linkvertise.download Open in urlscan Pro
2606:4700:3033::6815:447e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Submission: On August 20 via manual (August 20th 2022, 10:20:49 pm UTC) from CA — Scanned from CA

Summary HTTP 255 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 65 domains to perform 255 HTTP transactions. The main IP is 2606:4700:3033::6815:447e, located in United States and belongs to CLOUDFLARENET, US. The main domain is linkvertise.download.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2022. Valid for: a year.

This is the only time linkvertise.download was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:303... 2606:4700:3033::6815:447e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:13:... 2600:141b:13::17d7:82c3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	52.85.61.92 52.85.61.92	16509 (AMAZON-02) (AMAZON-02)
1 2	23.41.168.23 23.41.168.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:141b:13:... 2600:141b:13::17d7:82c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21e... 2600:9000:21ec:6000:a:c092:f740:93a1	16509 (AMAZON-02) (AMAZON-02)
34	2606:4700:303... 2606:4700:3034::ac43:c3a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2	99.84.37.57 99.84.37.57	16509 (AMAZON-02) (AMAZON-02)
2	2a01:4f8:13b:... 2a01:4f8:13b:192e:2:2:ffff:2	24940 (HETZNER-AS) (HETZNER-AS)
1 5	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
12	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4	2600:9000:220... 2600:9000:2209:c400:c:492d:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	184.29.129.54 184.29.129.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::6815:cc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:2da2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.102.251.152 104.102.251.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.199.102.77 34.199.102.77	14618 (AMAZON-AES) (AMAZON-AES)
5	151.101.66.27 151.101.66.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
2	3.223.235.82 3.223.235.82	14618 (AMAZON-AES) (AMAZON-AES)
6	34.111.96.116 34.111.96.116	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:c... 2600:1901:0:cba2::	15169 (GOOGLE) (GOOGLE)
1	108.139.47.69 108.139.47.69	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:13:... 2600:141b:13::17d7:82ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.226.39.49 13.226.39.49	16509 (AMAZON-02) (AMAZON-02)
2	54.158.11.168 54.158.11.168	14618 (AMAZON-AES) (AMAZON-AES)
3	107.178.247.57 107.178.247.57	15169 (GOOGLE) (GOOGLE)
1 1	52.85.61.88 52.85.61.88	16509 (AMAZON-02) (AMAZON-02)
1 1	108.139.47.46 108.139.47.46	16509 (AMAZON-02) (AMAZON-02)
6 9	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
18	52.70.80.198 52.70.80.198	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.66.229.147 23.66.229.147	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.73.244.44 23.73.244.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	192.35.249.120 192.35.249.120	11742 (SPOTX-IAD) (SPOTX-IAD)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	18.214.193.123 18.214.193.123	14618 (AMAZON-AES) (AMAZON-AES)
2 4	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	129.80.94.115 129.80.94.115	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3 3	162.248.18.11 162.248.18.11	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	199.127.204.147 199.127.204.147	26120 (RHYTHMONE) (RHYTHMONE)
3 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
3 3	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	108.138.106.100 108.138.106.100	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.207.4.184 34.207.4.184	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.198.189.0 54.198.189.0	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	2001:4998:1c:... 2001:4998:1c:800::1000	14779 (YAHOO) (YAHOO)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
1	145.40.88.5 145.40.88.5	54825 (PACKET) (PACKET)
1	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2006	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
255	62

40 2606:4700:3033::6815:447e (United States)

ASN13335 (CLOUDFLARENET, US)

linkvertise.download	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82c3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.85.61.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-92.ewr53.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.168.23 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82c8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2008 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:6000:a:c092:f740:93a1 (United States)

ASN16509 (AMAZON-02, US)

sand.ostrichesica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:3034::ac43:c3a1 (United States)

ASN13335 (CLOUDFLARENET, US)

publisher.linkvertise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

paper.ostrichesica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.37.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-57.ewr52.r.cloudfront.net

linkvertise.chargebeestatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:13b:192e:2:2:ffff:2 (Germany)

ASN24940 (HETZNER-AS, DE)

www.thinksuggest.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2004 (Perth Amboy, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprnjmp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2209:c400:c:492d:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.streamrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.29.129.54 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-129-54.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2004 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:cc3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.linkvertise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:2da2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.publicdomainpictures.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.251.152 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-251-152.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.102.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-102-77.compute-1.amazonaws.com

ads.nighttstand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.223.235.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-235-82.compute-1.amazonaws.com

api.vidiom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.96.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.96.111.34.bc.googleusercontent.com

dts.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:cba2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

dts6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-69.jfk50.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::17d7:82ea (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-49.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.158.11.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-11-168.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.247.57 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 57.247.178.107.bc.googleusercontent.com

k.streamrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.88 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-88.ewr53.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.46 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-46.jfk50.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.43.72.98 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.70.80.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-80-198.compute-1.amazonaws.com

cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.66.229.147 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-147.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.120 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
next-millennium-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.193.123 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.26 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.80.94.115 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.11 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.35.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.127.204.147 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.90.30 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.100 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-100.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.207.4.184 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-4-184.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.189.0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-189-0.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.66 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:1c:800::1000 (United States)

ASN14779 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2006 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	linkvertise.download linkvertise.download	2 MB
37	linkvertise.com publisher.linkvertise.com — Cisco Umbrella Rank: 223584 cdn.linkvertise.com — Cisco Umbrella Rank: 269207	4 MB
23	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 997 trc.taboola.com — Cisco Umbrella Rank: 707 trc-events.taboola.com — Cisco Umbrella Rank: 1565 vidstat.taboola.com — Cisco Umbrella Rank: 2361 us-trc-events.taboola.com — Cisco Umbrella Rank: 6314 imprnjmp.taboola.com — Cisco Umbrella Rank: 6735 us-match.taboola.com — Cisco Umbrella Rank: 6829 wf.taboola.com — Cisco Umbrella Rank: 2563 us-vid-events.taboola.com — Cisco Umbrella Rank: 6396 vidstatb.taboola.com — Cisco Umbrella Rank: 4380	546 KB
18	yellowblue.io cs.yellowblue.io — Cisco Umbrella Rank: 7138	8 KB
13	rubiconproject.com 8 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 327 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015 eus.rubiconproject.com — Cisco Umbrella Rank: 582 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 959 token.rubiconproject.com — Cisco Umbrella Rank: 711	17 KB
9	gstatic.com fonts.gstatic.com t1.gstatic.com www.gstatic.com	521 KB
8	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 22307	159 KB
7	clnmde.com dts.clnmde.com — Cisco Umbrella Rank: 17159 dts6.clnmde.com — Cisco Umbrella Rank: 18677	2 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 4990 metrics.brightcove.com — Cisco Umbrella Rank: 4009	5 KB
7	streamrail.com sdk.streamrail.com — Cisco Umbrella Rank: 10119 k.streamrail.com — Cisco Umbrella Rank: 15318	238 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 108 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	133 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1260	5 KB
6	youtube.com img.youtube.com — Cisco Umbrella Rank: 3382	94 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 88	24 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 imasdk.googleapis.com — Cisco Umbrella Rank: 440	333 KB
4	pubmatic.com 4 redirects image8.pubmatic.com — Cisco Umbrella Rank: 603 image2.pubmatic.com — Cisco Umbrella Rank: 877	1 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
4	boltdns.net cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 4672 manifest.prod.boltdns.net — Cisco Umbrella Rank: 4657	149 KB
4	akamaihd.net pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 11441 bcbolt446c5271-a.akamaihd.net — Cisco Umbrella Rank: 7648	906 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
3	brainlyads.com hb.brainlyads.com — Cisco Umbrella Rank: 15151 report2.hb.brainlyads.com Failed	179 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278 ads.yahoo.com — Cisco Umbrella Rank: 2295	745 B
3	mookie1.com 3 redirects odr.mookie1.com — Cisco Umbrella Rank: 929	804 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 371	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 570	2 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 399 next-millennium-d.openx.net — Cisco Umbrella Rank: 86422	815 B
3	intentiq.com 2 redirects api.intentiq.com — Cisco Umbrella Rank: 1949 sync.intentiq.com — Cisco Umbrella Rank: 1326 sync1.intentiq.com — Cisco Umbrella Rank: 3873	3 KB
3	ostrichesica.com sand.ostrichesica.com — Cisco Umbrella Rank: 250755 paper.ostrichesica.com — Cisco Umbrella Rank: 230638	29 KB
2	id5-sync.com 2 redirects id5-sync.com — Cisco Umbrella Rank: 508	3 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456	2 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 464	628 B
2	33across.com 1 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 999 ssc.33across.com — Cisco Umbrella Rank: 1788	874 B
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 952	514 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 521	1 KB
2	powerad.ai powerad.ai — Cisco Umbrella Rank: 14828	14 KB
2	vidiom.net api.vidiom.net — Cisco Umbrella Rank: 55081	97 KB
2	nighttstand.com ads.nighttstand.com — Cisco Umbrella Rank: 54261	529 B
2	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3748	242 KB
2	thinksuggest.org www.thinksuggest.org — Cisco Umbrella Rank: 293433	101 KB
2	chargebeestatic.com linkvertise.chargebeestatic.com — Cisco Umbrella Rank: 249349	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	127 KB
2	media.net 1 redirects contextual.media.net — Cisco Umbrella Rank: 537	47 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 507 p.typekit.net — Cisco Umbrella Rank: 625	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2236	37 KB
2	icons8.com maxst.icons8.com — Cisco Umbrella Rank: 42658	110 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	38 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	17 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1232	841 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	368 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	28 KB
1	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 592	442 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	574 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 2202	615 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 522	707 B
1	sharethrough.com 1 redirects match.sharethrough.com — Cisco Umbrella Rank: 544	226 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 681	378 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 461	667 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049	586 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1099	614 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 942	400 B
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5169	7 KB
1	publicdomainpictures.net www.publicdomainpictures.net — Cisco Umbrella Rank: 104355	8 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 8017	501 B
0	sonobi.com Failed sync.go.sonobi.com Failed
255	65

	Domain	Requested by
40	linkvertise.download	linkvertise.download
34	publisher.linkvertise.com	linkvertise.download
18	cs.yellowblue.io	sdk.streamrail.com eus.rubiconproject.com
8	js.chargebee.com	linkvertise.download js.chargebee.com
6	us-trc-events.taboola.com	linkvertise.download
6	dts.clnmde.com	pxlclnmdecom-a.akamaihd.net linkvertise.download
6	img.youtube.com	linkvertise.download
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	metrics.brightcove.com	linkvertise.download
5	www.google.com	1 redirects linkvertise.download js.chargebee.com www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	2 redirects eus.rubiconproject.com
4	ib.adnxs.com	2 redirects hb.brainlyads.com
4	pixel.rubiconproject.com	2 redirects linkvertise.download eus.rubiconproject.com
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	sdk.streamrail.com	linkvertise.download sdk.streamrail.com api.vidiom.net
4	cdn.taboola.com	linkvertise.download cdn.taboola.com
4	www.google-analytics.com	www.googletagmanager.com linkvertise.download
3	hb.brainlyads.com	powerad.ai hb.brainlyads.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	odr.mookie1.com	3 redirects
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	3 redirects
3	sync.1rx.io	3 redirects
3	image8.pubmatic.com	3 redirects
3	k.streamrail.com	linkvertise.download
3	manifest.prod.boltdns.net	linkvertise.download
3	www.gstatic.com	www.google.com
3	cdn.linkvertise.com	linkvertise.download
3	fonts.googleapis.com	linkvertise.download client
2	imasdk.googleapis.com	powerad.ai imasdk.googleapis.com
2	securepubads.g.doubleclick.net	www.googletagservices.com imasdk.googleapis.com
2	us-match.taboola.com	vidstat.taboola.com
2	id5-sync.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.tapad.com	2 redirects
2	cs.emxdgt.com	2 redirects
2	us-u.openx.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	eus.rubiconproject.com	sdk.streamrail.com eus.rubiconproject.com
2	powerad.ai	linkvertise.download sdk.streamrail.com
2	bcbolt446c5271-a.akamaihd.net	linkvertise.download
2	trc.taboola.com	linkvertise.download
2	api.vidiom.net	sdk.streamrail.com api.vidiom.net
2	edge.api.brightcove.com	linkvertise.download
2	ads.nighttstand.com	linkvertise.download
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	players.brightcove.net	linkvertise.download
2	www.thinksuggest.org	linkvertise.download
2	linkvertise.chargebeestatic.com	js.chargebee.com
2	paper.ostrichesica.com	sand.ostrichesica.com linkvertise.download
2	www.googletagmanager.com	linkvertise.download www.googletagmanager.com
2	contextual.media.net	1 redirects linkvertise.download
2	stackpath.bootstrapcdn.com	linkvertise.download
2	maxst.icons8.com	linkvertise.download maxst.icons8.com
2	cdnjs.cloudflare.com	linkvertise.download
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	next-millennium-d.openx.net	hb.brainlyads.com
1	ssc.33across.com	hb.brainlyads.com
1	prebid.a-mo.net	hb.brainlyads.com
1	onetag-sys.com	hb.brainlyads.com
1	www.googletagservices.com	hb.brainlyads.com
1	vidstatb.taboola.com	linkvertise.download
1	id.rlcdn.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	ads.yahoo.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	us-vid-events.taboola.com	linkvertise.download
1	wf.taboola.com	linkvertise.download
1	imprnjmp.taboola.com	vidstat.taboola.com
1	sync.inmobi.com	1 redirects
1	bh.contextweb.com	1 redirects
1	match.sharethrough.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	aa.agkn.com	1 redirects
1	ssc-cms.33across.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	sync1.intentiq.com	1 redirects
1	sync.intentiq.com	1 redirects
1	api.intentiq.com	linkvertise.download
1	trc-events.taboola.com	linkvertise.download
1	cf-images.us-east-1.prod.boltdns.net	linkvertise.download
1	dts6.clnmde.com	linkvertise.download
1	vjs.zencdn.net	players.brightcove.net
1	www.publicdomainpictures.net	linkvertise.download
1	t1.gstatic.com	linkvertise.download
1	www.google.ca	linkvertise.download
1	stats.g.doubleclick.net	linkvertise.download
1	sand.ostrichesica.com	linkvertise.download
1	p.typekit.net	use.typekit.net
1	use.typekit.net	linkvertise.download
0	report2.hb.brainlyads.com Failed	hb.brainlyads.com
0	sync.go.sonobi.com Failed	sdk.streamrail.com
255	100

