis.com	phpstack-952332-3837345.cloudwaysapps.com
0	api.rlcdn.com Failed	cdn.snigelweb.com
165	86

This site contains links to these domains. Also see Links.

Domain
www.editpad.org
www.parafraseartextos.net
play.google.com
apps.apple.com
www.facebook.com
twitter.com
www.snigel.com

Subject Issuer	Validity	Valid
*.cloudwaysapps.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-05-27`	a year	crt.sh
snigelweb.com GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://phpstack-952332-3837345.cloudwaysapps.com/
Frame ID: 4FB720010AC85E42C3C0F73488EE4864
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html
Frame ID: 4C144BCD35864B55F737903B9D46EFDD
Requests: 1 HTTP requests in this frame

Frame: https://8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 09E1FDC7E7E1B30272F8D9CE9EAA3243
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8956F5E67AF0288CE8C4B32F9A2FE9D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBFD606197239CDF15C411B95B30DA1C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=phpstack-952332-3837345.cloudwaysapps.com&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 9DC40A7732B8BD944647AA4E03C358BC
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---
Frame ID: C8C578BF3CB853A32C1952A4443A3F52
Requests: 18 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Frame ID: 92B2A6B973531BB84D9EA48137F247A2
Requests: 19 HTTP requests in this frame

Frame: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D3591436B5B452BB5C0570AAED9AE03A
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 1ED1073C3ECFCCF464D0E4FEC6099C28
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parafrasear Textos - Parafraseo Online Gratis

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

165
Requests

67 %
HTTPS

0 %
IPv6

54
Domains

86
Subdomains

52
IPs

5
Countries

1237 kB
Transfer

3226 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.editpad.org/tool/es/paraphrasing-tool
Title: parafrasear

Search URL Search Domain Scan URL

URL: https://www.parafraseartextos.net/
Title: Parafrasear Textos

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.enzipe.parafrasear.textos

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/parafrasear-textos/id1666461786

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Parafraseartextos.net

Search URL Search Domain Scan URL

URL: https://twitter.com/parafrasear_t

Search URL Search Domain Scan URL

URL: https://www.snigel.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js

Request Chain 74

https://lexicon.33across.com/v1/envelope?pid=0014000001PCseWAAT&src=aps&ver=1.3.0&us_privacy=1--- HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0014000001PCseWAAT&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=9GKv7312oNfBsRt3k26v3xUz0cU0DY%2FJnPdHGhgV4ao%3D

Request Chain 97

https://snigel-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 98

https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=2a42bb72-e822-453e-9380-26934f3e98ae&gdpr=0

Request Chain 99

https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=a095598227

Request Chain 100

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAzNTIzNjE1NDQwNzg3NjUyOA==&gdpr=0&gdpr_consent=

Request Chain 101

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1704825069406 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=4413875188 HTTP 302
https://sync.1rx.io/usersync/turn/4551818357408997467?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b5c2db15-2506-4149-88dd-94429ac9d322-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-b5c2db15-2506-4149-88dd-94429ac9d322-005 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-b5c2db15-2506-4149-88dd-94429ac9d322-005

Request Chain 102

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4035236154407876528&gdpr=0&gdpr_consent=

Request Chain 103

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=b0c7659d-90ed-4600-b89d-552c1939553f&gdpr=0&gdpr_consent=

Request Chain 104

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LR6OTUPE-1D-K7YX&gdpr=0

Request Chain 105

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9091807011818095870

Request Chain 106

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=851de993e37949be9df59cc1b9ea6&gdpr_consent=&gdpr=0

Request Chain 108

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---&coppa= HTTP 302
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b61ec92b-5f54-4ec7-a6e9-a33d2aac5346

Request Chain 109

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUff49863731cb40ecb4fd7744d2c2a2dd

Request Chain 110

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjO9-Hz3bjnGkMGzJ0zr7ERBpqLUR5zIdjg

Request Chain 111

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=4035236154407876528

Request Chain 112

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9MVZ2sX1UmKCy7Pq_b2Tnf1_IRd0uqgqjO5173XY4sY

Request Chain 113

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE2NDZDQUEtNDMwNC00MTI3LTlFMUYtMzY2MzlENjYwRTVE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EA646CAA-4304-4127-9E1F-36639D660E5D

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKaOj4C6KbXcZWiGpQhzza4&google_cver=1

Request Chain 115

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=UGYXqBp4nF5c&ev=1&us_privacy=1---&pid=562985

Request Chain 116

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=ea40e2c67080793&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACsOW-O48YiQM-6X6hAAAAAAA&expiration=1704911469

Request Chain 117

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A

Request Chain 118

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=

Request Chain 119

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050728407673414&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 121

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZ2Q7QANR1fS8QBU HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ2Q7QANR1fS8QBU&_test=ZZ2Q7QANR1fS8QBU

Request Chain 123

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1dcef28e-e116-8839-8308-c0e10dfe5be4 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1dcef28e-e116-8839-8308-c0e10dfe5be4&dcc=t

Request Chain 124

https://match.adsrvr.org/track/cmf/openx?oxid=45188ef3-fdbc-33c3-4306-427665cd9004&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&ttd_puid=45188ef3-fdbc-33c3-4306-427665cd9004&gdpr=0&gdpr_consent=

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lmq_trmRBZehsH6JgL6M&google_cver=1

Request Chain 129

https://id.a-mx.com/sync?tao=1&&do=phpstack-952332-3837345.cloudwaysapps.com HTTP 302
https://c3.a-mo.net/b?uid=ddba91d5-9a9b-4605-9cf9-b21e7f299178&sh=id.a-mx.com& HTTP 302
https://id.a-mx.com/set?oid=ddba91d5-9a9b-4605-9cf9-b21e7f299178&uid=c1167630-fff7-4855-af9b-fa3a786907e7&

Request Chain 130

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx

Request Chain 131

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c1167630-fff7-4855-af9b-fa3a786907e7&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadaptmx%26user_id%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadaptmx%26user_id%3D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=aff1232f-1bb8-4061-b8c8-ec56507f2b08%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%252526ssp%25253Dadaptmx%252526user_id%25253D%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&ttd_puid=aff1232f-1bb8-4061-b8c8-ec56507f2b08%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D437%2526ssp%253Dadaptmx%2526user_id%253D%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=437&ssp=adaptmx&user_id= HTTP 302
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 132

https://ups.analytics.yahoo.com/ups/58570/occ?uid=c1167630-fff7-4855-af9b-fa3a786907e7 HTTP 302
https://prebid.a-mo.net/setuid/yahoo?uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A

Request Chain 133

https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Damx_com%26uid%3D HTTP 302
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=amx_com&uid=c1167630-fff7-4855-af9b-fa3a786907e7

Request Chain 134

https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=openx&uid=7cc6013c-4423-002a-288a-8263e4965289

Request Chain 136

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo.net%252Fsetuid%253FA%253Dc1167630-fff7-4855-af9b-fa3a786907e7%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECx2CYt0evkSgRPT4EW6pXg&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:128D7A693B1A421C93D16CFC3E6EC327 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dpubmatic%26uid%3DEA646CAA-4304-4127-9E1F-36639D660E5D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=pubmatic&uid=EA646CAA-4304-4127-9E1F-36639D660E5D

Request Chain 137

https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3Fus_privacy%3D1---%26A%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
https://sync.a-mo.net/setuid?us_privacy=1---&A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=index_rtb&uid=ZZ2Q7uUf-OZ.lEPl9AlkaQAA%261412

Request Chain 139

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=appnexus&uid=9091807011818095870

Request Chain 147

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LR6OTUPE-1D-K7YX HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LR6OTUPE-1D-K7YX&gdpr=0&gdpr_consent=undefined&us_privacy=1---

Request Chain 148

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IjU1qucyTgu6jX9v1dk8iA&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IjU1qucyTgu6jX9v1dk8iA&gdpr=0

Request Chain 149

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LR6OTUPE-1D-K7YX&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Request Chain 150

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=&expires=30

Request Chain 151

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nNhwWrp-QWu4Pxxkf6VJ_A&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nNhwWrp-QWu4Pxxkf6VJ_A&gdpr=0

Request Chain 152

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

Request Chain 153

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2T1RVUEUtMUQtSzdZWA==&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDYUzkIndBvtwa95ef6OW3c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T1RVUEUtMUQtSzdZWA==&google_push=&gdpr=0

Request Chain 154

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUzMmQ1MTM2MzFjMzg4ZjllOTFmODg2ZGMwZGM2MWE5NDgyZjVhYQ&gdpr=0&us_privacy=1---

Request Chain 155

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/OU4eFwuxeyaRFqxL_NAbZMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BpgNwYhE2oIqW8ftouVL4TdMBi11fD5I6P2HNA--~A

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMoboG478ywSjDNlTSk2l6Q&google_cver=1

Request Chain 157

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB8t07LOyIAABQCg6sryQ&expires=30&gdpr=0

Request Chain 158

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1--- HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1--- HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6OTUPE-1D-K7YX HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6OTUPE-1D-K7YX&ckls=true&ci=xCd14qQ0QL&nc=false&trid=-729532331

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

Request Chain 160

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c4a8e419-5fb9-4367-822c-b80b924fcd5e&expires=30&gdpr=0&us_privacy=1---

Request Chain 161

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1--- HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---&dnr=1

Request Chain 162

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

Request Chain 163

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR6OTUPE-1D-K7YX&redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR6OTUPE-1D-K7YX&gdpr=0&redir=true&us_privacy=1--- HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NeHZKT3Z4RTJ1SFd5eGdmelY3bzRxYmhHWXpQaW9wQn5B&gdpr=0&ovsid=LR6OTUPE-1D-K7YX&us_privacy=1---&dpid=58160

165 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
phpstack-952332-3837345.cloudwaysapps.com/ 115 KB
25 KB 1056ms
512ms Document
text/html 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: d868fee1b780529adef3a5686d258da16401d83d75a2c0f1383ba86a57c7151a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, must-revalidate
content-encoding: gzip
content-length: 24978
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 18:31:02 GMT
expires: -1
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-robots-tag: noindex, nofollow

GET
H2 200 style.css
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/css/ 62 KB
11 KB 264ms
262ms Stylesheet
text/css 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/css/style.css?ver=1.6
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: aee2060c6af3b6443d6f97056b20e69215c1207287c92b37f61eabdc73a653b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:02 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 09:25:58 GMT
server: nginx
etag: W/"6582b326-f921"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 loader.js Show response
cdn.snigelweb.com/adengine/parafraseartextos.net/ 21 KB
9 KB 470ms
383ms Script
application/javascript 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4171376af8d67a0a68549e381778cc695d6538fdd49ebcc8e4dbc97ef7ccdeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
cf-cache-status: MISS
x-edge-location: Toronto, CA
x-cache: MISS
last-modified: Mon, 08 Jan 2024 11:07:20 GMT
server: cloudflare
etag: W/"5297-60e6d339f1113"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=900, must-revalidate, immutable
x-edge-ip: 23.237.68.242
cf-ray: 842ec1429bc3542b-YYZ
x-storage: 280989260:8001
expires: 0