This site contains links to these domains. Also see Links.

Domain
publisher.linkvertise.com
blog.linkvertise.com
popup.taboola.com
ninerecipes.com
rfvtgb.foodictator.com
www.manukafeed.com
fetch-structure.fyi
alldelish.com
thing2know.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-12` - `2023-07-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
1454623486.rsc.cdn77.org R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
js.chargebee.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sand.ostrichesica.com Amazon	`2022-05-07` - `2023-06-05`	a year	crt.sh
*.ostrichesica.com ZeroSSL ECC Domain Secure Site CA	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.chargebeestatic.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
thinksuggest.org R3	`2022-07-03` - `2022-10-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
streamrail.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-07-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.nighttstand.com Amazon	`2021-11-10` - `2022-12-08`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-08-11` - `2022-11-09`	3 months	crt.sh
vidiom.net Amazon	`2022-05-08` - `2023-06-06`	a year	crt.sh
dts.clnmde.com GTS CA 1D4	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
powerad.ai Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
k.streamrail.com GTS CA 1D4	`2022-08-13` - `2022-11-11`	3 months	crt.sh
*.yellowblue.io Amazon	`2022-04-23` - `2023-05-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2021-11-25` - `2022-12-27`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.a-mo.net R3	`2022-07-11` - `2022-10-09`	3 months	crt.sh
ssc.33across.com GTS CA 1D4	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Frame ID: 029FBCBB9ECECEBEF0E67C99365809AC
Requests: 172 HTTP requests in this frame

Frame: https://linkvertise.download/assets/vendor/thinksuggest.html
Frame ID: D2648C6C9DABE6875A86EECBBFE25943
Requests: 2 HTTP requests in this frame

Frame: https://linkvertise.download/assets/vendor/thinksuggest.html
Frame ID: 52A65FEB8B3EAEFC8AC83E3ADFF822DB
Requests: 2 HTTP requests in this frame

Frame: https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html
Frame ID: 3AFC1F04807246DE03F6423CF5A7510C
Requests: 8 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: AE479AF7EE5034A407DE02C39EE4B546
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&cb=7wdwb7p0kmw8
Frame ID: 3416F3392EA169E681EF8FEAD66A7211
Requests: 4 HTTP requests in this frame

Frame: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Frame ID: 348BE8ACF70F0FF65A445E5ACC76279E
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 91CD227B75E0F999D448B5DF7551F88F
Requests: 11 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&cmcv=&pix=undefined&cb=1661034044451&uv=3218&tms=1661034044451&abt=adh5c-1_vA!ecp_vC!esv_vA!inc_all_video_vA!Noappq22_vC!scec9_vA!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ed460956-8fd8-4a77-8a8b-f35a146690d2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9618D758CC7E4AED625CB59070CF68E9
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 17CC0A1AECF40A6B6BA759923DEB4D96
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7C07CFD9CB8DE7F1C448144585DBA981
Requests: 1 HTTP requests in this frame

Frame: https://powerad.ai/vast/vpaid.js
Frame ID: C6BA3FEA4AAC1EAD3613158611B4E877
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.js
Frame ID: F4DF8ECEB54419679F4181CD327A990C
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5199AE1E1DB11D858BE29BBEE8B119FF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html
Frame ID: C05F4CC18779255769734FA9CE0E78D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download the BRAND NEW Toxic Gta5 Mod Menu | Linkvertise

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

255
Requests

83 %
HTTPS

37 %
IPv6

65
Domains

100
Subdomains

62
IPs

6
Countries

9977 kB
Transfer

20681 kB
Size

92
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://publisher.linkvertise.com/
Title: Create your own Links

Search URL Search Domain Scan URL

URL: https://blog.linkvertise.com/publisher/download-problem/?lang=en
Title: Click here

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=linkvertise-link-to&utm_medium=referral&utm_content=thumbnails-a:Below%20Article%20Thumbnails:
Title: Sponsored Links

Search URL Search Domain Scan URL

URL: https://ninerecipes.com/amazing-toothpaste-tricks/?utm_source=taboola&utm_medium=20408999&utm_campaign=1191006#tblciGiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyDFpU0o3LHku9HPh8Rm
Title: Nine Tricks

Search URL Search Domain Scan URL

URL: https://rfvtgb.foodictator.com/worldwide/impressive-special-forces-ta?utm_campaign=t-fd-forces-s-d-ww-260722z&utm_medium=taboola&utm_source=taboola&utm_term=linkvertise-link-to_1191006&cpc=zSEPCHsn5ht1-Do1j0PXzw==
Title: Foodictator

Search URL Search Domain Scan URL

URL: http://www.manukafeed.com/eat-ginger-every-day/?utm_source=linkvertise-link-to&utm_medium=taboola&utm_campaign=203_MF_Gingerx2_T1_all&utm_content=3032892703#tblciGiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyDdzEco3-uR8ael54kC
Title: Manuka Feed

Search URL Search Domain Scan URL

URL: http://fetch-structure.fyi/?ref=taboola-linkvertise-link-to&sub_id=inc-sc-14-str-july-dk&compkey=Foundation%20Leak%20Repair%20%7Bmontreal%7D&tbid=1385456&tbland=Land&tbserp=Search&tbclick=Gadclick&sub_id2=20251621%7Clinkvertise-link-to%7C3509984744&rskey=Cheap+Foundation+Leak+Repair+Services+in+Montreal&tblci=GiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyDwx1Qo_q6m99-BkuVD#tblciGiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyDwx1Qo_q6m99-BkuVD
Title: Basement Repair | Search Ads

Search URL Search Domain Scan URL

URL: https://alldelish.com/17-signs-you-might-have-diabetes/?utm_source=taboola&utm_medium=referral&tblci=GiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyCCplAoqLyO2OrQ388V#tblciGiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyCCplAoqLyO2OrQ388V
Title: alldelish

Search URL Search Domain Scan URL

URL: https://thing2know.com/best-car-insurance-companies/?utm_source=taboola&utm_medium=referral&tblci=GiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyCJyFko2YjPweO2nbKAAQ#tblciGiAVlFAr0nYsYFr1L9aNCdOoXF_hcmuNbmFcAHXkz0A1VyCJyFko2YjPweO2nbKAAQ
Title: Thing2know.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://www.google.com/s2/favicons?domain=mistermodzzforum.space HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mistermodzzforum.space&size=16

Request Chain 194

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1660370273&rnd=105150&iiqidtype=2&iiqpcid=816945f8-3a8f-415d-89aa-f99709958952&iiqpciddate=1661034043898&tsrnd=553_1661034043900&fbp=2503514557 HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1660370273&rnd=105150&iiqidtype=2&iiqpcid=816945f8-3a8f-415d-89aa-f99709958952&iiqpciddate=1661034043898&tsrnd=553_1661034043900&fbp=2503514557&ckls=true&ci=KC407fjEX4&nc=false&trid=-109590347 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=KC407fjEX4&expires=1825&rnd=-2006008232

Request Chain 198

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

Request Chain 199

https://sync.search.spotxchange.com/partner?adv_id=7862&gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11561%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7862&gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11561%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=55484abe-20d6-11ed-b08b-125e01710403 HTTP 302
https://cs.yellowblue.io/cs?aid=11561&id=55484a5f-20d6-11ed-b08b-125e01710403

Request Chain 200

https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
https://cs.yellowblue.io/cs?aid=11563&id=bf460dcd-e71d-492b-a65d-e8c79988c3c8&gdpr=0&gdpr_consent=0

Request Chain 201

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11564%26id%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11564%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9jcy55ZWxsb3dibHVlLmlvL2NzP2FpZD0xMTU2NCZpZD0kRU1YVUlE HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fcs.yellowblue.io%252Fcs%253Faid%253D11564%2526id%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly9jcy55ZWxsb3dibHVlLmlvL2NzP2FpZD0xMTU2NCZpZD0kRU1YVUlE HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=361841949617637721&redirect=https://cs.yellowblue.io/cs?aid=11564&id=$EMXUID&b64_redirect=aHR0cHM6Ly9jcy55ZWxsb3dibHVlLmlvL2NzP2FpZD0xMTU2NCZpZD0kRU1YVUlE HTTP 302
https://cs.yellowblue.io/cs?aid=11564&id=361841949617637721brt56791661034044376010b3

Request Chain 202

https://csync.loopme.me/?gdpr=0&gdpr_consent=0&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
https://cs.yellowblue.io/cs?aid=11571&id=df56b229-6e59-4c71-9d8c-b99722e481bb&gdpr_consent=0&gdpr=0

Request Chain 203

https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D HTTP 307
https://cs.yellowblue.io/cs?aid=11575&uid=FA84A57380CF450A9E4FC0C8BEE5DC39

Request Chain 204

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjE0RjJBNDAtNDk4Ni00NDg2LTg4RDUtQ0ZDMzgzOERFNzE4&gdpr=0&gdpr_consent=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjE0RjJBNDAtNDk4Ni00NDg2LTg4RDUtQ0ZDMzgzOERFNzE4&gdpr=0&gdpr_consent=0&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0 HTTP 302
https://cs.yellowblue.io/cs?aid=11576&id=B14F2A40-4986-4486-88D5-CFC3838DE718

Request Chain 205

https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rise?zcc=1&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D&cb=1661034044392 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5142428227 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5142428227 HTTP 302
https://sync.1rx.io/usersync/tradedesk/fe12010f-1b82-45cc-b3fc-d2b4d75d6e37 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-50fc0f89-6540-40df-ad96-fc4940425e79-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-50fc0f89-6540-40df-ad96-fc4940425e79-005 HTTP 302
https://cs.yellowblue.io/cs?aid=11579&id=RX-50fc0f89-6540-40df-ad96-fc4940425e79-005

Request Chain 206

https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
https://cs.yellowblue.io/cs?aid=11580&puid=78211126683458

Request Chain 207

https://x.bidswitch.net/sync?ssp=rise&gdpr=0&gdpr_consent=0&user_id=owOUipjak HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=rise&gdpr=0&gdpr_consent=0&user_id=owOUipjak HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fae6614c-d413-44b1-88b3-c5b0bb9793a8&ssp=rise&gdpr=0&gdpr_consent=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594858865230008242&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Drise%26gdpr_consent%3D0%26gdpr%3D0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10594858865230008242&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Drise%26gdpr_consent%3D0%26gdpr%3D0 HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e82e2379-cb06-4391-83da-f4c2c6a8d105&ssp=rise&gdpr_consent=0&gdpr=0 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594858865230008242&ssp=rise&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214910604249014826738&ssp=rise&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10594858865230008242&ssp=rise&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11582&id=fae6614c-d413-44b1-88b3-c5b0bb9793a8