GET
H2 200 logo_new.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
1 KB 265ms
264ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/logo_new.svg?v=1
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 8899812931246b631f2d07287f67ac6eb3abceb8ad9fd97495ccac886d13be1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:02 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 11:21:16 GMT
server: nginx
etag: W/"65817cac-66b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 menu-icons.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 352 B
376 B 495ms
481ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/menu-icons.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: eea4966d15beff3edc151f5139b19dc31148db8225304708552bcec8b8434737

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-160"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 Inteligente.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
1 KB 266ms
265ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/Inteligente.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 0c3aaf52ef12139d680ad719c3be37ef6fcb651f744ff74bf219d68a7feac09d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:02 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-787"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 ai_mode.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 10 KB
4 KB 257ms
257ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ai_mode.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 12d2c1d7385bbb01a4e0297dbf71186ac0885b63db948d0d687673837347f210

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-2722"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 Acortar.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
1 KB 257ms
257ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/Acortar.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 1f5181fbc22a3302d1dd0d2da546a6ef45a9163a82a9654e9533c4b24dab2958

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-9f2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 Acad%C3%A9mico.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
1 KB 287ms
272ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/Acad%C3%A9mico.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 4201bff24bf7ac22c4cae18f3a4b33635708e8797a7d9702c2fa25db0271c766

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-80c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 Sorpr%C3%A9ndeme.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 4 KB
2 KB 496ms
483ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/Sorpr%C3%A9ndeme.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 50db590c076b5cf75c3e1ea2e899b5679dd5231e1b200a13ca3d6dae0635cddb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1131"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 paraloader-o.gif
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 114 KB
115 KB 518ms
505ms Image
image/gif 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/paraloader-o.gif?var=1.0
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: b4db4df41cdfbfce733353f2e8e780830417a3e2b88bfef611c47d89b1dbd04f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-1c99a"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 117146

GET
H2 200 upload-icon.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 1 KB
828 B 735ms
723ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/upload-icon.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 463b7817a5d8278e616cc32c9b5d21035d28642dad39a06af5bed1df9208a61a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:38 GMT
server: nginx
etag: W/"64ec32de-473"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 sad.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 5 KB
2 KB 735ms
723ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/sad.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 14c3a846e6dbaa950f1d7b8064de3649f2bd32bf6286bcc2240e1ee389e2f6ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1516"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 avrage.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 4 KB
2 KB 735ms
724ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/avrage.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 2af1fcd07b59a6ba8c019bf5d7b8f3e3d8afcb56cfb2bd7175681066f67d6abd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1114"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 smail.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 7 KB
3 KB 735ms
724ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/smail.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 049db567ff59b235ab13806ae2fee16ed733f95185ec78f3b5500ec3955a6389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1aad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 feedback_icon.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 1 KB
809 B 735ms
724ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/feedback_icon.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 023c9c8b67448fa54e423b611f802cf7a67ed59c8a419e0219a39f722493d7cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-4c4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 download-icon.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 916 B
637 B 736ms
725ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/download-icon.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: fb069720f23d3a496959886d99f3ac76f07ea8b5dc4f2b6443e5db1bad7b80e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:38 GMT
server: nginx
etag: W/"64ec32de-394"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 copy-icon.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 879 B
627 B 736ms
725ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/copy-icon.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: d3a82d38eb3d1b78d24a1eda213030d88012e0b8db35eabfc4d27173ab0d0c95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:38 GMT
server: nginx
etag: W/"64ec32de-36f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 typography.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
1 KB 736ms
725ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/typography.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 5f0eb7696bc89234d2a4f76f613cab64cf3595b5a97c3e290246d277d8ac6c07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-6f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 pencil_b.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 3 KB
2 KB 736ms
726ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/pencil_b.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 22cd7aebd5fa6d25e4b6fd7bc6d8cd65face31994b415c976120bd9134cd96f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-d1d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 intel_mode.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 5 KB
2 KB 736ms
726ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/intel_mode.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 956840945f8e54d2cd3136f3d10fd24c278f9d64e30489f72e49bf1745ad24fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-121c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 creato_mode.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 6 KB
3 KB 736ms
727ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/creato_mode.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 147cf0ea2269c2aad899571afed0d6dd8ca708388640047ff898518d198c99b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-171c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 howtouse.webp
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 18 KB
18 KB 736ms
727ms Image
image/webp 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/howtouse.webp
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 7406e3707f2c148c2019c973e1f77cc329cf2932054d9d73df98c59d470b4a2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-47aa"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 18346

GET
H2 200 laguage-use.webp
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 8 KB
8 KB 736ms
727ms Image
image/webp 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/laguage-use.webp
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 39414ff1c6475bbf4b202133edc78a02da50ed809c9aa807899a30a021b16ee4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-2028"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8232

GET
H2 200 Parafrasearenlaescrituraacademica91_51_300xauto.png
phpstack-952332-3837345.cloudwaysapps.com/storage/2023/Sep/ 22 KB
23 KB 736ms
728ms Image
image/png 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/storage/2023/Sep/Parafrasearenlaescrituraacademica91_51_300xauto.png
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 2ce4f1b9f95f5d8b194931c64adb50463202a426c55e1822fc06a87f496e558b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Tue, 05 Sep 2023 11:56:46 GMT
server: nginx
etag: "64f7177e-5954"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 22868

GET
H2 200 Diferenciaentreparafrasearyresumirtextos7_87_300xauto.png
phpstack-952332-3837345.cloudwaysapps.com/storage/2023/Sep/ 20 KB
20 KB 736ms
728ms Image
image/png 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/storage/2023/Sep/Diferenciaentreparafrasearyresumirtextos7_87_300xauto.png
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 0151f1172567ae5f89244b45ee35295822261d9bec9740cac276d1f625a4764e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Tue, 05 Sep 2023 11:56:38 GMT
server: nginx
etag: "64f71776-4e3a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 20026

GET
H2 200 TrabajodeParafrasearTextos89_63_300xauto.png
phpstack-952332-3837345.cloudwaysapps.com/storage/2023/Sep/ 21 KB
21 KB 736ms
728ms Image
image/png 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/storage/2023/Sep/TrabajodeParafrasearTextos89_63_300xauto.png
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 29495bb74a81b1fafaca5735561c079c56094e37ce5846167e12b0afd755bb22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Tue, 05 Sep 2023 11:56:30 GMT
server: nginx
etag: "64f7176e-536a"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 21354

GET
H2 200 no_words.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 7 KB
3 KB 736ms
729ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/no_words.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: f42c9e2661fb74c92e4a40d7097420f98a717faf7087a00eb94906fa8f2197b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1a8e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 word_limit_exceed.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 5 KB
2 KB 736ms
729ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/word_limit_exceed.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 6375e7ec6be5b332a829f8c64b687f97829c50440e16dc1939614f46740d3f93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1323"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 jquery-3.6.0.min.js Show response
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/script/ 87 KB
30 KB 280ms
265ms Script
application/javascript 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/script/jquery-3.6.0.min.js
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/c8377512/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js

34 KB
12 KB

72ms
71ms

Script
application/javascript

104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Server: 104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 842ec1449f4039d2-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 09 Jan 2024 18:31:03 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/c8377512/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 842ec1444ea039d2-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/script/ 27 KB
7 KB 494ms
480ms Script
application/javascript 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/script/script.js?v=2.14
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: a19d078bd6c4aac0fb7c49a06c681a001caedbf793bf4755f7a860c1b72d5d83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Sat, 16 Dec 2023 11:51:21 GMT
server: nginx
etag: W/"657d8f39-6b9c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 logo.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 16 KB
7 KB 736ms
729ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/logo.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: bfed0b63a822019ce9cb9578c41825fd61ccf47b41a4d29a7b3e6906ec268082

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-3e1c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 login-popup2.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 34 KB
9 KB 736ms
730ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/login-popup2.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 6a7c675bc64c66f763ad6c4e4f0468773740e75eed0db5319d4a5f294ca07f1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-8719"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 register-popup.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 87 KB
31 KB 736ms
730ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/register-popup.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 7d20d5331d366a0009d348bda5c714792f20a40fe9399166965c32e4914cc2fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-15c3a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 alert-img.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 5 KB
2 KB 736ms
731ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/alert-img.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 84a689566accff50d324edfc38698f87c49e65b15e547a79a4471b1690e916c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-146d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 logo.png
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
2 KB 736ms
731ms Image
image/png 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/logo.png?v=1
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 89f318af530b7d7aa68e7880902f138ffbe4eb3ed9fc6a785368d0c31919bea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-7f1"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2033

GET
H2 200 google-play-badge.webp
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 2 KB
2 KB 737ms
732ms Image
image/webp 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/google-play-badge.webp
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 923e5a29cce2eb13434bf794141247e59874917861965df7c1b23246b346f28f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-744"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1860

GET
H2 200 apple-app-store.svg
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 8 KB
3 KB 737ms
732ms Image
image/svg+xml 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/apple-app-store.svg
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: 7dd3b4fda04df72f6e559f450793be8765a84db37e41d1c4ddb23d673d7d9d45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: W/"64ec32df-1f86"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-robots-tag: noindex, nofollow

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 107ms
39ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Requested by

Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 17:06:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 18:31:03 GMT

GET
H2 200 gradient-bg-o.webp
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 8 KB
8 KB 737ms
733ms Image
image/webp 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/gradient-bg-o.webp
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/css/style.css?ver=1.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: d2f5b92f6a6c41fb457d6809d67966a9afa93eca377b9a2e63db3c7a91194d6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/css/style.css?ver=1.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-2014"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8212

GET
H2 200 list-style.png
phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/ 256 B
431 B 737ms
733ms Image
image/png 139.59.255.147
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/img/list-style.png?v=1
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/css/style.css?ver=1.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.59.255.147 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 952332.cloudwaysapps.com
Software: nginx /
Resource Hash: de36e2f1c61748d0eabe9a4fc495d068b6237c1ced0f714e0e9a806df28632fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/web_assets/frontend/css/style.css?ver=1.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
last-modified: Mon, 28 Aug 2023 05:38:39 GMT
server: nginx
etag: "64ec32df-100"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 256

GET
H2 200 prebid.js Show response
cdn.snigelweb.com/prebid/7.53.0/ 564 KB
171 KB 82ms
77ms Script
application/javascript 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac90e35d37609321fe8cdb733b06685a7eb7489f64d4eb9ca75b85feb1b7d9a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 113235
x-edge-location: Toronto, CA
x-cache: MISS
last-modified: Wed, 22 Nov 2023 12:24:37 GMT
server: cloudflare
etag: W/"8d1ca-60abccd758bfb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, must-revalidate, immutable
x-edge-ip: 23.237.68.242
cf-ray: 842ec1451829542b-YYZ
x-storage: 280989260:8001
expires: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 94ms
32ms Script
application/javascript 13.35.102.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.102.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-102-145.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:05:21 GMT
content-encoding: gzip
via: 1.1 9c90b41a9e5ac2856624d29ed4da4234.cloudfront.net (CloudFront), 1.1 c7705692ed008dad7e46e32f966aa3fe.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P8
age: 1543
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ly158K7efglioaInxRGR_JWEobrud3c0c8enVkCSGn1OGqTs2u1JHw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 133ms
61ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

d77e6f386b40c09057917389e28d5325903979a78caade40f4275a4be67c9586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29373
x-xss-protection: 0
server: cafe
etag: 617 / 19731 / m202401020101 / config-hash: 15765606045019548953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 18:31:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 146ms
82ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

3ae25c1b7d32718bae6eadb4d3a435389d60163a763013736c6e004911c741b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51065
x-xss-protection: 0
server: cafe
etag: 6452404895379620080
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 18:31:03 GMT

GET
H2 200 adngin.js Show response
adengine.snigelweb.com/parafraseartextos.net/8939-1704710976498/ 170 KB
51 KB 193ms
188ms Script
application/javascript 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adengine.snigelweb.com/parafraseartextos.net/8939-1704710976498/adngin.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4ef415a55e142643e0f3037341fb41ebd2522386932b6f2da497c1af601833b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=14400, must-revalidate, immutable
cf-ray: 842ec1452834542b-YYZ
expires: 0

GET
H2 200 argus.js Show response
cdn.snigelweb.com/argus/ 37 KB
12 KB 51ms
49ms Script
application/javascript 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snigelweb.com/argus/argus.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd53b8f1f2e666a7640fe4e8ea2783af847c7872d8c9f8ee6b5d4129559e33c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 2684
x-edge-location: Toronto, CA
x-cache: REVALIDATED
x-age: 3603
last-modified: Mon, 30 Oct 2023 10:04:32 GMT
server: cloudflare
etag: W/"942a-608ec2a1f7676"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, must-revalidate, immutable
x-edge-ip: 23.237.68.242
cf-ray: 842ec145182e542b-YYZ
x-storage: 280989260:8001
expires: 0

GET
H2 200 315b44bc-10e5-45a8-8f58-064d6e7317c0.js Show response
cdnx.snigelweb.com/ 219 B
469 B 56ms
52ms Script
application/javascript 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnx.snigelweb.com/315b44bc-10e5-45a8-8f58-064d6e7317c0.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/adengine/parafraseartextos.net/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 930fbf5443c21658c7f44c767e6a94fb5c85c807d7b48b7edec47ef8cb1832cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
x-amz-version-id: xLJzSE4R6gpVty6GT9GVdRxiOVDjc2hx
via: 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: YUL62-P1
age: 3584
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 08 Nov 2023 12:34:50 GMT
server: cloudflare
etag: W/"f63367912969c6557c1ee8f52389efbc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 842ec1452839542b-YYZ
x-amz-cf-id: w7DFkxyKr-APY4N6ICoyKAHtBMOOU7BpIPDcrdN0RTDSMIYJ6tVbbw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
57ms XHR
application/javascript 13.35.102.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.102.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-102-145.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:04 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TL83xCkI6XEzU9z4wtAFHh1i9RxH0Xwt-t5Wy7QZbxjuGXL8JP1UTA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 29ms
24ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19669
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 08 Jan 2025 13:03:14 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/ Frame 4C14 9 KB
4 KB 98ms
26ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 58154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 02:21:49 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 02:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3927 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
801 B 82ms
25ms Script
application/javascript 18.173.132.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3927
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-67.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 21863dcd5a6ff8c213797cee5d469f137baedcc57612c0a7cd19ecdd79061f75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 17:49:13 GMT
via: 1.1 c28d583393bad4965b8efa4ef27ccc9e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 2510
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: IqMYBfxBM389sWNdGRAWRRx7Qx6QWFDBcEP_UXOC-G9qhQdFHDJsFg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 38ms
37ms XHR
application/json 13.35.102.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3927&u=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.102.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-102-145.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 6117ed51d0cc24321cae355b13a1b2cb500c503dd467837cd53f2de03de75d3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
via: 1.1 c7705692ed008dad7e46e32f966aa3fe.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1551
x-amz-cf-id: iJwNn1btCdnadbQfSdgYmCRPlk0gr7Kt7FSMCEngVUN_3pTCSAFumQ==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 108ms
45ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://phpstack-952332-3837345.cloudwaysapps.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:15:11 GMT
x-content-type-options: nosniff
age: 555352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jan 2025 08:15:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 87ms
26ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://phpstack-952332-3837345.cloudwaysapps.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 19:41:38 GMT
x-content-type-options: nosniff
age: 600565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 19:41:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 66ms
39ms Font
font/woff2 142.251.40.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://phpstack-952332-3837345.cloudwaysapps.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:45:20 GMT
x-content-type-options: nosniff
age: 438343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 16:45:20 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 103ms
31ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&domain=phpstack-952332-3837345.cloudwaysapps.com&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://phpstack-952332-3837345.cloudwaysapps.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 09 Jan 2024 18:31:02 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 339105
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 362 B
1 KB 95ms
31ms XHR
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&domain=phpstack-952332-3837345.cloudwaysapps.com&cw=1&lsw=1&gdpr=0

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

07eddf3131961209d1ead253ef7914f18f978a9029479a3b911c551b4c23971e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 501110
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
442 B 408ms
115ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

651690a42263a4b23e44c15bef2b1974bb1daaeff51e36e57fc02d84ad95c65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
date: Tue, 09 Jan 2024 18:31:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
586 B 320ms
48ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=8p4qh9l&fmt=json
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e546fabc789dcef92fc89a26d58f49ed14892841f7402fcd5a46fc0cb27d6543

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 08 Feb 2024 18:31:03 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 104ms
30ms Script
application/javascript 23.4.232.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.4.232.54 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-4-232-54.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
x-serial: 1
x-check-cacheable: YES
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
x-akamai-pragma-client-ip: 10.44.130.72, 4.7.166.99
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 09 Jan 2024 18:46:03 GMT

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 10 KB
4 KB 117ms
51ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:35 GMT
server: cloudflare
age: 512740
etag: W/"65833ebf-2810"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 842ec148197ba214-YYZ
expires: Fri, 12 Jan 2024 18:31:03 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 118ms
51ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: 4HQPM7SPD5AD0NTN
age: 715
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 842ec148194e387e-YYZ
x-amz-id-2: TCMIlurN36aevV2k6eQFcYQqK5O20NB6ihWD0UVNBzxUgfC4eqUXfO0YfSDQd6grTtBhmXd20O4=

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
481 B 244ms
45ms XHR
text/javascript 18.164.107.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3927&u=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&pid=ybCprQpxl7t6M&cb=0&ws=1600x1200&v=23.1211.1645&t=1250&slots=%5B%7B%22sd%22%3A%22adngin-incontent_1-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22200x200%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_incontent_1%22%7D%2C%7B%22sd%22%3A%22adngin-bottom_adhesive-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_bottom_adhesive%22%7D%2C%7B%22sd%22%3A%22adngin-top-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_top%22%7D%2C%7B%22sd%22%3A%22adngin-below_tool-0-adaptive-group-0-placement-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_below_tool%22%7D%2C%7B%22sd%22%3A%22adngin-below_tool-0-adaptive-group-1-placement-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_below_tool%22%7D%2C%7B%22sd%22%3A%22adngin-below_tool-0-adaptive-group-1-placement-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_below_tool%22%7D%2C%7B%22sd%22%3A%22adngin-below_tool-0-adaptive-group-1-placement-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22152718%2C21740973315%2Fparafraseartextos.net_below_tool%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!snigelweb.com%2C7139%2C1%2C%2C%2Cprepostseo.com&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.107.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-107-227.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P6
x-amz-rid: 33KVR7SM7Y5F13WR3B0K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dM2VEU5rw63r7AW_qdF-hi2HiHtH68pJGcWt9c6pr3mxNIiktyyxug==

GET
H2 200 snigel-icon.png
cdn.snigelweb.com/resources/img/logo/ 15 KB
15 KB 69ms
69ms Image
image/png 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.snigelweb.com/resources/img/logo/snigel-icon.png
Requested by: Host: phpstack-952332-3837345.cloudwaysapps.com
URL: https://phpstack-952332-3837345.cloudwaysapps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e1ce0f550b8af85f5939d3785482ecea73c41ecfe0f222e052dfd3874dbd371

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
cf-cache-status: HIT
age: 952918
x-edge-location: Toronto, CA
x-cache: HIT
x-age: 801500
content-length: 15157
last-modified: Thu, 04 Mar 2021 15:58:54 GMT
server: cloudflare
etag: "3b35-5bcb80b652508"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2628000, must-revalidate, immutable
x-edge-ip: 23.237.68.242
accept-ranges: bytes
cf-ray: 842ec1483dd8542b-YYZ
x-storage: 280989260:8001
expires: 0

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1000 B 206ms
41ms Script
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 18:31:03 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 987362
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVGz0iZW36gG1NucA97ZB7hnYpHL0jtUzRNYiEx29k7wzjDWjhjRL%2B5Hn5mBHUqBnrQ5AepbXc3cXH%2Byqee0EQS40leQ0rXg9GE53YVOhNNNsL3rMPKSpBoo3g4jNR5V"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 842ec1496b4c36d7-YYZ

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
438 B 92ms
29ms XHR
application/json 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 prebid Show response
mp.4dex.io/ 0
304 B 295ms
197ms XHR
text/plain 172.64.153.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:04 GMT
x-err: Parsing the Prebid Request. adrequest and manager domains do not match
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 842ec149bb6636d3-YYZ
expires: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
653 B 96ms
31ms XHR
application/json 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&PageUrl=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&PageReferrer=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&CanonicalUrl=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

18694ce43a08385b33638b74a92fb3c90de79ddc3d8f3cfd0011888b93e64654

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 8
content-length: 180
pragma: no-cache
server: ayl-lb-usa02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
189 B 125ms
34ms XHR
text/plain 147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 09 Jan 2024 18:31:03 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
359 B 110ms
54ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 262e946e884452e5408fbe72068fbccde7607ca77c5c528270c228edc78b593d

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
220 B 110ms
35ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.53.0&cb=17826846898&lsavail=1

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
date: Tue, 09 Jan 2024 18:31:03 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 955 B
2 KB 433ms
177ms XHR
application/json 135.148.2.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 135.148.2.48 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip48.ip-135-148-2.us
Software: /
Resource Hash: a74df8a3a64dbac18bcd42d0cc7281d332503e1cf336a6223aa96118b0560038

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:03 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0014000001PCseWAAT&src=aps&ver=1.3.0&us_privacy=1---
https://lexicon.33across.com/v1/envelope?pid=0014000001PCseWAAT&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=9GKv7312oNfBsRt3k26v3xUz0cU0DY%2FJnPdHGhgV4ao%3D

42 B
138 B

36ms
34ms

XHR
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0014000001PCseWAAT&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=9GKv7312oNfBsRt3k26v3xUz0cU0DY%2FJnPdHGhgV4ao%3D
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:03 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 09 Jan 2024 18:31:03 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
location: https://lexicon.33across.com/v1/envelope?pid=0014000001PCseWAAT&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=9GKv7312oNfBsRt3k26v3xUz0cU0DY%2FJnPdHGhgV4ao%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 285ms
224ms Fetch
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 18:31:04 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgNJPvxZ8GTDKH7hd9dybgdL6ssh%2F3pcbs12c7Zmt6HyraH0JCkZxMKoqbyNk2Xes%2BLssz73FeCjaxSUiwlidaEEbkk5u0%2BZAgwICz3yIp0obQHiY02nL6nZoTcgckDA"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 842ec14a0c46a1e6-YYZ