Request Chain 208

https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D&s=194590&C=1 HTTP 302
https://cs.yellowblue.io/cs?aid=11583&id=YwFePEFT0gJ8ZLYdQXj7BgAAAIoAAAIB

Request Chain 209

https://ads.yieldmo.com/pbsync?is=rise&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
https://cs.yellowblue.io/cs?aid=11584&uid=gfdb5d6fe8575948e491&gdpr=&gdpr_consent=&us_privacy=

Request Chain 210

https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E HTTP 302
https://cs.yellowblue.io/cs?aid=11585&id=3040356441455740000V10

Request Chain 211

https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=0 HTTP 302
https://cs.yellowblue.io/cs?aid=11587&uid=3e72ada8-ebce-4097-8126-4d2509c1b8ea

Request Chain 212

https://ups.analytics.yahoo.com/ups/58547/occ?gdpr=0&gdpr_consent=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58547/occ?gdpr=0&gdpr_consent=0&verify=true HTTP 302
https://cs.yellowblue.io/cs?aid=11591&id=y-E8LuFYxE2uHcU4poNhJQoD10dIqQ.gQefmpJTrU-~A

Request Chain 213

https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=0&rurl=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
https://cs.yellowblue.io/cs?aid=11592&uid=BSTTHBlgSSTE&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=0&gdpr=0

Request Chain 214

https://sync.inmobi.com/oRTB?redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11595%26id%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11595%26id%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://cs.yellowblue.io/cs?aid=11595&id=ID5-ZHMOLXZu_fwlhoFKxCS_PgSBEY7S-8_37cxujR3f2g

Request Chain 221

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=L72GS7AK-27-8036 HTTP 302
https://cs.yellowblue.io/cs?aid=11590&id=L72GS7AK-27-8036

Request Chain 222

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyR1M3QUstMjctODAzNg==

Request Chain 223

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hApqYqwwTfi5scTmOff-iA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hApqYqwwTfi5scTmOff-iA

Request Chain 224

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L72GS7AK-27-8036&sigv=1&esig=2~192013c594abb35c89ef9c9b8afb953588325da8

Request Chain 225

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L72GS7AK-27-8036

Request Chain 226

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fe12010f-1b82-45cc-b3fc-d2b4d75d6e37&gdpr=0&gdpr_consent=&expires=30

Request Chain 227

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDY5NGZmZDgyYzI1Njg1YzQ4YWViY2FmODNkNWI0ZmQ4NzRkZjI4NQ

Request Chain 228

https://id.rlcdn.com/709414.gif HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 229

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=knVILZVaS8ayE3-mF0jSqQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=knVILZVaS8ayE3-mF0jSqQ

255 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xCBWyXwMnodyk2z91uAw6GYs9ki482Ou Show response
linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/ 18 KB
8 KB 381ms
338ms Document
text/html 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

86df3118968c70c6e802fd23c7de495e8eeb12f2dde6cbf7285f6eddeeebf9df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73de848148e87150-YUL
content-encoding: br
content-type: text/html
date: Sat, 20 Aug 2022 22:20:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 19 May 2022 15:25:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlV8mmyTadQl4NSqNpau2IWp6EQGeIcCewZSr9yynGGAeLavPsVXGZm5kcoQ03XOEMCUS8Vecrla545wwCE46pZOg%2FqZ3j870DVx1AvxtfXRbhtY1nn7OPQg7ZrrkraTrNdjFlGeI%2FNacfgJ9QFswR95Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PleskLin

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
27 KB 61ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7493268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27748
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfTDt%2BYVsJ1bmhszCA3SVS88a1Bi%2FtIQ2Jv7SWYUJSBXr5Tq%2BgM2MqrjmqesiLJMjPcih4m44Fui3vP%2B%2FW4rb7otF1nrwjYWP%2FPFNa7HjkQPpZ6xzUKJDM1iLQW1UiQQ8W7NtQDeCKlOw%2B0%2FvTxUIVaU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73de8483a9c37142-YUL
expires: Thu, 10 Aug 2023 22:20:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
923 B 85ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Aug 2022 21:26:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Aug 2022 22:20:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Aug 2022 22:20:40 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 85ms
36ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Aug 2022 22:20:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Aug 2022 22:20:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Aug 2022 22:20:40 GMT

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ 88 KB
15 KB 171ms
46ms Stylesheet
text/css 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: ZRGlRazapkg
x-77-cache: HIT
x-cache: HIT
x-age: 23534473
x-77-nzt: AZySJBZycmH/iRtnAQ
x-accel-expires: @1952859568
last-modified: Tue, 16 Nov 2021 09:34:27 GMT
server: CDN77-Turbo
etag: W/"15e81-17d281900b8"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 62ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://linkvertise.download/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 10317170
cdn-cachedat: 2021-04-23 06:29:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8a0a2fbe07e2755f2d5a42f777e70da3
cf-ray: 73de8483ae5a7157-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 lgs0rip.css
use.typekit.net/ 3 KB
961 B 119ms
36ms Stylesheet
text/css 2600:141b:13::17d7:82c3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lgs0rip.css

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82c3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

3b396c7db2bfc21a81ceaa1789031a4f7ab8b0078c5e504433dd50d7828af018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 20 Aug 2022 22:20:40 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 729

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 61ms
21ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://linkvertise.download/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 10317170
cdn-cachedat: 2021-04-23 04:44:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cc1ce88487ce1abd62214b31fa61fc69
cf-ray: 73de8483ae5b7157-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 68 KB
11 KB 59ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14187346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10228
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-111e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwV8YAPY%2BOZTiBsnmp11ZGYqUHlGk6XPMqAjEU7Sjga%2Bn5vynBCJrohmjUtg95%2FGIZ%2BswqohlFy8D0HlRHdGwAD5uAwlmDeu%2Bnaim0fF%2FrQ1YxF%2BvYuF9jSwPNmHEa0IATFUci%2BoUhnfnb0opSb0HYhL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73de8483a9c17142-YUL
expires: Thu, 10 Aug 2023 22:20:40 GMT

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 223 KB
68 KB 87ms
22ms Script
application/x-javascript 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6bbffb8dd31b35301ffd568a6d53fe88abfd567a1037bf68c17e57094c0ce53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: aweYcTxyhYL3QcVsxbInfyK.HKv3DBCu
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 13:33:23 GMT
server: AmazonS3
age: 236
etag: W/"8333f7fec2a9aca853057bdcbcb4de78"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sat, 20 Aug 2022 22:16:45 GMT
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: HJeB__d_4Faz2ZoV8tVaEOPGql_3PDOGM1qcXB35XYwe8ICiD2p6Rg==

GET
H2 200 ads.js Show response
linkvertise.download/assets/ 53 B
432 B 19ms
17ms Script
application/javascript 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkvertise.download/assets/ads.js

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

b1af735cf017f07c82e88c4e7ae104eb140ebec0882691bdc68ad6c1a6e3449f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1333
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"35-5df5e6ec97455"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7NP5Blk%2FNkUz9%2BuGe4Fo2AP4QmWMTtO4m%2B7O2oK1jjraA14zCnYyAQapkYmrzF%2BgYRdgGS3Ep%2BZk53LghF4SuuS3vEoQOIfT7cmHNcibLFj%2BV7dogMTM%2FFXFacRRwIcXvvQGM2iuqkQ71OMxApCDK%2BnMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-accel-version: 0.01
cache-control: max-age=14400
cf-ray: 73de84836cc17150-YUL

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 138 KB
46 KB 186ms
55ms Script
text/javascript 23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CUG57U1V

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

02696a1a0fde9653d80de55b4fb1096b88746c00549e4937f3aca36d5044abcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-mnt-h: 22-nmmp
content-encoding: gzip
etag: "9073e7d31b6533fafad4b9bcd3727d71"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Sat, 20 Aug 2022 22:20:41 GMT
x-cache-hits: 0
strict-transport-security: max-age=31536000
x-mnt-w: 8-11
expires: Sat, 20 Aug 2022 22:25:41 GMT

GET
H2 200 styles.d854b0137cc3549c3fd0.css
linkvertise.download/ 360 KB
58 KB 25ms
23ms Stylesheet
text/css 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/styles.d854b0137cc3549c3fd0.css
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 34b8b76757b6ff96b03b24acf0b67fb690e673c504724dc0cc605dfda74dfcc3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1333
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 15:26:06 GMT
server: cloudflare
etag: W/"6286618e-5a060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKYOkUAn7u6b3y8TbYB8dtuWbB1qDaenrf9QwpcEb30vwgB9q7i1bc%2BqHBVktAy4lINtC%2BlBr%2FtwyHyz8L2%2FWi3zTPQ0CEUIU8rpvaQb2pkOlyojbBq29iVlLNYAWLQmyuJT88r3ktRyLFL3cY5ShuWt4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 73de84836cc07150-YUL

GET
H2 200 runtime-es2015.c4a3d7bd62ce70d7f5d4.js Show response
linkvertise.download/ 2 KB
1 KB 21ms
19ms Script
application/javascript 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/runtime-es2015.c4a3d7bd62ce70d7f5d4.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a71c4a80fa73e63ccc8b499a828a32c843c95ee5d42f1b894e23e0940d864b81

Request headers

Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6924
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 15:26:03 GMT
server: cloudflare
etag: W/"6286618b-8f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dN89eg4em2iwNdFMnoyD313x5YwBeX5H46pkpUBhrXYlOFE4keC7Li7Fk7Rog0NtNNHzwO9o%2FUpk4LxYykTd9ZHbU7OI5lTQON9hr4a6I08eP1p%2BgAlCW8SWVVk%2F2%2Bkbxx78r9tK0T6aCGFaOKNUEwdU1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 73de84836cc27150-YUL

GET
H2 200 polyfills-es2015.969a1913cf35389c10c8.js Show response
linkvertise.download/ 37 KB
13 KB 35ms
34ms Script
application/javascript 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f6ad402aa2c578977a90f1938f0273e4726c599e17caeeef8b125b3e074e53ce

Request headers

Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6924
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 15:26:02 GMT
server: cloudflare
etag: W/"6286618a-9326"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEoT16vxCK6vJ9dQowdAP0K7ss6ReSvP8B3mwlt2PF2TzFWzpODsEbzdwiMUFbvQP0Aw%2FlQz4cRRQfzU5sXlxcjcugvQgmU5nqGCPfgbL2kkwsInF8d8CvPA3GkXGy88HbgSxta7eQpUFPFEz5c7SfiWFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 73de84836cc77150-YUL

GET
H3 200 scripts.2e2f36741b5af9bc644c.js Show response
linkvertise.download/ 205 KB
63 KB 26ms
26ms Script
application/javascript 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/scripts.2e2f36741b5af9bc644c.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d2aa778f78649c29ee13c029db9c7d04f59061855eb577152e44e487705c48b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1331
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 15:26:04 GMT
server: cloudflare
etag: W/"6286618c-332e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYQ6LKuSn7EQginQC6fWJEyQFbcYiGuskaSqrCd5IY0ku7UTTbQFPy8GbYDFNQQFlg%2FXBCj29IbSgSsgWZ2Lw2HqqLfGxxar3Hym5DLzSQwd%2BBq0RlNHotIGjA9BK4SvHkw2opXzf2YPadArIgxnzSxvUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 73de8484da4a4bd0-YUL

GET
H2 200 main-es2015.4a1836ca310b0997b1af.js Show response
linkvertise.download/ 3 MB
677 KB 37ms
36ms Script
application/javascript 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/main-es2015.4a1836ca310b0997b1af.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 72bdd6f9814592821297966effb17637fe737b09f6c48e2b717d566edd3af30d

Request headers

Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6924
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 15:26:01 GMT
server: cloudflare
etag: W/"62866189-3032ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bw7Na7%2BfTt3sbX9ud4BZY%2FLE4F3dYzp1UnfRXiWuugf0NcT9i0acuVMH%2BnSAn17%2FFD1%2FjZ8tL0dNWobZ%2FpeJ%2B90sq2SvjtMtO5LysTkZr%2BQR63%2BMZywBG803nC3Ede3B75qIF9xB%2Bf1cvMcBhAo5vw5lwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 73de84836cc87150-YUL

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 98ms
19ms Stylesheet
text/css 2600:141b:13::17d7:82c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lgs0rip&ht=tk&f=43349.43352.43354.43357&a=84442296&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lgs0rip.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82c8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
last-modified: Sat, 02 Oct 2021 08:25:28 GMT
server: nginx
etag: "61581778-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
56 KB 86ms
35ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZ69NZG