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
301 B 363ms
117ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

4e74fa7bda95a105d6c94dc61f6ac61e91fe0763d21dd9037e8e923cf032c15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
date: Tue, 09 Jan 2024 18:31:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
500 B 78ms
78ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=793012839593980&correlator=1804927848269989&eid=31079956%2C31080298%2C31079233&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22152718%3A21740973315%2Cparafraseartextos.net_incontent_1%2Cparafraseartextos.net_bottom_adhesive%2Cparafraseartextos.net_top%2Cparafraseartextos.net_below_tool&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%7C200x200%7C250x250%2C970x90%7C728x90%2C320x50%7C728x90%7C970x90%7C980x90%2C970x250%7C300x250%7C700x250&fluid=0%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704825064345&lmt=1704825064&adxs=943%2C315%2C436%2C315&adys=300%2C2195%2C98%2C877&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&tos=~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fphpstack-952332-3837345.cloudwaysapps.com%2F&vis=1&psz=300x275%7C1600x-1%7C1170x90%7C970x300&msz=300x0%7C1600x-1%7C728x90%7C970x0&fws=4%2C512%2C0%2C0&ohw=564%2C0%2C0%2C0&ga_vid=1566678027.1704825064&ga_sid=1704825064&ga_hid=1879465081&ga_fc=false&dlt=1704825062713&idt=916&ppid=7061726166726173656172746578746f732e6e657460c15d0dzb2a1z4875zb598zae568d1c59fb&prev_scp=amznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D269%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D269%26sn_stk%3Dbottom%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D269%26_adngin_ba%3Dfalse%7Camznbid%3D2%26amznp%3D2%26sn_adngin%3D1%26sn_cr%3Dnone%26sn_ic%3D1%26sn_adx%3D1%26sn_rm%3D0%26sn_pd%3D0%26sn_tam%3D1%26amznt%3D269%26_adngin_ba%3Dfalse&cust_params=sn_ct1%3D0&adks=1001825794%2C1457547081%2C1377386142%2C4240783962&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

a49e1067485ba7f377b76988754ab4607b11b8e70b5003cece093491dc445a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
59ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

cd4e221aa455a6602d24eb243ef16e05a47b852e4f8565156ab1055620acf45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12248
x-xss-protection: 0

GET
H2 200 container.html Show response
8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 09E1 6 KB
3 KB 136ms
41ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 18:31:04 GMT
expires: Wed, 08 Jan 2025 18:31:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 364.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 347ms
116ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/364.json

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

cd858c47af16f235c29a0ef40aa79fe6446fc27dbf868fc0189594a942cc83b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
date: Tue, 09 Jan 2024 18:31:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 51ms
49ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 18:31:04 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8956 13 KB
5 KB 26ms
25ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 102315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 14:05:49 GMT
expires: Tue, 07 Jan 2025 14:05:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBFD 829 B
1 KB 105ms
46ms Document
text/html 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

GSE /

Resource Hash

a995bfff5f45db65b0557ad1b547d3530b5fc15bcd4db4462c22092e3c9a169b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GEMXVRK3YqiKwOwkVi1glQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GEMXVRK3YqiKwOwkVi1glQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 18:31:04 GMT
expires: Tue, 09 Jan 2024 18:31:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8956 39 KB
15 KB 27ms
25ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 423692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 20:49:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBFD 0
0 52ms
51ms Image
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=793012839593980&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8956 0
10 B 26ms
25ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3DSE6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
300 B 118ms
117ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

31d8bdb82367935f756cfc852482a2a91e95c6cae949f59739acc6a6a19bd3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
date: Tue, 09 Jan 2024 18:31:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 auction Show response
argus-fra1.snigelweb.com/ingress/v1/ 0
293 B 209ms
143ms XHR
text/plain 104.18.10.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://argus-fra1.snigelweb.com/ingress/v1/auction?id=1025968802
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/argus/argus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 18:31:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 842ec1507cc7a1ea-YYZ
content-length: 0

POST
H2 200 v3 Show response
id5-sync.com/gm/ 693 B
1 KB 118ms
117ms XHR
application/json 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

Resource Hash

8c286e46689f61dc35c323d5c360e034d357db9c1b2cb6b2fbfaef3aa51bc794

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://phpstack-952332-3837345.cloudwaysapps.com
date: Tue, 09 Jan 2024 18:31:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 113ms
47ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

389f4afd84f02b4c34018b66efba9fa9cd4c80cc0aa34accdbf37ea76647ca17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 12:38:38 GMT
server: nginx
etag: W/"6596a6ce-18434"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Jan 2024 18:31:05 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9DC4 14 KB
6 KB 45ms
44ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=phpstack-952332-3837345.cloudwaysapps.com&gdpr=0&gdpr_consent=&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 18:31:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 367622
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.147.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 95ms
32ms XHR
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.147.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

389f4afd84f02b4c34018b66efba9fa9cd4c80cc0aa34accdbf37ea76647ca17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 12:38:38 GMT
server: nginx
etag: W/"6596a6ce-18434"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Jan 2024 18:31:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
60ms Image
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=793012839593980&bg=!3d6l3pHNAAaumcC-jpk7ADQBe5WfONxtJ-MplKPqit0TR-IeIhSecoQUJgHRbgwHyHm1KOr3qtnQaLZktvLCQtlfMiyqAgAAAH1SAAAABGgBBwoAsrCGvtZJeZfcfnxbMnRv8ch1ki531fHl8Ws0lkkvvW2s7c9VmoA1VpZvC2pHUl1w4BT5y4uZGYzpdFe114FaAUwKff3TgYtRx0Y5D6rbPIgP1Naj2Q8_deROa6kHhYjBaIvXEjMB3nhdRkcqnRsdhseLsM_k0Av-vnANppxXu9Crmn88uYQDt6KWB77Mim8wDuRlYgXWaakCTJOnE8BEwPcYC0n4ejGVnlS9UYOc1wAJYTGZArHNyqwFAibg-oq9mUSDQMbZRcUcm2ZWk-SX6IOn_IeQTamyBE_J0pBwqtlDeo1tulULYrBWrlgDDUqrvdQvDUGLZFfQVJLZm9sHjA5qCFIWuSOI654d3PudH1GEjSSPwhPfYbeJHQyfXaLZTvQhchwYLtEhRloYfb3t8hoodkMJlnbgCuRJrTg9iSra9sIUai_M9WfrguWPNYcbVRy5V1SgnDqH1M3yi-Tle6mYu9tI3bBwEOPZW57XTFPPvjYg9icErcoD1m2LO2KRZSgIBS2iYoyRildM_qDOo74UDWQMfMQqL38jSIHVdZWObnbHTQTvQuD7m_aZVKKWGzPUE8sWf24T_bNUcgN2v9YGNQsLzNcw755fIlaikK8xdEWLmrWdjw0b_hMQaJvyVSumz9gQ_Aje_oGgbuf5IodXs1CUBgQRK8nZ3pqbkGUuOzqzJa7OiNuqrPttbnd7suqrhmEF28tJ2cpptGFMjCwDFjokmUrIQyWW2Wy-CX_Vvbm5kcgXb7Ac7UHy9-6WAu7qVh7tsqY-r7-3vSyOn7yw4_c4jdXVpY-tJ78xtHNJyMmKkasH3UFSbxtS2X0WVEFgukjqY9cM6ShrDG0nTqHHwjvTB3F1y60t_A-_FoHCO1YDx1ai59KlFBP18uUYq2YJ0kmrEmSbhkiAQZZmcQtZkeuCMAojn0ocUZdc2lnWpBOyIOZk6T2Q_wlRIGsdm0wlYGTh9eZLra1FFgsUJgBGFRS6d7gaxK5XBNs6NM1bLtwdar8kiTysduksH0s7fSGw6J1nW76I-XwCkg6pyNfrlVbZO9nGZyoplhzV8jAA2deCV7Uc9Wt2K4XGr8XT_anc7f5ZjdWuTVPCW_vFteeWoLSe3rl5kxWKbum4scZzwCX5_b2_Achw9f52LrnKl3uySROzyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 9DC4 465 B
578 B 36ms
33ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=cloudwaysapps.com&sn=ChromeSyncframe&so=3&topUrl=phpstack-952332-3837345.cloudwaysapps.com&bundle=K-45uV9iRjA4diUyRjVxcjFnNG9XVFBlNSUyQjVPT05OZXB5VzlIaHZHNEpVRUhXTWFzYzlZczd2ZGZtdmxvRGtPdkgwZkxpNSUyRjQwSk1PQ3Rxc2gwTjNUY3ZVcXh2JTJCQ1BLMkJJUjc0bDhFV0dOYVU2JTJCbTBKVW9xd0syZXdUeWxORUlxNUpnaDM&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=phpstack-952332-3837345.cloudwaysapps.com&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

504a636edc40ab2ca7920a654abc6f786853634905b6c128faad52243ba2f10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=phpstack-952332-3837345.cloudwaysapps.com&gdpr=0&gdpr_consent=&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1501705
expires: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C8C5 4 KB
2 KB 28ms
27ms Document
text/html 51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Requested by

Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

73d3cb5a084aba046ab5327dbc4f02dc95ead835b1cf7287a0ab1159481a7624

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1632
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 92B2 2 KB
946 B 35ms
32ms Document
text/html 147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 1dddfc10a4ed54771779205a851a84a55fdbd28d63fe0f7e2928e183e6becdf5

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 608
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 18:31:08 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 0

GET
H2

200

pd Show response
snigel-d.openx.net/w/1.0/ Frame D359
Redirect Chain

https://snigel-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&us_privacy=1---
https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---

880 B
871 B

35ms
34ms

Document
text/html

35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: cdn.snigelweb.com
URL: https://cdn.snigelweb.com/prebid/7.53.0/prebid.js?v=8939-1704710976498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 6407025ac1d03efe353dffd263988cd12f2e3d611871062f3ef274811ccde855

Request headers

Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 546
content-type: text/html
date: Tue, 09 Jan 2024 18:31:09 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 09 Jan 2024 18:31:09 GMT
location: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=2a42bb72-e822-453e-9380-26934f3e98ae&gdpr=0

43 B
426 B

178ms
95ms

Image
image/gif

23.83.76.57

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=2a42bb72-e822-453e-9380-26934f3e98ae&gdpr=0
Protocol: HTTP/1.1
Server: 23.83.76.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=2a42bb72-e822-453e-9380-26934f3e98ae&gdpr=0
date: Tue, 09 Jan 2024 18:31:09 GMT
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=a095598227

43 B
400 B

266ms
93ms

Image
image/gif

23.83.76.57

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=a095598227
Protocol: HTTP/1.1
Server: 23.83.76.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 09 Jan 2024 18:31:08 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date: Tue, 09 Jan 2024 18:30:14 GMT
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
age: 55
x-cache: Hit from cloudfront
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=a095598227
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: vqGL9IONci1PO4mxuKc-m2aKszcfywybA7WIU-Vt2KvqiWRziyNJKQ==

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAzNTIzNjE1NDQwNzg3NjUyOA==&gdpr=0&gdpr_consent=