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8826abb6f25b98394d68e13e7aba6c8bab2d68f2c39402bf3916d673427648f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57233
x-xss-protection: 0
last-modified: Sat, 20 Aug 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Aug 2022 22:20:41 GMT

GET
H2 200 112-c2030e86a0d712ce9634.js Show response
js.chargebee.com/v2/ 12 KB
4 KB 24ms
23ms Script
application/x-javascript 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/112-c2030e86a0d712ce9634.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

feb93457e15d527f46a8967385eabee08a1f5381e0a3d3f36442a4309c93a478

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: bLn0BLVr0lCf5gHytTFNSJdpdkgqAgxa
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 13:33:23 GMT
server: AmazonS3
age: 236
etag: W/"972a6b5e01f396382f88f414dc2f1ba0"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sat, 20 Aug 2022 22:16:46 GMT
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: KwS1-Yqx57BIYid_pmu1pRgkfEsFbff6kG46nW5AURqI182EVpQ7Ng==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
19ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 129363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 10:24:38 GMT

GET
H2 200 clicktrue_invocation.js Show response
sand.ostrichesica.com/ 76 KB
28 KB 97ms
21ms Script
text/javascript 2600:9000:21ec:6000:a:c092:f740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sand.ostrichesica.com/clicktrue_invocation.js?id=14473
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/main-es2015.4a1836ca310b0997b1af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:6000:a:c092:f740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 2aa840d413b4de13e123e79e7dece94cb5ac536703f0963469b72d737963198a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 11:47:48 GMT
content-encoding: gzip
server: Caddy
age: 37973
etag: "12ff8-zpRowgSK7JSpLd0QcfmgOfhrUY8"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 0abfc04b3868b6760be5e12dccdfc7d4.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: JFK51-C1
content-length: 28264
x-amz-cf-id: mfV9D0w21oGG1kb02VQHfz4W5MoeIXiOt-3LEP0rfvbJXB8p2_no6w==
expires: Sat, 20 Aug 2022 23:47:48 GMT

GET
H3 200 thinksuggest.html Show response
linkvertise.download/assets/vendor/ Frame D264 6 KB
3 KB 346ms
346ms Document
text/html 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/vendor/thinksuggest.html
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/scripts.2e2f36741b5af9bc644c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 98fe4ec167979486ac635cd574c88158049513cc39e7e3404d1e2d6a058614d7

Request headers

Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73de84872d6d4bd0-YUL
content-encoding: br
content-type: text/html
date: Sat, 20 Aug 2022 22:20:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 19 May 2022 14:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FWld5UDIU2sV9RIZ%2BUQEVC66b8%2FOonhXbPL0P0FzbNj0P1krgx3dRJ3oPhyy62BcDan7xvZHtoIKUHbKME5H1PaiypMnBok8TkqH5S2ZBlYkJKR0q%2FMJmB2H9BH%2BAEcw8KjaDbyz%2FbQLeih0vL9xOh18w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin

GET
H3 200 thinksuggest.html Show response
linkvertise.download/assets/vendor/ Frame 52A6 6 KB
3 KB 337ms
337ms Document
text/html 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/vendor/thinksuggest.html
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/scripts.2e2f36741b5af9bc644c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 98fe4ec167979486ac635cd574c88158049513cc39e7e3404d1e2d6a058614d7

Request headers

Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73de84872d704bd0-YUL
content-encoding: br
content-type: text/html
date: Sat, 20 Aug 2022 22:20:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 19 May 2022 14:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMLGM7rQ%2B9CvC1VgLbXKKTFu6HcQWE9PMLHfXy2h%2B4bdiAN%2BNbjnOQM6v2AFriBeQGoM53AW%2FdOQFAjc5MUDcwJuHm37QZrT21kL2KorQA%2F4Q2jYQN2TLUH3BphuCtR%2BLuGx8NokBMduJnj8M4PnaY4Yhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PleskLin

OPTIONS
H2 204 account
publisher.linkvertise.com/api/v1/ Frame 0
0 194ms
151ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/account

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84876d03ecee-YUL
date: Sat, 20 Aug 2022 22:20:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Znd%2Fk6aDKZ%2Fu38DcOJ7JndXcMGb%2BAcOXEQr%2B00bKPxHRUbwT5xuPmxWMIZ7nfRmfNlu6EBlHzhpDJ6RBnOVuzyiFVc8lVEJFZ9teYh9%2FvUE33iNmHqGG4eiMYTpreKy6UwudMVu%2BsboJEhCjLvTlDbNVZi8%2FZ0Cs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

GET
H3 200 account Show response
publisher.linkvertise.com/api/v1/ 984 B
1 KB 193ms
192ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/account

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b6075b0fc82bbbfc3b412615e32e2af0d2522c398c40146bd0a9624ba86395

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpDRkDrGgd3LuZ8h6oQMDzkWrVtX%2FS90qCbwqpPVtJGDaNICAtVCaauEGsom36StvoQjFM7lZMoHuF7CqdKT1ftTqaYvwKUegKIUErjWT5rA12%2FxZoenMS3Zub4y1Nf%2BK41tGvKKn6tNBo648ERK8lT%2BRb54ZLid"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 73de84886a15714b-YUL

GET
H2 200 animation.css
js.chargebee.com/v2/ 758 B
1 KB 19ms
19ms Stylesheet
text/css 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: vWFlSrexaNAiXoAq9aeh1JDz4.rZigsC
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
etag: "f8a79fc47c28375628855b4c78ff6f85"
age: 147
x-cache: Hit from cloudfront
strict-transport-security: max-age=300; includeSubdomains; preload
content-length: 758
last-modified: Tue, 19 Jul 2022 07:18:04 GMT
server: AmazonS3
date: Sat, 20 Aug 2022 22:18:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
x-amz-cf-id: Fe9le2UR5-wVQRxyAeukQ4Z7i5UQYqUpmuyCKRtQCoakyP0fMk2wUg==

OPTIONS
H2 204 toxicmodzz-vip-menu-gta5
publisher.linkvertise.com/api/v1/redirect/link/static/35082/ Frame 0
0 130ms
129ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/redirect/link/static/35082/toxicmodzz-vip-menu-gta5?origin=&resolution=1200x1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84877d08ecee-YUL
date: Sat, 20 Aug 2022 22:20:41 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL%2BYnEWwTUi4UcCx6CunH0nPLuBhGBxI6Q%2B3m%2BrKPG2WW8zrvPFMlg4joUkijv9HJqoSGw5GL6jD%2F%2BbGTu4ki7kMb2VEDkko5wLMI3u%2F2xvXgD%2FyfpiYkaoVe3Px0WBsHNy2YeQBYwCWbmxJFcwjpE3AdHmu7wI0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

GET
H3 200 toxicmodzz-vip-menu-gta5 Show response
publisher.linkvertise.com/api/v1/redirect/link/static/35082/ 29 KB
8 KB 334ms
317ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/redirect/link/static/35082/toxicmodzz-vip-menu-gta5?origin=&resolution=1200x1600

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebbc2ee6e56d3f0e5d82d5393fc853649e9d959a6af445962a75ed1960730b7a

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 58
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTEM56cQWkGy%2BLC2hCnQcfIQSNAlSSUxk2bHphSQ8Q72MBD7KIMz%2FEJ2HNleuMA8D1xnMWkBSe2iigvY7GL60lBYef2mNeX2cViQzdUKGHKE4A34VcE2HUTrbkzI3zUhMNsOjt8inCwL0jq5LYSXyGd%2F4Pzx4XVj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 73de84885a12714b-YUL

GET
H3 200 Dreieck_d_links_w.svg
linkvertise.download/assets/img/icons/RT/ 1 KB
1 KB 30ms
29ms Image
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/icons/RT/Dreieck_d_links_w.svg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d09e035eb43e62af72227abd93864326eb8d10c4eaaadb31d8e229a2f8c9fe1f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4619
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:36 GMT
server: cloudflare
etag: W/"6286584c-5d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsGKz5XycGwsv%2Bl1LmvHHPlXuul6lZbdjH9CFdZcxTcJwcaHrvRJYXVeM%2FGStUdVudlOhL48kpYC9UlalnwTl%2Bd38G1YQHNW%2BLzkxofwmiZt5O%2BhGsftWzbaVA%2FkYy24uIrKJjYTPHd47DiMfbz5RFAg4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de84877dec4bd0-YUL

GET
H3 200 Dreieck_d_rechts_w.svg
linkvertise.download/assets/img/icons/RT/ 1 KB
1 KB 18ms
17ms Image
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/icons/RT/Dreieck_d_rechts_w.svg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2f6ae209778e40807655e3d775c4b9408f0cb9dbf19427e6382496a81d70f55c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4619
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:36 GMT
server: cloudflare
etag: W/"6286584c-5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2B2RlOgYLTlX%2F8fkqzF3bDaDkEQY6Y31G2uBg%2FNQDnpGnlN0VIDNUmPisFuUTmJ2VewjSIIdYoG3%2FbuI7OBxwfZ2y%2BJ5mudZgnsGieHnIJW2Ebdk6j3HRyLNfsplBEHU81tcEW7G4kh0gkmtCtwAkvWU9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de84877dee4bd0-YUL

GET
H3 200 loading.gif
linkvertise.download/assets/img/ 48 KB
49 KB 28ms
28ms Image
image/gif 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/loading.gif
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 47825a900e347c3ebe2ed17dba529d293ca8a3016faaad7ac8b3850df2fcf9f0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1329
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49203
last-modified: Thu, 19 May 2022 14:46:24 GMT
server: cloudflare
etag: "62865840-c033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QTDiialTrgbDiL1Z%2BE9duIEP9RAFMh5hgyzp24B%2FjLB%2BHNA6sJNJ%2BYHFGomwwHHHagP%2BRGT58%2BmmcGFzMdG%2BgK6tIOHYWMuTnPKOQjP1th2IY5E2OYhifwANRaaiuJoHHDYRIIBVZUDnVFJnV09ylfIBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de84877df14bd0-YUL

GET
H2 200 master-67eacd9432daa227b727368c8ea3cdde.html Show response
js.chargebee.com/v2/ Frame 3AFC 203 B
651 B 20ms
19ms Document
text/html 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/112-c2030e86a0d712ce9634.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7cb1e77010a4ec3c6b55b5ef37b253f8077d6b748ab2de01b6f0a27841cf040f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 266
cache-control: max-age=300,public
content-length: 203
content-type: text/html
date: Sat, 20 Aug 2022 22:16:15 GMT
etag: "0c347648ef8d22cd4fab7022b284f4d5"
last-modified: Wed, 17 Aug 2022 13:33:24 GMT
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
x-amz-cf-id: nxcQ4k11vGoM1_QfslOT2PBeaIZVdPaUEr7M4cQorXwvVxsq4oirTQ==
x-amz-cf-pop: EWR53-P1
x-amz-version-id: bgEoFHVMr9HwuuwzNdbyPDlF_dcAp2z3
x-cache: Hit from cloudfront

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 75ms
34ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7DRMH8RP03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ69NZG

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e41d62cf0ce78fbf46e5296792fec95d6927b03e6788450bf60b94539a822325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72321
x-xss-protection: 0
expires: Sat, 20 Aug 2022 22:20:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 80ms
20ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZ69NZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6909
date: Sat, 20 Aug 2022 20:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Aug 2022 22:25:32 GMT

GET
H2 200 master-be317c617f0c3a41b220.js Show response
js.chargebee.com/v2/ Frame 3AFC 204 KB
61 KB 22ms
22ms Script
application/x-javascript 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/master-be317c617f0c3a41b220.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5b47071a02c81693383801aecc7088e04f842989168db75588cd4be960524be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: 3Z8uEJAxU6p35aXuPqz5uVytFv_sR_Oe
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 13:33:23 GMT
server: AmazonS3
age: 68
etag: W/"41baaafcfdc39b8519ef352b0bab888f"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sat, 20 Aug 2022 22:19:35 GMT
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: H2wpwfz1D-KpU5UZ-y6srO7jM3OteRPaVtiInvtNGmYGJi3pU6Qckg==