170 B
188 B

42ms
41ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAzNTIzNjE1NDQwNzg3NjUyOA==&gdpr=0&gdpr_consent=

Protocol

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NDAzNTIzNjE1NDQwNzg3NjUyOA==&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 09 Jan 2024 18:31:08 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/smartadserver?zcc=1&cb=1704825069406
https://ad.turn.com/r/cs?pid=45&rndcb=4413875188
https://sync.1rx.io/usersync/turn/4551818357408997467?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-b5c2db15-2506-4149-88dd-94429ac9d322-005?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-b5c2db15-2...
https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-b5c2db15-2506-4149-88dd-94429ac9d322-005

43 B
474 B

88ms
86ms

Image
image/gif

23.83.76.57

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-b5c2db15-2506-4149-88dd-94429ac9d322-005
Protocol: HTTP/1.1
Server: 23.83.76.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=113&partneruserid=RX-b5c2db15-2506-4149-88dd-94429ac9d322-005
date: Tue, 09 Jan 2024 18:31:10 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb5c2db152506414988dd94429ac9d322005
content-type: text/html

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4035236154407876528&gdpr=0&gdpr_consent=

43 B
855 B

483ms
258ms

Image
image/gif

67.220.228.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4035236154407876528&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

67.220.228.202 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://phpstack-952332-3837345.cloudwaysapps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MZ74X3KF3EAYH96ZXEEW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=4035236154407876528&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 09 Jan 2024 18:31:08 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=b0c7659d-90ed-4600-b89d-552c1939553f&gdpr=0&gdpr_consent=

0
340 B

26ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=b0c7659d-90ed-4600-b89d-552c1939553f&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 09 Jan 2024 18:31:09 GMT
Server: MT3 1237 600843f master iad iad-pixel-x28 config_version:"1604"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=b0c7659d-90ed-4600-b89d-552c1939553f&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Jan 2024 18:31:08 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LR6OTUPE-1D-K7YX&gdpr=0

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LR6OTUPE-1D-K7YX&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LR6OTUPE-1D-K7YX&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9091807011818095870

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9091807011818095870

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
an-x-request-uuid: aebd4ecc-f4c4-4ecb-bbfb-e52257e547fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=9091807011818095870
x-proxy-origin: 107.175.102.55; 107.175.102.55; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=851de993e37949be9df59cc1b9ea6&gdpr_consent=&gdpr=0

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=851de993e37949be9df59cc1b9ea6&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=851de993e37949be9df59cc1b9ea6&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1704825069581076-1178

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame C8C5 42 B
925 B 102ms
33ms Image
image/gif 8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=9MVZ2sX1UmKCy7Pq_b2Tnf1_IRd0uqgqjO5173XY4sY
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b61ec92b-5f54-4ec7-a6e9-a33d2aac5346

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b61ec92b-5f54-4ec7-a6e9-a33d2aac5346

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:09 GMT
Server: nginx
Location: https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=b61ec92b-5f54-4ec7-a6e9-a33d2aac5346
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUff49863731cb40ecb4fd7744d2c2a2dd

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUff49863731cb40ecb4fd7744d2c2a2dd

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPUff49863731cb40ecb4fd7744d2c2a2dd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 155
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C8C5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjO9-Hz3bjnGkMGzJ0zr7ERBpqLUR5zIdjg

170 B
243 B

43ms
41ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjO9-Hz3bjnGkMGzJ0zr7ERBpqLUR5zIdjg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjO9-Hz3bjnGkMGzJ0zr7ERBpqLUR5zIdjg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=4035236154407876528

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=4035236154407876528

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=4035236154407876528
date: Tue, 09 Jan 2024 18:31:09 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C8C5
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9MVZ2sX1UmKCy7Pq_b2Tnf1_IRd0uqgqjO5173XY4sY

43 B
479 B

145ms
36ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9MVZ2sX1UmKCy7Pq_b2Tnf1_IRd0uqgqjO5173XY4sY

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 19X42Y69HEN4QSJ2FH52
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9MVZ2sX1UmKCy7Pq_b2Tnf1_IRd0uqgqjO5173XY4sY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUE2NDZDQUEtNDMwNC00MTI3LTlFMUYtMzY2MzlENjYwRTVE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EA646CAA-4304-4127-9E1F-36639D660E5D

0
340 B

28ms
28ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EA646CAA-4304-4127-9E1F-36639D660E5D

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=EA646CAA-4304-4127-9E1F-36639D660E5D
date: Tue, 09 Jan 2024 18:31:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKaOj4C6KbXcZWiGpQhzza4&google_cver=1

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKaOj4C6KbXcZWiGpQhzza4&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEKaOj4C6KbXcZWiGpQhzza4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%...
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=UGYXqBp4nF5c&ev=1&us_privacy=1---&pid=562985

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=UGYXqBp4nF5c&ev=1&us_privacy=1---&pid=562985

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=UGYXqBp4nF5c&ev=1&us_privacy=1---&pid=562985
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5b8764964b-56bl9
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=ea40e2c67080793&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACsOW-O48YiQM-6X6hAAAAAAA&expiration=1704911469

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACsOW-O48YiQM-6X6hAAAAAAA&expiration=1704911469

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAACsOW-O48YiQM-6X6hAAAAAAA&expiration=1704911469
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A

0
340 B

26ms
26ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A
date: Tue, 09 Jan 2024 18:31:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=

0
340 B

26ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=29&uid=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=
date: Tue, 09 Jan 2024 18:31:09 GMT
server: Kestrel
content-length: 233

GET
H2

200

/
onetag-sys.com/match/ Frame C8C5
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050728407673414&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=

0
340 B

25ms
25ms

Image
text/plain

51.222.239.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1704825063934&gdpr=0&us_privacy=1---

Protocol

Server

51.222.239.232 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip232.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location: //onetag-sys.com/match/?int_id=30&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 09 Jan 2024 18:31:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 cframe.js Show response
assets.a-mo.net/js/ Frame 92B2 13 KB
6 KB 123ms
44ms Script
text/javascript 104.19.158.19

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/cframe.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.19.158.19 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: YUL62-C1
age: 309
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 17 Nov 2023 21:37:06 GMT
server: cloudflare
etag: W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 842ec16c0f2a3a04-YYZ
x-amz-cf-id: Y6nq402-I27k2gEMhKBNm8fa5Z_LygcrPXCD6HMKGizE9Pi2HNcubA==
expires: Tue, 09 Jan 2024 19:31:09 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D359
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZZ2Q7QANR1fS8QBU
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ2Q7QANR1fS8QBU&_test=ZZ2Q7QANR1fS8QBU

43 B
61 B

46ms
45ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ2Q7QANR1fS8QBU&_test=ZZ2Q7QANR1fS8QBU
Requested by: Host: snigel-d.openx.net
URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H3
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://snigel-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-yyz4526-YYZ
pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704825070.599215,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZZ2Q7QANR1fS8QBU&_test=ZZ2Q7QANR1fS8QBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 d1dfe8b7-6d10-a18a-72d1-54839a9a5d4d
pr-bh.ybp.yahoo.com/sync/openx/ Frame D359 43 B
602 B 121ms
41ms Image
image/gif 44.194.162.111

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/d1dfe8b7-6d10-a18a-72d1-54839a9a5d4d?gdpr=0

Requested by

Host: snigel-d.openx.net
URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.162.111 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://snigel-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D359
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1dcef28e-e116-8839-8308-c0e10dfe5be4
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1dcef28e-e116-8839-8308-c0e10dfe5be4&dcc=t

43 B
855 B

84ms
59ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1dcef28e-e116-8839-8308-c0e10dfe5be4&dcc=t

Requested by

Host: snigel-d.openx.net
URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://snigel-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8CDNJXTG1EV0YAXH80Y5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N5W56WRTZCC83CBABSQW
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=1dcef28e-e116-8839-8308-c0e10dfe5be4&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D359
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=45188ef3-fdbc-33c3-4306-427665cd9004&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&ttd_puid=45188ef3-fdbc-33c3-4306-427665cd9004&gdpr=0&gdpr_consent=

43 B
240 B

34ms
33ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&ttd_puid=45188ef3-fdbc-33c3-4306-427665cd9004&gdpr=0&gdpr_consent=
Requested by: Host: snigel-d.openx.net
URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://snigel-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&ttd_puid=45188ef3-fdbc-33c3-4306-427665cd9004&gdpr=0&gdpr_consent=
date: Tue, 09 Jan 2024 18:31:09 GMT
server: Kestrel
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame D359 170 B
188 B 44ms
42ms Image
image/png 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Njk3NzVkMzktMzRjYi02ZDY3LTU2ZTYtMThjZmFmMmY1ZTY0

Requested by

Host: snigel-d.openx.net
URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://snigel-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D359
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lmq_trmRBZehsH6JgL6M&google_cver=1

43 B
171 B

34ms
33ms

Image
image/gif

35.244.159.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lmq_trmRBZehsH6JgL6M&google_cver=1
Requested by: Host: snigel-d.openx.net
URL: https://snigel-d.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://snigel-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lmq_trmRBZehsH6JgL6M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuid Show response
prebid.a-mo.net/ Frame 92B2 51 B
155 B 34ms
34ms XHR
application/json 147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/getuid
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: d83000e2b2d348c93520e5beb455d6093beccda708646611a75039da9ee0a59b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=1---&gpp=&gpp_sid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
content-encoding: gzip
server: envoy
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 idl.js Show response
assets.a-mo.net/js/ Frame 92B2 3 KB
2 KB 45ms
45ms Script
application/javascript 104.19.158.19

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=phpstack-952332-3837345.cloudwaysapps.com&e=27&uid=c1167630-fff7-4855-af9b-fa3a786907e7
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.19.158.19 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 890304274d84dce52c3c8a65cb402758.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: YTO50-P2
age: 165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 02 Nov 2023 21:08:31 GMT
server: cloudflare
etag: W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 842ec16d79c83a04-YYZ
x-amz-cf-id: nra-bBaHS3fna9yjJs6qrbT29bxmvaYeT_wq7LvHTdWdHzS8Ed82cQ==
expires: Tue, 09 Jan 2024 19:31:09 GMT

GET
H/1.1

200
OK

set Show response
id.a-mx.com/ Frame 92B2
Redirect Chain

https://id.a-mx.com/sync?tao=1&&do=phpstack-952332-3837345.cloudwaysapps.com
https://c3.a-mo.net/b?uid=ddba91d5-9a9b-4605-9cf9-b21e7f299178&sh=id.a-mx.com&
https://id.a-mx.com/set?oid=ddba91d5-9a9b-4605-9cf9-b21e7f299178&uid=c1167630-fff7-4855-af9b-fa3a786907e7&

99 B
605 B

34ms
33ms

Fetch
application/json

131.153.242.59

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/set?oid=ddba91d5-9a9b-4605-9cf9-b21e7f299178&uid=c1167630-fff7-4855-af9b-fa3a786907e7&
Protocol: HTTP/1.1
Server: 131.153.242.59 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf745a2038f341d007a473a4e6f6602b4685b1ec7c0f66acfee537e987e4f41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: null
date: Tue, 9 Jan 2024 18:31:09 GMT
access-control-allow-credentials: true
content-length: 99
content-type: application/json

Redirect headers

access-control-allow-origin: null
location: https://id.a-mx.com/set?oid=ddba91d5-9a9b-4605-9cf9-b21e7f299178&uid=c1167630-fff7-4855-af9b-fa3a786907e7&
date: Tue, 9 Jan 2024 18:31:09 GMT
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1ED1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx

281 B
555 B

96ms
28ms

Document
text/html

23.56.163.106

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.106 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://prebid.a-mo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 18:31:10 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 09 Jan 2024 18:31:10 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server: AkamaiGHost

GET
H2

204

setuid
prebid.a-mo.net/ Frame 92B2
Redirect Chain

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c1167630-fff7-4855-af9b-fa3a786907e7&gdpr=0&us_privacy=1---
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadaptmx%26us...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D437%26ssp%3Dadaptm...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=aff1232f-1bb8-4061-b8c8-ec56507f2b08%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D437%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&ttd_puid=aff1232f-1bb8-4061-b8c8-ec56507f2b08%2Chttps%253A%252F%252Fx.bidswitch.net%...
https://x.bidswitch.net/sync?dsp_id=437&ssp=adaptmx&user_id=
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=

0
115 B

35ms
35ms

Image
text/plain

147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Location: //prebid.a-mo.net/setuid?bidder=bid_switch&uid=b2dffebd-ff5b-4453-8c4f-a4eb1265507b&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 09 Jan 2024 18:31:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

204

yahoo
prebid.a-mo.net/setuid/ Frame 92B2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58570/occ?uid=c1167630-fff7-4855-af9b-fa3a786907e7
https://prebid.a-mo.net/setuid/yahoo?uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A

0
112 B

34ms
34ms

Image
text/plain

147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/yahoo?uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A
Protocol: H2
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid/yahoo?uid=y-7b0QRr5E2uF9nvb8tfT1JWNn0j6sEforU9Fsa_4-~A
date: Tue, 09 Jan 2024 18:31:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

setuid
sync.a-mo.net/ Frame 92B2
Redirect Chain

https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Damx_com%26uid%3D
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=amx_com&uid=c1167630-fff7-4855-af9b-fa3a786907e7

0
205 B

113ms
27ms

Image
text/plain

147.75.198.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=amx_com&uid=c1167630-fff7-4855-af9b-fa3a786907e7
Protocol: H2
Server: 147.75.198.144 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=amx_com&uid=c1167630-fff7-4855-af9b-fa3a786907e7
date: Tue, 9 Jan 2024 18:31:08 GMT
content-length: 0

GET
H2

204

setuid
sync.a-mo.net/ Frame 92B2
Redirect Chain

https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=openx&uid=7cc6013c-4423-002a-288a-8263e4965289

0
114 B

172ms
28ms

Image
text/plain

147.75.198.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=openx&uid=7cc6013c-4423-002a-288a-8263e4965289
Protocol: H2
Server: 147.75.198.144 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=openx&uid=7cc6013c-4423-002a-288a-8263e4965289
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152

GET
H2 200 cookie
cm.adform.net/ Frame 92B2 43 B
106 B 1343ms
103ms Image
image/gif 37.157.2.228

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dadform%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.228 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:10 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

204

setuid
sync.a-mo.net/ Frame 92B2
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo....
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECx2CYt0evkSgRPT4EW6pXg&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:128D7A693B1A421C93D16CFC3E6EC327
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dpubmatic%26uid%3DEA646CAA-4304-4127-9E1...
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=pubmatic&uid=EA646CAA-4304-4127-9E1F-36639D660E5D

0
134 B

26ms
26ms

Image
text/plain

147.75.198.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=pubmatic&uid=EA646CAA-4304-4127-9E1F-36639D660E5D
Protocol: H2
Server: 147.75.198.144 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:10 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=pubmatic&uid=EA646CAA-4304-4127-9E1F-36639D660E5D
date: Tue, 09 Jan 2024 18:31:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

setuid
sync.a-mo.net/ Frame 92B2
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3Fus_privacy%3D1---%26A%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&s=191503&us_p...
https://sync.a-mo.net/setuid?us_privacy=1---&A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=index_rtb&uid=ZZ2Q7uUf-OZ.lEPl9AlkaQAA%261412

0
110 B

29ms
28ms

Image
text/plain

147.75.198.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?us_privacy=1---&A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=index_rtb&uid=ZZ2Q7uUf-OZ.lEPl9AlkaQAA%261412
Protocol: H2
Server: 147.75.198.144 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyQHwezgNXevn3C9PO2furvH9CZp1cbrzimshXWQybrvAGZrA0aTwT217ADacW9bfBQWDTMzLG43mdcQM1qpMbBwXiRznOHeODOX7N6Gw8%2BQart85L%2Byai80ZOwiOXBD80erNKl6"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://sync.a-mo.net/setuid?us_privacy=1---&A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=index_rtb&uid=ZZ2Q7uUf-OZ.lEPl9AlkaQAA%261412
cache-control: no-cache
cf-ray: 842ec1701d665497-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 92B2 0
277 B 110ms
30ms Image
text/plain 63.251.86.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dsovrn%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.50 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Jan 2024 18:31:09 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

204

setuid
sync.a-mo.net/ Frame 92B2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3Dc1167630-fff7-4855-af9b-fa3a786907e7%26bidder%3Dappnexus%26uid%3D%24UID
https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=appnexus&uid=9091807011818095870

0
113 B

169ms
29ms

Image
text/plain

147.75.198.144

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=appnexus&uid=9091807011818095870
Protocol: H2
Server: 147.75.198.144 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
an-x-request-uuid: 139613a9-e2ad-47e6-8608-67e8c92ee637
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.a-mo.net/setuid?A=c1167630-fff7-4855-af9b-fa3a786907e7&bidder=appnexus&uid=9091807011818095870
x-proxy-origin: 107.175.102.55; 107.175.102.55; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ow.pubmatic.com/ Frame 92B2 0
248 B 1149ms
29ms Image
text/html 8.28.7.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ow.pubmatic.com/setuid?bidder=amx&uid=c1167630-fff7-4855-af9b-fa3a786907e7&do=phpstack-952332-3837345.cloudwaysapps.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.105 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:10 GMT
content-length: 0
content-type: text/html

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 92B2 43 B
1 KB 44ms
34ms Image
image/gif 68.67.160.186

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=c1167630-fff7-4855-af9b-fa3a786907e7&do=phpstack-952332-3837345.cloudwaysapps.com

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:09 GMT
an-x-request-uuid: f4f7f5df-830e-4b81-a54f-8063dd544014
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 107.175.102.55; 107.175.102.55; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK 71ec3c55-4007-4700-8b41-ace3dedec7b0
https://prebid.a-mo.net/ Frame 92B2 202 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prebid.a-mo.net/71ec3c55-4007-4700-8b41-ace3dedec7b0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc2f908604abf1c56f4a9eba62783c09fde405f1dbded123152bbf9bf2875ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 202
Content-Type

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58771/ Frame 92B2 316 B
417 B 43ms
42ms XHR
application/json 3.225.218.10

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=c1167630-fff7-4855-af9b-fa3a786907e7

Requested by

Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=phpstack-952332-3837345.cloudwaysapps.com&e=27&uid=c1167630-fff7-4855-af9b-fa3a786907e7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.94 /

Resource Hash

202d181d5ac7b553dbb630a55dd4c90f9778b74bfcad6a9b2488a207173a8766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://prebid.a-mo.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Jan 2024 18:31:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://prebid.a-mo.net
content-type: application/json
access-control-allow-credentials: true

POST
H/1.1 204
No Content rum
id.rtb.mx/ Frame 92B2 0
477 B 355ms
28ms Ping
text/plain 138.199.41.120

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rtb.mx/rum?
Requested by: Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.199.41.120 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://prebid.a-mo.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://prebid.a-mo.net
date: Tue, 9 Jan 2024 18:31:09 GMT
access-control-allow-credentials: true

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1ED1 40 KB
11 KB 31ms
30ms Script
text/html 23.56.163.106

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.163.106 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 18:31:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 21:37:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11191
Connection: keep-alive
Content-Length: 10964
Expires: Tue, 09 Jan 2024 21:37:41 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1ED1 7 B
840 B 131ms
32ms XHR
application/json 69.173.151.100

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 9a0c641c0479142b55591fdf2031b15f
Expires: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 1ED1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=LR6OTUPE-1D-K7YX
https://prebid.a-mo.net/setuid/magnite?uid=LR6OTUPE-1D-K7YX&gdpr=0&gdpr_consent=undefined&us_privacy=1---

0
135 B

34ms
34ms

Image
text/plain

147.28.146.89
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LR6OTUPE-1D-K7YX&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Protocol: H2
Server: 147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:10 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LR6OTUPE-1D-K7YX&gdpr=0&gdpr_consent=undefined&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1ED1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IjU1qucyTgu6jX9v1dk8iA&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IjU1qucyTgu6jX9v1dk8iA&gdpr=0

43 B
479 B

132ms
132ms

Image
image/gif

67.220.228.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IjU1qucyTgu6jX9v1dk8iA&gdpr=0

Protocol

HTTP/1.1

Server

67.220.228.202 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RYQBSK0VJ8VKJCXGXXT2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IjU1qucyTgu6jX9v1dk8iA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1ED1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/ecm3?id=LR6OTUPE-1D-K7YX&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

43 B
479 B

37ms
36ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LR6OTUPE-1D-K7YX&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VQWDJDCTKF6CT1YHEQRD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LR6OTUPE-1D-K7YX&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1ED1
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=&expires=30

42 B
917 B

79ms
31ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=033dcac9-8c89-4f90-9ea2-e4f5364fb32a&gdpr=0&gdpr_consent=&expires=30
date: Tue, 09 Jan 2024 18:31:11 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1ED1
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nNhwWrp-QWu4Pxxkf6VJ_A&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nNhwWrp-QWu4Pxxkf6VJ_A&gdpr=0

43 B
479 B

36ms
36ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nNhwWrp-QWu4Pxxkf6VJ_A&gdpr=0

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S46N6YTSV7EK37TSYK5K
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nNhwWrp-QWu4Pxxkf6VJ_A&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1ED1
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

0
516 B

1147ms
61ms

Image
text/plain

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5D0AFFD1339A4C2BA4A7841BF67A2557 Ref B: YTO01EDGE0518 Ref C: 2024-01-09T18:31:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOh4TXJegCslIXvbIDWw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9e7742894a018a40b59a2ed2117c85b5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ED1
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2T1RVUEUtMUQtSzdZWA==&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDYUzkIndBvtwa95ef6OW3c&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T1RVUEUtMUQtSzdZWA==&google_push=&gdpr=0

170 B
188 B

42ms
41ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T1RVUEUtMUQtSzdZWA==&google_push=&gdpr=0

Protocol

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T1RVUEUtMUQtSzdZWA==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ED1
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUzMmQ1MTM2MzFjMzg4ZjllOTFmODg2ZGMwZGM2MWE5NDgyZjVhYQ&gdpr=0&us_privacy=1---