GET
H2 200 ct Show response
paper.ostrichesica.com/ 3 KB
1 KB 205ms
132ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://paper.ostrichesica.com/ct?id=14473&url=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1661034041675&hl=2&op=0&ag=82661408&rand=84681276629155268906905016606719242115381025928358505180556263128205757&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDI4ODBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDIsMCwwLDcsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCJdLFstMSwiLSJdLFstMiwiOSxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjozNTEwMDAwMCxcInVqaHNcIjoyOTQwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuNywwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NjEwMzQwNDE2MjEsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCwwLDEsMCwxMiwzMCwzMzksLTEsMCw2ODMsMTA0NC44LDExNDksMTE1MCJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc3LDAsMCwwLDU2MiwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCItIl0sWyJkZGIiLCIwLDksMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwxLDIsMzgsMCw5LDAsMSwwLDAsMCwwIl0sWyJibmNoIiw4Ml0sWyJhYm5jaCIsODJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=Lr2AiPgY8L&pto=1203&ver=47&gac=-&mei=&ap=&duid=1.1661034041.qbpMIJS2daDcFBVK&suid=1.1661034041.9x4ePS4OmPmVVnnp&tuid=1.1661034041.8bLZHKM9QT52rIdx&fbc=-&gtm=W10%3D&it=57%2C976%2C99&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: sand.ostrichesica.com
URL: https://sand.ostrichesica.com/clicktrue_invocation.js?id=14473
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 696ceb514264f174585cf439129f972b909493a730ce9afe1792118bb44e218f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1120
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
32ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1645246227&t=pageview&_s=1&dl=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&ul=en-us&de=UTF-8&dt=Loading...%20%7C%20Linkvertise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2111501309&gjid=810227295&cid=55841967.1661034042&tid=UA-123426114-2&_gid=1753778966.1661034042&_r=1&gtm=2wg8h0TZ69NZG&z=1218722923

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 33ms
32ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7DRMH8RP03&gtm=2oe8h0&_p=1645246227&cid=55841967.1661034042&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661034041&sct=1&seg=0&dl=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&dt=Loading...%20%7C%20Linkvertise&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7DRMH8RP03&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 124-497ddb7afc7f47008d75.js Show response
js.chargebee.com/v2/ Frame 3AFC 3 KB
2 KB 20ms
19ms Script
application/x-javascript 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/124-497ddb7afc7f47008d75.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-be317c617f0c3a41b220.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7eb0c4590b086c1c5598d39cb257f1bdd7500a053c8122037cf1530b6883c09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: ZK01M94vTqWUXp1Oumr0N8jMpGE7Wcm7
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 13:33:23 GMT
server: AmazonS3
age: 174
etag: W/"f94591488b56072ad8c7ec9a6f751d63"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sat, 20 Aug 2022 22:17:47 GMT
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: LQCaKcnpW45g_6PT2NPEoAid8ebmX5DMVhjHpBGO3FwzrUAivO4tnQ==

GET
H2 200 129-0de76bd2361f232ab4a1.js Show response
js.chargebee.com/v2/ Frame 3AFC 2 KB
1 KB 23ms
22ms Script
application/x-javascript 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/129-0de76bd2361f232ab4a1.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-be317c617f0c3a41b220.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d3f9d1df8bd9c92322c5a1c136b8741e5fda5cda1c6c178b1e5773ff92fa559b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: sC1RwNlNsFYCgzP4OQmLfvEtbLxGd8xU
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 13:33:23 GMT
server: AmazonS3
age: 125
etag: W/"f2180aa13047ecb0e675318a94f85d1a"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sat, 20 Aug 2022 22:20:41 GMT
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: X9ESnuNZyUIkq3ofwhOJjWPUlcxct6UwGuQ-fflpmjjGGuS5QDxRug==

GET
H2 200 pi-worker-67eacd9432daa227b727368c8ea3cdde.js
js.chargebee.com/v2/ Frame 3AFC 60 KB
20 KB 20ms
19ms Other
application/x-javascript 52.85.61.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/pi-worker-67eacd9432daa227b727368c8ea3cdde.js

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-92.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

76a6e69f501efcba97d0551d4fe836cf017731df5eaab3ce9924e5d7273b1bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/v2/master-67eacd9432daa227b727368c8ea3cdde.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: DXxap6qA.QrYGIuhnpfBHObOfMHNo9LL
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 17 Aug 2022 13:33:23 GMT
server: AmazonS3
age: 174
etag: W/"8ae91ab6e4265126814a2540631188bd"
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
cache-control: max-age=300,public
date: Sat, 20 Aug 2022 22:17:47 GMT
x-amz-cf-pop: EWR53-P1
x-amz-cf-id: mQHwzWTISE0KEupAexQPdw4YE4Ez3UChp2KQA8Et2eEW_Mihj6CI5A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 99ms
34ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123426114-2&cid=55841967.1661034042&jid=2111501309&gjid=810227295&_gid=1753778966.1661034042&_u=YEBAAEAAAAAAAC~&z=1076330011

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 20 Aug 2022 22:20:41 GMT
content-type: text/plain
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 retrieve_js_info Show response
linkvertise.chargebeestatic.com/api/internal/1661033700/ Frame 3AFC 422 B
1 KB 19ms
18ms XHR
application/json 99.84.37.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://linkvertise.chargebeestatic.com/api/internal/1661033700/retrieve_js_info

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-be317c617f0c3a41b220.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.37.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-37-57.ewr52.r.cloudfront.net

Software

ChargeBee /

Resource Hash

7fb97409d4f559eb251f7326a89f5478a221607e8ef4d03ae2ed5b3d0d34e0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.chargebee.com/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:18:01 GMT
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
age: 160
x-cache: Hit from cloudfront
content-length: 422
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=3600
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C4
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
x-amz-cf-id: mRce_cqsnroHuRckhR8dbUMr6uz9wpLDf-ecCA991pa4nDX-OXuvAg==
expires: Thu, 01 Jan 1970 00:00:00 UTC

OPTIONS
H2 202 retrieve_js_info
linkvertise.chargebeestatic.com/api/internal/1661033700/ Frame 0
0 116ms
50ms Preflight 99.84.37.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://linkvertise.chargebeestatic.com/api/internal/1661033700/retrieve_js_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.37.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-37-57.ewr52.r.cloudfront.net

Software

ChargeBee /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://js.chargebee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://js.chargebee.com
cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sat, 20 Aug 2022 22:20:41 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-cf-id: 2cnCAEsMrYqV4djoMbFAWiqGTJeqDfdHMPeQ8yMYsn-zv18zXU8Edw==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H/1.1 200
OK suggest-min-unpacked.js Show response
www.thinksuggest.org/simple/ Frame 52A6 50 KB
51 KB 487ms
199ms Script
application/javascript 2a01:4f8:13b:192e:2:2:ffff:2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thinksuggest.org/simple/suggest-min-unpacked.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/assets/vendor/thinksuggest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:13b:192e:2:2:ffff:2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9ec9f50ac6a5dfdf7ace0a047ab4e86a7f8ff297030f93f9b8b4e27c57fdaa51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 22:20:42 GMT
Last-Modified: Fri, 05 Jun 2020 12:39:04 GMT
Server: nginx
ETag: "5eda3ce8-c91f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51487

GET
H/1.1 200
OK suggest-min-unpacked.js Show response
www.thinksuggest.org/simple/ Frame D264 50 KB
51 KB 499ms
209ms Script
application/javascript 2a01:4f8:13b:192e:2:2:ffff:2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thinksuggest.org/simple/suggest-min-unpacked.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/assets/vendor/thinksuggest.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:13b:192e:2:2:ffff:2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9ec9f50ac6a5dfdf7ace0a047ab4e86a7f8ff297030f93f9b8b4e27c57fdaa51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 22:20:42 GMT
Last-Modified: Fri, 05 Jun 2020 12:39:04 GMT
Server: nginx
ETag: "5eda3ce8-c91f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51487

GET
H3 200 en.json Show response
linkvertise.download/assets/i18n/ 102 KB
30 KB 126ms
126ms XHR
application/json 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/i18n/en.json?v=1&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: defb0da9f86d2103035f1b48eef1ec85c5234a8f3e81d97b4d5060fc69172c91

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 19 May 2022 14:46:59 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"62865863-1978f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMxr4QKxmk4%2FEpN%2BK8kfAULPCCJYHTtBiZIlfHnuYBaMpDdzifji9MDK57n%2BpZ%2BQBd4oR7yUjv6%2FNfHxjsSykx4D95Cb9%2FfJk9EAQn6xnWoefegv6%2BQzMNzY6TjKmXmZPjG1sitP5AvWsXbRfsvhfXjGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 73de848998ec4bd0-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123426114-2&cid=55841967.1661034042&jid=2111501309&_u=YEBAAEAAAAAAAC~&z=1913833220

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 111ms
39ms Image
image/gif 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123426114-2&cid=55841967.1661034042&jid=2111501309&_u=YEBAAEAAAAAAAC~&z=1913833220

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 validate-traffic Show response
publisher.linkvertise.com/api/v1/ 1 KB
1 KB 196ms
195ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/validate-traffic?cheq_response=gK1O3abLHLnsPxAfvXlWupOult45Ly8C3nwL9o%2BCIR1Jt2Kt9sKcFEbZklkOtafTCWMs&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d65ed4b5e5547943c9bddf55f9022d49275bc5b806b5151fca3009a13db1937

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 57
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIXfFwoupUKtVbOJh2H%2FP3fgeDR5yoJWS7nzFlVF5gGyBt3X7RQGNEVlncP3qeEKpzXm035uETVCvSo%2Bv9fh3bQPfRipe%2BLCjBVsOTWcZxDYZc6gZUDLyitlSEZ0bEuktl6wV9RRLKAHlpUHilMS0gSoKWOvfRzj"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 73de848abcf4714b-YUL

GET
H2 200 tc_imp.gif
paper.ostrichesica.com/tracker/ 43 B
79 B 29ms
28ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paper.ostrichesica.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136cefc736ee478e9c9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f15896a2417071a10acf9f29f674cd3d2dc01293a4efe797100d33b8a63c705635372905b070966565fc3bf621b77be26bb25cb43e2913df05565a90e2d7a1bda53ea46f490dfd93abb2807ff7ecaa8556d8e0e3143714493d60265f660b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a5908677a0d8df5be9489d583f72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7df9c21237ebd8f97c8700ac43ba861cc34cc3ca7dc13864959d72da30c6d5e9f39df3f1477fe425b4b9fc284d26f9913f82be50eb0102419457459a8c88c4c8e88220de21c199f98e75fb707539877e669299844229ddeb75e650b0c117c63ab970584055c33bb915c488ba74aac837c010f0c0d9cd64d9145e4cdd6b0f696b6672caaa78bd15cc97d433868b31d8ab3d818be2a827df9df01f283e8eee1e1c88f9494a05f7fdef38b63099e955f3f27da076b242e441c80685ba36c60635a1ff806c3b2372417f5d0955e8b4ce7ed810a5595c1071eabe5d8cc04d4dfaf89fe9ae70d0b3b5badfaffeb5121062e94d94e84b72911434688b3a082f288f2fbd7c0bdff9dd71dc32a479d2fe7289c1598b711d3c321e6e51c0d2eeb03f6756981e5996d0d0a7b3cf5b1983b3b8788ad2757bd9ce0f3a69fd8dc45527b33b985c991aff229d12d9a50feaee77bbcf9ad88a467ceee63d628275a28db4aa08dd3e746b7cee0b4104e0d70cf99e72b18b87da1788ded321042546a03cad03ab55b1856992335d28093e281f825ef1dc5308df099ef9b527c5dd09c92d27bd1b6e2d81e9d70c5bee72f18e14db19395236d64357ffa6b60cce557ce3d15bb3c3cfbdc014c8573e4f09e035610b8e9a0c40a865a487815fd38cbf550422f5782a5e55935405ab&cri=Lr2AiPgY8L&ts=214&cb=1661034041889
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:41 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

OPTIONS
H3 204 validate-traffic
publisher.linkvertise.com/api/v1/ Frame 0
0 140ms
140ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de8489dc02714b-YUL
date: Sat, 20 Aug 2022 22:20:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySAZ0gwY0iYDugJKff78%2FnEnkumPjI3QTPgd4UJR95CykG%2BYrkF9DoXsmOveugS75%2FnVLG5JZvMf9GplrL21b0GJKzQ8xb6z6r%2FdH26q8l0nc8joqKDy6AkGDnyMs2ucmA%2FkEbR5aGfY6ORf08g7FJblISlTQ1yS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 3AFC 884 B
797 B 44ms
40ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/master-be317c617f0c3a41b220.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

434e27e8926ef4ff37f708d05088cc4160f1d551012ba5d79d61ca4c9c3455c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.chargebee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589
x-xss-protection: 1; mode=block
expires: Sat, 20 Aug 2022 22:20:41 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/linkvertise-link-to/ 137 KB
25 KB 38ms
12ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/linkvertise-link-to/loader.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/main-es2015.4a1836ca310b0997b1af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fcda6ce28f6ad6240699f87bced665010be4bbc556fd4da3105e40080a22e58