170 B
188 B

41ms
41ms

Image
image/png

142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUzMmQ1MTM2MzFjMzg4ZjllOTFmODg2ZGMwZGM2MWE5NDgyZjVhYQ&gdpr=0&us_privacy=1---

Protocol

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTUzMmQ1MTM2MzFjMzg4ZjllOTFmODg2ZGMwZGM2MWE5NDgyZjVhYQ&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 44e748b6247b033344ab4f6b8c0f8cbb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1ED1
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/OU4eFwuxeyaRFqxL_NAbZMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BpgNwYhE2oIqW8ftouVL4TdMBi11fD5I6P2HNA--~A

42 B
917 B

45ms
31ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BpgNwYhE2oIqW8ftouVL4TdMBi11fD5I6P2HNA--~A
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 09 Jan 2024 18:31:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BpgNwYhE2oIqW8ftouVL4TdMBi11fD5I6P2HNA--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1ED1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMoboG478ywSjDNlTSk2l6Q&google_cver=1

42 B
917 B

82ms
31ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMoboG478ywSjDNlTSk2l6Q&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMoboG478ywSjDNlTSk2l6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1ED1
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB8t07LOyIAABQCg6sryQ&expires=30&gdpr=0

42 B
917 B

31ms
31ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB8t07LOyIAABQCg6sryQ&expires=30&gdpr=0
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAB8t07LOyIAABQCg6sryQ&expires=30&gdpr=0
Date: Tue, 09 Jan 2024 18:31:11 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 1ED1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1---
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6OTUPE-1D-K7YX
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6OTUPE-1D-K7YX&ckls=true&ci=xCd14qQ0QL&nc=false&trid=-729532331

43 B
1 KB

43ms
40ms

Image
image/gif

18.173.219.124

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6OTUPE-1D-K7YX&ckls=true&ci=xCd14qQ0QL&nc=false&trid=-729532331
Protocol: H2
Server: 18.173.219.124 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:11 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: KKMD1vW-9i1--jo2uDW40pjnXSMxMQwX1W17XfcCLu6zz_2JxI49XQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:11 GMT
via: 1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LR6OTUPE-1D-K7YX&ckls=true&ci=xCd14qQ0QL&nc=false&trid=-729532331
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: GDA10dfWHFHcdsinqQsjRMWT40Out4MTZqsJPZLc9dyCqexXgU_xRw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 1ED1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

68 B
279 B

39ms
39ms

Image
image/png

52.6.62.160

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
Protocol: H2
Server: 52.6.62.160 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:31:11 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1ED1
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c4a8e419-5fb9-4367-822c-b80b924fcd5e&expires=30&gdpr=0&us_privacy=1---

42 B
917 B

32ms
31ms

Image
image/gif

8.43.72.97

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c4a8e419-5fb9-4367-822c-b80b924fcd5e&expires=30&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 8.43.72.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=c4a8e419-5fb9-4367-822c-b80b924fcd5e&expires=30&gdpr=0&us_privacy=1---
Date: Tue, 09 Jan 2024 18:31:11 GMT
Connection: keep-alive
X-CI-RTID: 850ebb1b-42e8-4210-920e-c6096c1d9712
Content-Length: 175
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 1ED1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
https://ce.lijit.com/merge?pid=80&3pid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
https://ce.lijit.com/merge?pid=80&3pid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---&dnr=1

43 B
664 B

38ms
37ms

Image
image/gif

63.251.86.50

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:11 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 18:31:11 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 1ED1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

43 B
1 KB

33ms
33ms

Image
image/gif

68.67.160.186

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---

Protocol

Server

68.67.160.186 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 18:31:11 GMT
an-x-request-uuid: 042a78a2-29e7-4345-b81a-31bc1560331a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 107.175.102.55; 107.175.102.55; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OTUPE-1D-K7YX&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 1ED1
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR6OTUPE-1D-K7YX&redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR6OTUPE-1D-K7YX&gdpr=0&redir=true&us_privacy=1---
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NeHZKT3Z4RTJ1SFd5eGdmelY3bzRxYmhHWXpQaW9wQn5B&gdpr=0&ovsid=LR6OTUPE-1D-K7YX&us_privacy=1---&dpid=58160

57 B
651 B

140ms
47ms

Image
image/gif

104.117.182.185

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NeHZKT3Z4RTJ1SFd5eGdmelY3bzRxYmhHWXpQaW9wQn5B&gdpr=0&ovsid=LR6OTUPE-1D-K7YX&us_privacy=1---&dpid=58160

Protocol

Server

104.117.182.185 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 09 Jan 2024 18:31:11 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 09 Jan 2024 18:31:11 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1NeHZKT3Z4RTJ1SFd5eGdmelY3bzRxYmhHWXpQaW9wQn5B&gdpr=0&ovsid=LR6OTUPE-1D-K7YX&us_privacy=1---&dpid=58160
date: Tue, 09 Jan 2024 18:31:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=107

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phpstack-952332-3837345.cloudwaysapps.com/	1970-01-20 17:33:52	Name: XSRF-TOKEN Value: eyJpdiI6IlNPaXhYcnoxcDBzZU1aK1IwNXdpSUE9PSIsInZhbHVlIjoiQnRvVUxtQ1BsNkpYUjdqQTJiN2pId1BsdVlmSGoxWVFJaW41TzlnU2JkM1hOaGFtVTVGdENiZERnT3pTMXNOR3QvZTI2UXhBa3hIb3NWRjNXeW9pTUQzT3V0OHZSNElraTI5REZMN0FFVjVPZEFJQVpmZGFiUVhkVmp6Um1BSjMiLCJtYWMiOiJjNWZlOTM5ZGY1NDY0ODRlNWQxOWI3ODI5NjBmZTA0MTUyNDA4Y2RjOWI5ZTMzZjE1MDY4NWQ2Y2UyMWRiNTJhIiwidGFnIjoiIn0%3D
phpstack-952332-3837345.cloudwaysapps.com/	1970-01-20 17:33:52	Name: laravel_9_session Value: eyJpdiI6ImZ0UE9aemYrSXBkcWFQYjJCWFNWaHc9PSIsInZhbHVlIjoiVEM4NlpuQmtIQXB3Z2Njd0xSNE5ER2RkS3hEUC83NHo4czVoN3Z4Zm1yd2cwVEprNnJoVi9FbDJpdDdyQWxYeWlHaG5DNVZjcFVDcGw1b2I1cGxTd3FMaVB5MkFuWkVHSU9uWHdDVkh3NnJGVjcrSUFIZ1lJV2lEUHVtNTEyZTMiLCJtYWMiOiJlMzJjNjI3ODU1MjU2NWJhZTNmNmU0OWIyMGY1OTEwMWUyZWM4YjhjYTk2MjIxYmIxY2Y4MmYyMjVhNGQxMTZlIiwidGFnIjoiIn0%3D
.snigelweb.com/	1970-01-20 17:33:46	Name: __cf_bm Value: R_JdoCDLVgly_sdYCOnLmpi0vUQb6e3K2vjvELfkrWY-1704825063-1-Aa8Eis+y+HA8TfNolyqqScP13s7j7uGzML7+L2HTvwMQHE+DYwDqhMgx3QAIa+NKhuXqp0Ydg2qBUXO2IXb75ys=
phpstack-952332-3837345.cloudwaysapps.com/	1970-01-20 18:16:57	Name: _pbjs_userid_consent_data Value: 6683316680106290
.cloudwaysapps.com/	1970-01-21 02:19:21	Name: _sharedID Value: fc917fa6-f5e2-4256-98fc-275a93df9c44
.cloudwaysapps.com/	1970-01-21 02:19:21	Name: _sharedID_last Value: Tue%2C%2009%20Jan%202024%2018%3A31%3A03%20GMT
phpstack-952332-3837345.cloudwaysapps.com/	1970-01-20 17:33:48	Name: _lr_retry_request Value: true
phpstack-952332-3837345.cloudwaysapps.com/	1970-01-20 18:16:57	Name: _lr_env_src_ats Value: false
.criteo.com/	1970-01-21 02:55:21	Name: partitioned_bundle Value: TT5oA19iRjA4diUyRjVxcjFnNG9XVFBlNSUyQjVPT05OZXB5VzlIaHZHNEpVRUhXTWFzYzlZczd2ZGZtdmxvRGtPdkgwZkxpNSUyRjQwSk1PQ3Rxc2gwTjNUY3ZVcXh2JTJCQ1BLMkJJUjc0bDhFV0dOYVU2JTJCbTFzekNteTdRVllwJTJCSTJxMFZBb29xbkRzSTc3dHFoZ21laFlNZGROSzk2anclM0QlM0Q
.cloudwaysapps.com/	1970-01-21 02:54:45	Name: cto_bidid Value: 3YMmfl9uSDlHREtRNDlROXFSVG8yJTJCVVdLaHoxdE5rRUF4NldlYVdMcTBESG5ETCUyRmcyZlB0TmV3VHdXdG9LbEhjbFJHeXlKZzdJTk4xVEU2Z0JWcXV3TmhOc3clM0QlM0Q
.adsrvr.org/	1970-01-21 02:20:47	Name: TDID Value: 033dcac9-8c89-4f90-9ea2-e4f5364fb32a
.omnitagjs.com/	1970-01-20 18:16:57	Name: ayl_visitor Value: e4fa40a64155c1817436e208632a298e
.openx.net/	1970-01-21 02:19:21	Name: receive-cookie-deprecation Value: 1
.33across.com/	1970-01-21 02:19:21	Name: check Value: true
.smartadserver.com/	1970-01-21 02:20:47	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 600381=5797111
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 02:20:47	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:20:47	Name: pid Value: 4035236154407876528
.smartadserver.com/	1970-01-20 17:35:11	Name: sasd2 Value: q=%24qc%3D1312541377%3B%24ql%3DHigh%3B%24qpc%3D14211%3B%24qt%3D152_1829_10507t%3B%24dma%3D514&c=1&l=-584030279&lo=-1043185317&lt=638404218641455491&o=1
.smartadserver.com/	1970-01-20 17:35:11	Name: sasd Value: %24qc%3D1312541377%3B%24ql%3DHigh%3B%24qpc%3D14211%3B%24qt%3D152_1829_10507t%3B%24dma%3D514
.doubleclick.net/	1970-01-20 17:33:45	Name: test_cookie Value: CheckForPermission
.cloudwaysapps.com/	1970-01-21 02:55:21	Name: __gads Value: ID=a87cc417e43e5dcc:T=1704825064:RT=1704825064:S=ALNI_MY3wxosB-6ADk3voULRgr7jzy_8HQ
.cloudwaysapps.com/	1970-01-21 02:55:21	Name: __gpi Value: UID=00000a0704202e24:T=1704825064:RT=1704825064:S=ALNI_MYvOd_OJ8WKtPvCvuUJIVMyA4xUUQ
.id5-sync.com/	1970-01-20 19:43:21	Name: 3pi Value:
.id5-sync.com/	1970-01-20 19:43:21	Name: id5 Value: d14f17a4-a6be-7b01-a5e3-4b2bd0454520#1704825064674#2
.criteo.com/	1970-01-21 02:55:21	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:55:21	Name: uid Value: bee7cea9-9199-4bc8-b1fd-ed30abbb728e
.cloudwaysapps.com/	1970-01-21 02:55:21	Name: cto_bundle Value: STej8l9iRjA4diUyRjVxcjFnNG9XVFBlNSUyQjVPTEtVNTN0ODB6c0tEYnRJUXNodnV1RyUyQlJiUSUyRk15VFVHZG9MWlh0RmdtVzE5N1B4MXkwZFZocnc3b2Q1clNuMWxoMUhPdFNHaE5zJTJGN1ExYktEVzdleGclMkZ6RlA5SnFBQTZPb0w3SVYycnNYMlBzMXJmSXFaRXRwUHdUSWdHYzUzbUxST3RBTWZ0UHNYaElIRzlRJTJGazZNbyUzRA