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: pNZNO6VRtvew5hSWCrNU3kNyRtOH5dzY
content-encoding: gzip
etag: "2ff18cb33532519992f05a92e6dac006"
age: 62
x-cache: HIT
content-length: 24700
x-amz-id-2: l+yH3vV2wJAnxu11HQY++CefR/kcS7LkfWgdyVVecAabYFeoqATmwdk/5fNyPn0gZY7xXqW72CQ=
x-served-by: cache-yul12824-YUL
last-modified: Thu, 18 Aug 2022 12:51:58 GMT
server: AmazonS3
x-timer: S1661034042.971083,VS0,VE1
date: Sat, 20 Aug 2022 22:20:41 GMT
vary: Accept-Encoding
x-amz-request-id: 91XH7V490G90RAS0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 35
x-cache-hits: 1

OPTIONS
H3 204 download-info
publisher.linkvertise.com/api/v1/redirect/link/35082/toxicmodzz-vip-menu-gta5/ Frame 0
0 135ms
135ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/redirect/link/35082/toxicmodzz-vip-menu-gta5/download-info?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de848aacd6714b-YUL
date: Sat, 20 Aug 2022 22:20:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3qZIitElwxz0cQU3vIWWJ1TJSPbZPtcAUIdQtsBPfaPqP8qcdgAI8fx0YvtT6nTJH50WC85OKCNaUxbYa3fHS6NjI0FbijjDe5TBWuHGiiOe6u8Ct%2F3SqT981ezNCVhsOOrLADLHaFoZrTP4qg6lx6OhqnvQQtI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

GET
H2 200 hb.loader.js Show response
sdk.streamrail.com/wrapper/ 128 KB
43 KB 101ms
20ms Script
application/javascript 2600:9000:2209:c400:c:492d:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.streamrail.com/wrapper/hb.loader.js?wrapper_id=620395cf4703130001aacf7b&org=6202810a4703130001aac845
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/main-es2015.4a1836ca310b0997b1af.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c400:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb3252d6f5a473f66058ee4aedf9aa4a2374d8275d5032cce5ee28dd3223b2a4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:14:04 GMT
content-encoding: gzip
last-modified: Sun, 14 Aug 2022 11:33:11 GMT
server: AmazonS3
age: 399
etag: "de2c8bf72f35e869cca78fe65983dcf0"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
content-length: 43537
x-amz-cf-id: wRiIY4zg_VAQ5PjrKAXSm0UMaJQOGckj6HUal9n1GMRhkNj03vNkZw==

POST
H3 200 download-info Show response
publisher.linkvertise.com/api/v1/redirect/link/35082/toxicmodzz-vip-menu-gta5/ 1 KB
1 KB 1460ms
1460ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/redirect/link/35082/toxicmodzz-vip-menu-gta5/download-info?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37fb0078a26f5653689475a248e3805b5fbef94081bc4af19cf1182bb23e8f11

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-remaining: 56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-frame-options: sameorigin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUF90sIQIsVWHzPZkPrQ7VqKq2%2FClWEHYYbIqA5GKG5fyqBIxWNJU01I2Ulys7j3oGFJcjiubpPnhr7lovgYbd04StbvEJ3Xz6ebL%2FyYNvqXzKe1DqggRmHFdDUcRPibiHcmOaSBZaJdEFAXzw%2BOei9GSkIjkhbe"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 73de848b7df5714b-YUL

GET
H3 200 ajax-loader.fb6f3c230cb846e25247.gif
linkvertise.download/ 4 KB
5 KB 18ms
17ms Image
image/gif 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/ajax-loader.fb6f3c230cb846e25247.gif
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/styles.d854b0137cc3549c3fd0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/styles.d854b0137cc3549c3fd0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1328
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4178
last-modified: Thu, 19 May 2022 15:25:51 GMT
server: cloudflare
etag: "6286617f-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjFrhgWnxdBPbMyfT67okZMj%2FH78XrI473QPV6K43q%2FHwNBf3rcAv4UjJNmDzzxxm2uIz8F22EeVzt8TDTmiZUqLTR31K%2FXLonV0%2BDktzw%2FuYaFVagSC5Z0F2L2ZuSaQ7F9j8rb%2Byd%2Fvj66CZ0OWA8npcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848aba7a4bd0-YUL

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 74ms
32ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:31:59 GMT
x-content-type-options: nosniff
age: 269323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:31:59 GMT

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ 94 KB
95 KB 289ms
143ms Font
font/woff2 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2
Requested by: Host: maxst.icons8.com
URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Request headers

Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sat, 20 Aug 2022 22:20:42 GMT
x-77-nzt-ray: wa6lhBTQNpU
x-77-cache: HIT
x-cache: HIT
x-age: 23533519
content-length: 96752
x-77-nzt: AZySJBaFX07/zxdnAQ
x-accel-expires: @1952860523
last-modified: Tue, 16 Nov 2021 09:34:27 GMT
server: CDN77-Turbo
etag: W/"179f0-17d281900b8"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v138/ 126 KB
126 KB 79ms
37ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v138/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 04:36:26 GMT
x-content-type-options: nosniff
age: 236656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128552
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 01:42:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:36:26 GMT

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 542ms
541ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pYUIv3pMV8pCOVz6J9m8%2BV01pDx38gTbGBnCJ7RNFo5I2IT%2BPVtJLKq%2FRSs6Bo24dEg6N12jkLbT3ZHYGO%2F%2F%2ByEjM6Zk%2FRTkGAmUYUoy%2BRuehqVjpf%2BReezivY0EAbJK85jj9%2Br4kS85amSw1s9WOTycQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848aeac94bd0-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 canvas_1.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 554ms
553ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_1.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9af23e1a35d560d77232b04adc69d50a19c58ea55ac94bc17ec1a3b7c8ccf8f8

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6286582a-ecf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aunA6PtrH6S9P%2FqStx%2FFncdWMLXkPfhLijEZiHN6nmrSiRiosux5fg5SDGLmD2WWe2c2QMSc0GcOve0BF8B2N3rcLjVNfwsMc1oZuFrMmaNLyrmFOFQnFQYmiN48I7%2B6ESo6Q8hbaWhNRApzGJPMhU668Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848aead04bd0-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 canvas_1.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 593ms
592ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_1.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9af23e1a35d560d77232b04adc69d50a19c58ea55ac94bc17ec1a3b7c8ccf8f8

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ecf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl%2FwnUNROeV4FT%2FW0LaSCckQjVNr%2BH2I838Al7DZwVVIiw6uCn%2FtD%2FEqvuH9iIZPd2b2B0EIDkGt5iJf%2B%2BF%2FLLKxJG83%2FkZ6f0dCNFfyKdPATUVkNmYW8FgOr46h1eNn%2BjaGCCJIniVnYf0vbYucuaoAGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848aead44bd0-YUL

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 562ms
561ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzSpdr2FQnU0edlhr%2FrhlRbdCTS%2BnsFu7iaLVS0Gj5YdQNEgCNSvYvYoxKYU2o5QHX%2Bg91M5u%2BvPCL7vMTs5cvXyefa7O8DCSyIMO3aM4pxDZg77%2FmMcCfeOp9zX6uk78dF7X37DsOs3BvnJp6mcYPxAdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848aead64bd0-YUL

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:32:04 GMT
x-content-type-options: nosniff
age: 269318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:32:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 27ms
25ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:33:24 GMT
x-content-type-options: nosniff
age: 269238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:33:24 GMT

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 579ms
578ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXfJv5X5xMQ%2FcG1jobvS%2FyCe0%2FvvnM53Zsj8eUmkm7k9suWBjLkAynjF0wuF9cCBvdlA7dVK81n5zIoUjFL%2FTFjx2D8%2FLMERo%2B33o9YtNSxhmjY%2Bm5MmS6L2Sb%2BZDXflrbPRHE7Kmkyc37%2BphM18GXbtuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848b6b8d4bd0-YUL

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 587ms
587ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGj5asFCE2jE25f1z8o4knRM9Lq2ByzgY%2FcW9DO0q7ZmPeZ%2F8NbVSWjW%2BsWqNUZuuj58OiXnoS1rkFQAMmLuvErFysQZPIBZgnc3Knwig2JYKSPytPbNZuA130oTHLjRtpEa5R5b7vbIC9gzYqewO8kTrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848b8bcb4bd0-YUL

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5985631845001/W9aTecLme_default/ 830 KB
222 KB 101ms
20ms Script
application/javascript 184.29.129.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5985631845001/W9aTecLme_default/index.min.js
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/main-es2015.4a1836ca310b0997b1af.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.129.54 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-54.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3199f240314c1cd776ab9acbd8824b9125982a56553c4955f4f8d68295fb9d36

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: ICHOOgmHYa5pvxLuHzpUC.b1qoMMXfzh
Content-Encoding: gzip
ETag: "11c10294ff0e19e95500586483f1c1b9"
x-amz-request-id: ZKF8AV5PGDN9BAXB
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 226807
x-amz-id-2: 72yjWVrPCXVP16mEPEYdDeYP3/N3EtmW3mfO8noRsDO1XjdWlSxCtAT51dHb5YEbZG9jp1OAJq4=
X-BCOV-Response-Mode: 1
X-Served-By: cache-iad-kiad7000148-IAD
Last-Modified: Fri, 10 Jun 2022 18:08:37 GMT
Server: AmazonS3
X-Timer: S1654884762.571518,VS0,VE3
Date: Sat, 20 Aug 2022 22:20:42 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=155
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3 200 canvas_1.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 566ms
565ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_1.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9af23e1a35d560d77232b04adc69d50a19c58ea55ac94bc17ec1a3b7c8ccf8f8

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ecf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM2ZkWZTYDtLQQRpPwQKAnv0CzphJSSiJwQXQ8F1ReagQ8FVoQs13tO51IOOPPlssQazOVwe1F0DuEUeXby5Yo4FYwKfbVl6uZniSTlo8N2rV9HQ2zGmlxPYf54vj1nIxQEZjepsjPgbv8Rgayl0cUgALg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848bdc454bd0-YUL

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 567ms
567ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vbvnhaMZU26p1o95EipadEPmPaQ55Jmkzq0LKOtP8USxMBXDmTxx3Xe0iBVTJBUeGWeV93fRfYyc7YxXJr6ALUSmHb6xW6rwvVWTXtUOU1UYaCcgWsYuPL2swTGxacVfGy0XD7pYznyHKITgz1AalqGLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848bfc6d4bd0-YUL

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 563ms
562ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8xwNeFgOlCbIPwIz1eHweWPWApfvbHMS73faFxk5CUlwRaTtf5opXbKYRmYRXFfYmUOTN2qPLbAq5fNiTMAN1LgjqoCz93jCN1oW49%2FpzdcOEemDGF34bfSHbQVWQ9no73yv0kkcdUmbfHMOm6kqkfVug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848c0c7a4bd0-YUL

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 574ms
573ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbv%2FKYQ8j3emswKQNq6YwzXXkPvpPioH89TZeFRs%2BHBptYpOGMjnElpas%2BooZaLrhrmdRvnTh0yny7J%2FGE3P5AGrX2QvYjk4b8IgLX%2BozFz8b5xM0o4CnHV69WYz73KhPnajwrvacARvKQuZWQ5c86TitQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848c0c854bd0-YUL

GET
H3 200 canvas_2.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 588ms
587ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_2.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ede6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWITkOqs4%2FuYinvBrrCr6C%2F0dvkF%2FWPkz4J7hvMoRN9eTNE1h7xbUDj9c44exsIKQP5YcaphMPHlFHJBDua5RcU4s6azp5FfYDTzbfHY0Wb0K1FOUZ%2BGcAgNcyYuHK9%2FsG6IGhFL4CSAhsmrIlwKu9I4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848c1c8a4bd0-YUL

GET
H3 200 canvas_1.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 561ms
560ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_1.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9af23e1a35d560d77232b04adc69d50a19c58ea55ac94bc17ec1a3b7c8ccf8f8

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ecf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfFSsD6nBBf%2Fbhq8vT81XtekFoeT%2BWY84eYfrRqwa47OaLuNrsTWMCDBKujADBF7RnpSQzcXDeSCnFS%2FRYS7Cwsfx9hP9qogXDmUOzm1D%2BwY4Z%2FSRq%2F1lXTrlPCN3kBbxZqdIDCnonxAQKjdG6ui8WKiyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848c3cc14bd0-YUL

GET
H3 200 canvas_1.svg Show response
linkvertise.download/assets/img/thumbnail/ 59 KB
16 KB 561ms
559ms XHR
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linkvertise.download/assets/img/thumbnail/canvas_1.svg?X-Linkvertise-UT=3kPRK74LaBVNHjMLjnR4Hvc7IVtzNHnSi8tRFORQhWHNnMnFhyxvohCFxzUTjhWF
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9af23e1a35d560d77232b04adc69d50a19c58ea55ac94bc17ec1a3b7c8ccf8f8

Request headers

Accept: application/json
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:02 GMT
server: cloudflare
etag: W/"6286582a-ecf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le%2BETvoNArqncsudOuw6LKmOxajDwuKpw2P%2Fmec5yTE%2Fy4Rk01MuNH%2BJnoHSjrqYqeC1ck0Dlp7SeHxEcipZuhiWSjXQYoMSKTZdRXiQ5sEnZN3JFCEbUVOEI72Jj6KZoeEtTFlE70vjCXZCTL6%2FSnj2JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848c4cda4bd0-YUL

GET
H3 200 logo-white-square.png
linkvertise.download/assets/img/ 12 KB
13 KB 31ms
21ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/logo-white-square.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1283c45f0e6af2ad475ea0e45924d26a2b7b961bae669bfa904a78b272c1a1b0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 776
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12712
last-modified: Thu, 19 May 2022 14:46:29 GMT
server: cloudflare
etag: "62865845-31a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkeFV6Yqc1y6EWuE8Hs8rOMc30CIFAfik7%2FQaYF%2FHDq458EFhDH74%2Bq5xeYMV9Qjko%2F0n305rwYsuZtzqPGxbkjqGl%2FF9eMZ%2FLdOKe9FrkupDt2RsPL%2BbcN8i6UgMEzJkLvCz7Ocm282PxDAKJpZTHY8hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c8d1a4bd0-YUL

GET
H3 200 logo-white-long.png
linkvertise.download/assets/img/ 29 KB
30 KB 37ms
20ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/logo-white-long.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 304476467e3fc9e244f8d986a405beee84da3e81646c64c8476d70e64e8c7ad7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 776
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30173
last-modified: Thu, 19 May 2022 14:46:32 GMT
server: cloudflare
etag: "62865848-75dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlmLi%2FDojxJ0M%2F5CvqDgtqBAxRtaJh6ZbPf%2FWXxQEHATgajeNjjk2HR23B%2FYtcxMX7wDIwRlTXoFEQSYnZd%2BxhtqD0vt6IraORFovrztQMUZCc6AEWJVziF4w%2FUDOZ%2FEOn3D3Lo%2Fsg%2BwarXw%2Bi%2F5tHwsIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c9d3c4bd0-YUL

GET
H3 200 logo-avast.png
linkvertise.download/assets/img/avast/ 76 KB
77 KB 39ms
22ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/avast/logo-avast.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7c50c4214a98bcdfd7a5986c4c1f48e93b146b45bc6d91d59273dc01e31c9aa0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78009
last-modified: Thu, 19 May 2022 14:46:26 GMT
server: cloudflare
etag: "62865842-130b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzFgvDGUeRr8mwkwrzoENL2FSqXIk8f3i3aKKLS6flETUssDbAXwNT9GMZbTRC%2F5Dn%2FWr6asj1nSNVfHC4cWpGp1tn7rkIgwe0j0CueLOpYlYJriBFoqIZiPacxjDoNIQUn3zvtJzbHwkQ%2FvQcNrou7g5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c9d3f4bd0-YUL

GET
H3 200 LV_IN_EN_1.png
linkvertise.download/assets/img/download-page/ 89 KB
90 KB 37ms
18ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/download-page/LV_IN_EN_1.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6f828aba6d45bcadf19231fc9889f87f687ab3f1a34f263619162493857d3a13

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91185
last-modified: Thu, 19 May 2022 14:46:50 GMT
server: cloudflare
etag: "6286585a-16431"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFlZMxk%2Bq%2FXP0atYsPOyQcmkwdqSCctW6%2FOBDXIpMSR56G04pvjgSvNsK50m9PDYMG4rApkX4uzjLEc8HFBTBGZMMO3gqPUZZJjfF46jGkJFbejtSdFwNEng2aFQ%2FkwWddUiJrMF7aHFf%2F%2FmCdS1hCNUCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c9d434bd0-YUL

GET
H3 200 LV_IN_EN_2.png
linkvertise.download/assets/img/download-page/ 108 KB
109 KB 64ms
45ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/download-page/LV_IN_EN_2.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fefbb6c23b29fc76a26ace077a44c5278ad3a582b12a3c35b0d72a4e41535869

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110763
last-modified: Thu, 19 May 2022 14:46:51 GMT
server: cloudflare
etag: "6286585b-1b0ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qkz4OThNjOqW%2BN%2FiMegWIJ5QITmsMmcxtRiHWc3SHt13UmhwP5NKbpW9J0ESJ4HOPgJHh5m%2BRxRhJv%2BQfHlCSxixIdy0hmiHmL%2BNxIJOa0CiN%2B1lHAxTIQGd9%2FfFjsedrWHNmySb%2B8fugJDBSpTU5Fekg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c9d444bd0-YUL

GET
H3 200 LV_IN_EN_3.png
linkvertise.download/assets/img/download-page/ 52 KB
53 KB 74ms
53ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/download-page/LV_IN_EN_3.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b6201f3584c94aad51c0cdf8a8e2ba10ac814b1866dc4124c8e95a9991e05dca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53568
last-modified: Thu, 19 May 2022 14:46:51 GMT
server: cloudflare
etag: "6286585b-d140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH33oxC9t6sDozkrdzenA9SA90wLO%2Ff%2FQcYEP9fzCp2A0mf2B2NwMJZpQsU3Hq5Kf1yWrtS8wfzJHamDVSLJ%2F3PKMfuj1gSiWfh%2BoC9ZR8WrxMLxRc0am%2ByNHogH73Rxc4atoS55nCSO3KqnPVb%2BiXGxSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c9d494bd0-YUL

GET
H3 200 LV_IN_EN_4.png
linkvertise.download/assets/img/download-page/ 65 KB
66 KB 60ms
40ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/download-page/LV_IN_EN_4.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f98e1ff060ae3f40d58556ba936f80e5c33614ca7e1aaf9dc07d4690c1d32e67

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66701
last-modified: Thu, 19 May 2022 14:46:52 GMT
server: cloudflare
etag: "6286585c-1048d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JxZy9NKHW%2BR%2FOf1yNEzQBibyoRTM7Bw40nb80oFEIgt%2B1Rlrfc33h5FhtkfmD27JYrrfzcb2Z2F2HKq6LBAEVJ06U67azfAFzCCx6fJrZIN2CuuO2ADkUY%2BZfgMB%2BGTh5IvNyxdN%2F%2BkLpMtGnoUTKH%2FKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848c9d4c4bd0-YUL

GET
H3 200 ALLE_EN_6.png
linkvertise.download/assets/img/download-page/ 149 KB
150 KB 58ms
37ms Image
image/png 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/download-page/ALLE_EN_6.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a710898a402d231b993417b794c50a709fe5396f12b7c855b0e341d86f29a28a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 152616
last-modified: Thu, 19 May 2022 14:46:53 GMT
server: cloudflare
etag: "6286585d-25428"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FNpNUWca32YtocA0bK83uIWBiHoeayIAVYMk83%2BjgSw%2FWc4LUYnenskWIs3Wz4QjAFGSGg0oKRjU9l2z8HdVXfxUCXaJvyKWnAnnAQE0Pylla2QQaF2NCxye9acgFfKz1WIiF%2B5ZsaSJdy7ljprnLqiog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848cad524bd0-YUL

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=mistermodzzforum.space
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mistermodzzforum.space&size=16

312 B
950 B

156ms
101ms

Image
image/png

2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mistermodzzforum.space&size=16

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Server

2607:f8b0:4006:80c::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a41865e201bcb7c0eaaa781bc4d9de1aa3d8c2385698da2e3e8540b0a7da28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:15:49 GMT
x-content-type-options: nosniff
age: 270293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
last-modified: Tue, 18 Jun 2019 13:10:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://mistermodzzforum.space/favicon.ico
expires: Wed, 24 Aug 2022 19:15:49 GMT

Redirect headers

date: Sat, 20 Aug 2022 22:20:42 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://mistermodzzforum.space&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Sat, 20 Aug 2022 22:50:42 GMT

GET
H2 200 384498
cdn.linkvertise.com/link_images/ 37 KB
38 KB 114ms
55ms Image
image/png 2606:4700:3036::6815:cc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.linkvertise.com/link_images/384498

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:cc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9db5cbb7df899e0768a92667dde42c193a51c33185095fd98501f2e283769d3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
via: 1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43630
cf-ray: 73de848cdebf7144-YUL
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 30 Apr 2022 21:29:26 GMT
server: cloudflare
etag: W/"ead391bb3c1856bf7b455c1434dde850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8oXE%2B7%2FbwNbc8Z5DMGO4xwrg45tS%2FZQojZKuRiNhl3IL8TU2GN7SfEADt6GjCly6AHkSeOEla8%2FafanyUOAX6uaOBzXWs4WNkWtnxx79Nh3om5njLI5gLjhFVZl%2FK%2BDv5%2FmI2YXNUdJWrTIKLYzFVYd"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: g9qaGruP9Q53fjgd3QVNBxO5Nuev5Dh4
x-amz-cf-pop: EWR53-P1
content-type: text/plain
x-amz-cf-id: FXVSA7Uo-wG3XbmSiYeZx4nRekKKbYpppGmxJ2Knd1qoUSSwHNLwRA==

GET
H2 200 461858
cdn.linkvertise.com/link_images/ 239 KB
238 KB 117ms
58ms Image
image/png 2606:4700:3036::6815:cc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.linkvertise.com/link_images/461858

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:cc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

723c2dfe77075280c4a8c8ed241f78e714c38bf8144e14fc565b5174bfc7a82c

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46229
x-cache: Hit from cloudfront
content-type: text/plain
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 24 Jul 2022 14:47:12 GMT
server: cloudflare
etag: W/"c59afa5fab9477ff5ff67212b3a384eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIUQP0qa6dF7h%2BZRo4IazhMZTq9tvCrTkVB9hDx2CuQKlLMOT6lA0q0DGFA1gtykO74fCcNtI%2BlgKUs4FI8m36pPxWh7ANPsNLIFIWHYBWrAxS3zZL6wXCQhwKDk4poaHUgTk2nheR%2FUi1A7vOBISbLU"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4OlVaqB7PT78uduAlGuVlniwDCO0mO_H
x-amz-cf-pop: EWR53-P1
cf-ray: 73de848cdec27144-YUL
x-amz-cf-id: 0uOwBGUH-y3dRbJ50Hyx7IyOog99pYcRNu5xbbt8iwzqPnOs5NH6Lg==

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/0N3iPx6BzwY/ 15 KB
15 KB 144ms
67ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0N3iPx6BzwY/mqdefault.jpg

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e160ae423cd859f347f457592e3f8c5b44b871f2777858a868521b3a1bf03ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 20:38:36 GMT
x-content-type-options: nosniff
age: 6126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14981
x-xss-protection: 0
server: sffe
etag: "1631455189"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Aug 2022 22:38:36 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/BlbrVCirm7s/ 14 KB
14 KB 129ms
52ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BlbrVCirm7s/mqdefault.jpg

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d8d3c0a47e182f05e66c739f9c5f31225c2fd59dec465bbd6fcecac12461311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 21:17:27 GMT
x-content-type-options: nosniff
age: 3795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
server: sffe
etag: "1646514810"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Aug 2022 23:17:27 GMT

GET
H3 200 fallback.jpeg
linkvertise.download/assets/img/fallback/ 268 KB
269 KB 44ms
25ms Image
image/jpeg 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/fallback/fallback.jpeg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2e6d4dc9cebd2af2b983d8cf1fee4816ffc91db13729155cfeb46c0644063f27

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5982
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 274809
last-modified: Thu, 19 May 2022 14:46:14 GMT
server: cloudflare
etag: "62865836-43179"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNxKeJ6BByH4GXeDejjlUuu%2BWDe1at7Cve04%2BCYzT7Wv9oqAZL%2F6sUNp0vBBGmFmisUs%2BXdc1MV2Jdeq3rBIWgeXWWwF5HoSQ1kylusM4ML4SsOP9nnxPQqbRGaKPvanXZ%2B%2B457uAXrTYuMBMNoVnE0l%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 73de848cad554bd0-YUL

GET
H2 200 silhouette-woman-profile.jpg
www.publicdomainpictures.net/pictures/90000/nahled/ 8 KB
8 KB 84ms
27ms Image
image/jpeg 2606:4700:10::6814:2da2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publicdomainpictures.net/pictures/90000/nahled/silhouette-woman-profile.jpg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:2da2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86803e3e3c94e5c2bc3665a5cac5b4289407704d0523c1116c1881bc407d9887