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://phpstack-952332-3837345.cloudwaysapps.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=107' from origin 'https://phpstack-952332-3837345.cloudwaysapps.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=107 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://snigel-d.openx.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://snigel-d.openx.net').
security	error	URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=phpstack-952332-3837345.cloudwaysapps.com&e=27&uid=c1167630-fff7-4855-af9b-fa3a786907e7(Line 1) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://phpstack-952332-3837345.cloudwaysapps.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8cfa3bebd340201b3c8c9471df832ab0.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
adengine.snigelweb.com
ads.stickyadstv.com
ap.lijit.com
api.rlcdn.com
argus-fra1.snigelweb.com
assets.a-mo.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c3.a-mo.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.snigelweb.com
cdnx.snigelweb.com
ce.lijit.com
challenges.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
cs.admanmedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
ib.adnxs.com
id.a-mx.com
id.rtb.mx
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
phpstack-952332-3837345.cloudwaysapps.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
prg.smartadserver.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snigel-d.openx.net
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.a-mo.net
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
x.bidswitch.net
api.rlcdn.com
104.117.182.185
104.17.2.184
104.18.10.248
104.18.36.155
104.19.158.19
104.22.53.86
104.26.8.169
108.139.47.34
13.107.42.14
13.35.102.145
131.153.242.59
135.148.2.48
138.199.41.120
139.59.255.147
141.95.33.120
142.250.176.202
142.250.65.194
142.250.81.225
142.251.32.98
142.251.40.131
142.251.40.196
142.251.41.2
147.28.146.89
147.75.198.144
151.101.2.49
162.19.138.116
162.248.18.34
172.64.152.89
172.64.153.78
18.164.107.227
18.173.132.67
18.173.219.124
195.244.31.10
198.148.27.131
199.38.167.130
213.19.162.80
23.105.12.143
23.32.172.185
23.4.232.54
23.56.163.106
23.83.76.57
3.225.218.10
34.111.113.62
34.150.170.96
35.186.253.211
35.211.178.172
35.244.159.8
35.244.193.51
37.157.2.228
44.194.162.111
50.116.194.21
51.222.239.232
52.223.40.198
52.46.143.56
52.6.62.160
52.73.63.104
52.85.61.37
54.157.90.217
63.251.28.134
63.251.86.50
67.220.228.202
68.67.160.186
69.173.151.100
69.194.240.13
74.119.119.129
74.119.119.131
74.119.119.139
74.121.140.211
8.18.45.76
8.28.7.105
8.28.7.82
8.28.7.83
8.43.72.97
80.77.87.163
82.145.213.8
0151f1172567ae5f89244b45ee35295822261d9bec9740cac276d1f625a4764e
023c9c8b67448fa54e423b611f802cf7a67ed59c8a419e0219a39f722493d7cd
049db567ff59b235ab13806ae2fee16ed733f95185ec78f3b5500ec3955a6389
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eddf3131961209d1ead253ef7914f18f978a9029479a3b911c551b4c23971e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3aaf52ef12139d680ad719c3be37ef6fcb651f744ff74bf219d68a7feac09d
12d2c1d7385bbb01a4e0297dbf71186ac0885b63db948d0d687673837347f210
147cf0ea2269c2aad899571afed0d6dd8ca708388640047ff898518d198c99b2
14c3a846e6dbaa950f1d7b8064de3649f2bd32bf6286bcc2240e1ee389e2f6ae
18694ce43a08385b33638b74a92fb3c90de79ddc3d8f3cfd0011888b93e64654
1dddfc10a4ed54771779205a851a84a55fdbd28d63fe0f7e2928e183e6becdf5
1f5181fbc22a3302d1dd0d2da546a6ef45a9163a82a9654e9533c4b24dab2958
202d181d5ac7b553dbb630a55dd4c90f9778b74bfcad6a9b2488a207173a8766
21863dcd5a6ff8c213797cee5d469f137baedcc57612c0a7cd19ecdd79061f75
22cd7aebd5fa6d25e4b6fd7bc6d8cd65face31994b415c976120bd9134cd96f1
262e946e884452e5408fbe72068fbccde7607ca77c5c528270c228edc78b593d
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
29495bb74a81b1fafaca5735561c079c56094e37ce5846167e12b0afd755bb22
2af1fcd07b59a6ba8c019bf5d7b8f3e3d8afcb56cfb2bd7175681066f67d6abd
2ce4f1b9f95f5d8b194931c64adb50463202a426c55e1822fc06a87f496e558b
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
31d8bdb82367935f756cfc852482a2a91e95c6cae949f59739acc6a6a19bd3d4
389f4afd84f02b4c34018b66efba9fa9cd4c80cc0aa34accdbf37ea76647ca17
39414ff1c6475bbf4b202133edc78a02da50ed809c9aa807899a30a021b16ee4
3ae25c1b7d32718bae6eadb4d3a435389d60163a763013736c6e004911c741b1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4201bff24bf7ac22c4cae18f3a4b33635708e8797a7d9702c2fa25db0271c766
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
463b7817a5d8278e616cc32c9b5d21035d28642dad39a06af5bed1df9208a61a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e74fa7bda95a105d6c94dc61f6ac61e91fe0763d21dd9037e8e923cf032c15e
504a636edc40ab2ca7920a654abc6f786853634905b6c128faad52243ba2f10e
50db590c076b5cf75c3e1ea2e899b5679dd5231e1b200a13ca3d6dae0635cddb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f0eb7696bc89234d2a4f76f613cab64cf3595b5a97c3e290246d277d8ac6c07
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6117ed51d0cc24321cae355b13a1b2cb500c503dd467837cd53f2de03de75d3b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6375e7ec6be5b332a829f8c64b687f97829c50440e16dc1939614f46740d3f93
6407025ac1d03efe353dffd263988cd12f2e3d611871062f3ef274811ccde855
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
651690a42263a4b23e44c15bef2b1974bb1daaeff51e36e57fc02d84ad95c65e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7c675bc64c66f763ad6c4e4f0468773740e75eed0db5319d4a5f294ca07f1c
6e1ce0f550b8af85f5939d3785482ecea73c41ecfe0f222e052dfd3874dbd371
73d3cb5a084aba046ab5327dbc4f02dc95ead835b1cf7287a0ab1159481a7624
7406e3707f2c148c2019c973e1f77cc329cf2932054d9d73df98c59d470b4a2c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7d20d5331d366a0009d348bda5c714792f20a40fe9399166965c32e4914cc2fb
7dc2f908604abf1c56f4a9eba62783c09fde405f1dbded123152bbf9bf2875ff
7dd3b4fda04df72f6e559f450793be8765a84db37e41d1c4ddb23d673d7d9d45
84a689566accff50d324edfc38698f87c49e65b15e547a79a4471b1690e916c6
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8899812931246b631f2d07287f67ac6eb3abceb8ad9fd97495ccac886d13be1f
89f318af530b7d7aa68e7880902f138ffbe4eb3ed9fc6a785368d0c31919bea3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c286e46689f61dc35c323d5c360e034d357db9c1b2cb6b2fbfaef3aa51bc794
923e5a29cce2eb13434bf794141247e59874917861965df7c1b23246b346f28f
930fbf5443c21658c7f44c767e6a94fb5c85c807d7b48b7edec47ef8cb1832cb
956840945f8e54d2cd3136f3d10fd24c278f9d64e30489f72e49bf1745ad24fa
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
a19d078bd6c4aac0fb7c49a06c681a001caedbf793bf4755f7a860c1b72d5d83
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a49e1067485ba7f377b76988754ab4607b11b8e70b5003cece093491dc445a3f
a74df8a3a64dbac18bcd42d0cc7281d332503e1cf336a6223aa96118b0560038
a995bfff5f45db65b0557ad1b547d3530b5fc15bcd4db4462c22092e3c9a169b
ac90e35d37609321fe8cdb733b06685a7eb7489f64d4eb9ca75b85feb1b7d9a9
adf745a2038f341d007a473a4e6f6602b4685b1ec7c0f66acfee537e987e4f41
aee2060c6af3b6443d6f97056b20e69215c1207287c92b37f61eabdc73a653b2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4171376af8d67a0a68549e381778cc695d6538fdd49ebcc8e4dbc97ef7ccdeb
b4db4df41cdfbfce733353f2e8e780830417a3e2b88bfef611c47d89b1dbd04f
bfed0b63a822019ce9cb9578c41825fd61ccf47b41a4d29a7b3e6906ec268082
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd4e221aa455a6602d24eb243ef16e05a47b852e4f8565156ab1055620acf45f
cd53b8f1f2e666a7640fe4e8ea2783af847c7872d8c9f8ee6b5d4129559e33c4
cd858c47af16f235c29a0ef40aa79fe6446fc27dbf868fc0189594a942cc83b2
d2f5b92f6a6c41fb457d6809d67966a9afa93eca377b9a2e63db3c7a91194d6b
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3a82d38eb3d1b78d24a1eda213030d88012e0b8db35eabfc4d27173ab0d0c95
d77e6f386b40c09057917389e28d5325903979a78caade40f4275a4be67c9586
d83000e2b2d348c93520e5beb455d6093beccda708646611a75039da9ee0a59b
d868fee1b780529adef3a5686d258da16401d83d75a2c0f1383ba86a57c7151a
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
de36e2f1c61748d0eabe9a4fc495d068b6237c1ced0f714e0e9a806df28632fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb
e4ef415a55e142643e0f3037341fb41ebd2522386932b6f2da497c1af601833b
e546fabc789dcef92fc89a26d58f49ed14892841f7402fcd5a46fc0cb27d6543
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eea4966d15beff3edc151f5139b19dc31148db8225304708552bcec8b8434737
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42c9e2661fb74c92e4a40d7097420f98a717faf7087a00eb94906fa8f2197b7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e
fb069720f23d3a496959886d99f3ac76f07ea8b5dc4f2b6443e5db1bad7b80e5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

phpstack-952332-3837345.cloudwaysapps.com Open in urlscan Pro 139.59.255.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

67 %HTTPS

0 %IPv6

54 Domains

86 Subdomains

52 IPs

5 Countries

1237 kBTransfer

3226 kBSize

29 Cookies

7 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

phpstack-952332-3837345.cloudwaysapps.com Open in urlscan Pro
139.59.255.147 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

67 %
HTTPS

0 %
IPv6

54
Domains

86
Subdomains

52
IPs

5
Countries

1237 kB
Transfer

3226 kB
Size

29
Cookies

165 HTTP transactions
0 data transactions