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Apr 2014 10:42:41 GMT
server: cloudflare
age: 24905835
cf-polished: origSize=12483
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=290304000
accept-ranges: bytes
cf-ray: 73de848cdcee4bd1-YUL
content-length: 7751
cf-bgj: imgq:100,h2pri

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/9-oLqfHIAmI/ 21 KB
21 KB 121ms
45ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/9-oLqfHIAmI/mqdefault.jpg

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a63596c775d70c09b4124417efa2007d5e68a131a1822d0493bd0a4f8f8e0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 21:41:02 GMT
x-content-type-options: nosniff
age: 2380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21728
x-xss-protection: 0
server: sffe
etag: "1589823978"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Aug 2022 23:41:02 GMT

GET
H2 200 374331
cdn.linkvertise.com/link_images/ 3 MB
3 MB 122ms
66ms Image
image/png 2606:4700:3036::6815:cc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.linkvertise.com/link_images/374331

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:cc3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15f4c509d62e8a3663de04ccb752e4aa3a8d7f6380243e3c46ea347a6e54d2f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
via: 1.1 960b27f23df49cd65e51133bf80b9878.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6308
cf-ray: 73de848cdec37144-YUL
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Mar 2022 17:17:20 GMT
server: cloudflare
etag: W/"b8bb7bb332dec4e39eac5ddca5afd604"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSSDchBGPbD7XdS3fhM%2BwC7JaLefiR8bEWYpXRKdltFUwfAUNxXAHPOhGhlkh70Z1Pc2GN2yUtWEfDDw3xYmaNCYmSt5BekQhPhB9gpqzIf5vF28WOPgaKr6Ghn8Ov%2Fbl5%2FScRafjEgejJv8LkoEkrr8"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: f9MxZb.Et9mlhdONR5m_Y22ssmsq2ceK
x-amz-cf-pop: EWR53-P1
content-type: text/plain
x-amz-cf-id: VY7QInmmUZWVGFb_tOcRb15RjRYX3j0eonYekRUhTgoA627JGKD9tg==

GET
H3 200 KW_Modal_Yahoo_Popup.svg
linkvertise.download/assets/img/icons/ 1 KB
1 KB 82ms
62ms Image
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/icons/KW_Modal_Yahoo_Popup.svg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 889d32216b10434fc528b3417dc3fabbbb2a9b639f11be31c7546197eb3ae4ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:40 GMT
server: cloudflare
etag: W/"62865850-5b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wp2FunRh4mMED3Ib5T4Gwx64Zf5kdfDymbLBZ9UesXsPBND6u80lbyqnp8f9Y3qlgqc71NiMBXYqT%2BhO6LRKXwpRDMQ7sJE3YzM4XJlxrPqw8YFv8weByldRJ%2F9sWLPfBc389cQ0%2FzK1CZBGLkIO2WXsxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848cad594bd0-YUL

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/GTYs6kUZ150/ 21 KB
22 KB 95ms
20ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/GTYs6kUZ150/mqdefault.jpg

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900b153b2910e8b137d6f63f2c04e1a155864213d23258bde127697d7f7cb592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:05:08 GMT
x-content-type-options: nosniff
age: 934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21721
x-xss-protection: 0
server: sffe
etag: "1631984704"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Aug 2022 00:05:08 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/2Pke2iF5Zas/ 12 KB
13 KB 115ms
40ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2Pke2iF5Zas/mqdefault.jpg

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc1ec1c4207db6054b4bccff3e5891772c1cf0dac760b12828ad3134aee196a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 21:06:02 GMT
x-content-type-options: nosniff
age: 4480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12769
x-xss-protection: 0
server: sffe
etag: "1646945077"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Aug 2022 23:06:02 GMT

GET
H3 200 FALLBACK_THUMBNAIL
linkvertise.download/ 18 KB
18 KB 150ms
130ms Image
text/html 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://linkvertise.download/FALLBACK_THUMBNAIL

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 19 May 2022 15:25:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnejyJ%2BZjiG91gOTqLsmh8eMEHeRRszsGLr2DACyh8kWGBrPaf6VJYR9I%2BZaxbeY16JV9SKVm6A4yvUqN78tDUEHnZwYr9fNEVBGwYCv6UO4FbPCxLKPy5p2aWtsMEPVpqhQg26%2BRjy7MdTiAloysHH1Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73de848cad5c4bd0-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/wFAFYEnjmAM/ 9 KB
10 KB 117ms
68ms Image
image/jpeg 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/wFAFYEnjmAM/mqdefault.jpg

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

624dceac120f9590ccf8680195464317167cdc56e97d9f3cce4caa8fc8ca619a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9702
x-xss-protection: 0
server: sffe
etag: "1454094124"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Aug 2022 00:20:42 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ 98 KB
32 KB 164ms
33ms Script
text/javascript 104.102.251.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG57U1V
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUG57U1V
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.102.251.152 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-251-152.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: b92de97236667df37d7d8ab3ca255405e50b10ba883ce7e989c12b6377ff4c97

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 22:20:42 GMT
Content-Encoding: gzip
x-powered-by: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 32892
Expires: Sat, 20 Aug 2022 22:25:42 GMT

GET
H3 200 arrow_right_double.svg
linkvertise.download/assets/img/icons/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/icons/arrow_right_double.svg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b141292b0744e9ec6b292cda4dbc187a20a26b300a3e2d99e548b6c9ad3c862c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5223
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:38 GMT
server: cloudflare
etag: W/"6286584e-605"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waBQPvuNWFzBt1J7Ue%2B4urm6uQyNLvWQFdUR7o9k%2FUQOUlPbUb5JVL4dc%2F1wU4HBH2ulp57KYh%2BNx8%2FjiDSf9iWJfdxzSSJ%2FV9ancK1wxG4ku95yBk4RwRxj7LvR3sVbje2GV16JZJhUHnYP%2Fgh7oEEBhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848d0df74bd0-YUL

GET
H3 200 Opera%20Banner_Logo%20unten.svg
linkvertise.download/assets/img/icons/ 3 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700:3033::6815:447e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkvertise.download/assets/img/icons/Opera%20Banner_Logo%20unten.svg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:447e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c14ae357a0840aa4b7d791d186418d89d3f756fbfaa8cf138b7024b00860940b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5223
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 May 2022 14:46:35 GMT
server: cloudflare
etag: W/"6286584b-c23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqvr6fmLLw1or7wObiFozwPuSsBVmQevdx8%2BhbJqC5Ig5dqrMFfLprtIzMoyE5hf%2Bcqb5ASonM19qP7yFSDVLdqyJSsPi%2FEQ8HkyRI909o6k05h0kBnyHyJDmDrhIkb7PuJgNUDD0WlI8cHS%2BDAchjX8lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 73de848d0df84bd0-YUL

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 3AFC 387 KB
154 KB 86ms
26ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.chargebee.com/
Origin: https://js.chargebee.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157275
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 22:08:23 GMT

GET
H2 200 impl.20220818-14-RELEASE.js Show response
cdn.taboola.com/libtrc/ 679 KB
141 KB 16ms
12ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220818-14-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/linkvertise-link-to/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f130aba5f2afb61fa9d15d16474a8eb218cdb87ec9231584dec37ce74b63a714

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: tfViWBGdimjJJCejVYp2wgX4K_hrHABW
content-encoding: br
etag: "847cde9c1f8788bd36e0f493bff4b567"
age: 9491
x-cache: HIT
content-length: 143669
x-amz-id-2: xQUiXty8Gd/eaG3GvYVcyyKnKoUob3LjpKSEQurFxj0cKCaKMtDC6B4YYWW88v58XyFTtPgm0rs=
x-served-by: cache-yul12824-YUL
last-modified: Thu, 18 Aug 2022 11:34:52 GMT
server: AmazonS3-br
x-timer: S1661034042.471320,VS0,VE0
date: Sat, 20 Aug 2022 22:20:42 GMT
vary: Accept-Encoding
x-amz-request-id: DJP4KWQPYBRQPJQN
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 17916

GET
H2 200 IIQUniversalID.js Show response
sdk.streamrail.com/user-sync/ 30 KB
30 KB 21ms
21ms Script
application/javascript 2600:9000:2209:c400:c:492d:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.streamrail.com/user-sync/IIQUniversalID.js
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/wrapper/hb.loader.js?wrapper_id=620395cf4703130001aacf7b&org=6202810a4703130001aac845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c400:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca72abc28aa52067729524530717cf1a6e618e533b8fd1d595eba421229c047d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 09:55:25 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
last-modified: Tue, 08 Feb 2022 12:18:08 GMT
server: AmazonS3
age: 44717
etag: "6ab4daa848b7591d6e2c711172138dc9"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
content-length: 30229
x-amz-cf-id: U-5l-PqIApeqhJKTZ32qbeEOZq6wxLIxhEa0PHGwE5XovlGuxiNckg==

GET
H2 200 prebid-ads Show response
ads.nighttstand.com/ 0
265 B 106ms
24ms XHR
text/plain 34.199.102.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.nighttstand.com/prebid-ads
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.102.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-102-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://linkvertise.download
date: Sat, 20 Aug 2022 22:20:42 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

OPTIONS
H2 200 6144334093001
edge.api.brightcove.com/playback/v1/accounts/5985631845001/videos/ Frame 0
0 57ms
10ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5985631845001/videos/6144334093001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Sat, 20 Aug 2022 22:20:42 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-yul12824-YUL
x-timer: S1661034043.743155,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.15.3/ 21 KB
7 KB 50ms
11ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.15.3/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5985631845001/W9aTecLme_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 18:56:37 GMT
etag: "9ab357d51e365493dab6cf243489069b"
x-served-by: cache-yul12831-YUL
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7354
x-cache-hits: 383248

GET
H2 200 6144334093001 Show response
edge.api.brightcove.com/playback/v1/accounts/5985631845001/videos/ 4 KB
5 KB 11ms
11ms XHR
application/json 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5985631845001/videos/6144334093001
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 56cf3e897258c9260d6365162ea21a4ea6633b55a3bd1749e4d390f931fc553a

Request headers

Accept: application/json;pk=BCpkADawqM05IJAr37UM_7n4sUNcAIqJtCY4X59fBjgo9FUctkgXrRZ0S2PmrMc-iX_p2O4VtomxihHGaHOaOI_ujDIFGZrMBwE_XcjgNwKbONMLUNxjgIy57DFQboI0Otd4OpLIrxBtvhK3
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

bc-override-client-ip: 174.112.21.165
date: Sat, 20 Aug 2022 22:20:42 GMT
powered-from: us-east-1b
bcov-request-id: 95e6518a-048d-4f95-8136-8959e8f93f48
age: 1310
policy-key-accountid: 5985631845001
x-cache: HIT
powered-by: BC
content-length: 4585
via: 1.1 varnish
x-served-by: cache-yul12824-YUL
policy-key-raw: BCpkADawqM05IJAr37UM_7n4sUNcAIqJtCY4X59fBjgo9FUctkgXrRZ0S2PmrMc-iX_p2O4VtomxihHGaHOaOI_ujDIFGZrMBwE_XcjgNwKbONMLUNxjgIy57DFQboI0Otd4OpLIrxBtvhK3
x-timer: S1661034043.755177,VS0,VE0
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 30

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 100ms
50ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 20 Aug 2022 22:20:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK W9aTecLme-ae75555b-6735-46e2-b7bb-978b65f1dba1.png
players.brightcove.net/5985631845001/studio_overlays/ 20 KB
20 KB 21ms
20ms Image
image/png 184.29.129.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://players.brightcove.net/5985631845001/studio_overlays/W9aTecLme-ae75555b-6735-46e2-b7bb-978b65f1dba1.png
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.29.129.54 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-129-54.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a45e6f27c3c47b9c706d964944de1d11ad7cbd9e619ecc9659b0f63bf02895d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: mY5y1SayqAwCX3O0ARlM80_CdAL1Adze
ETag: "9e82ef82ed0cdaa0f6c8709abb5327e8"
x-amz-request-id: AMXZMR3V6ST2XF98
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 20114
x-amz-id-2: xo6RSzS20aGHSicrV23tuHGaLNjUa5nBO0htr485YCIjdjEfokHKB77qVAqkixhv3epBpRmo+1s=
X-BCOV-Response-Mode: 1
X-Served-By: cache-iad-kjyo7100040-IAD
Last-Modified: Tue, 24 Mar 2020 12:41:07 GMT
Server: AmazonS3
X-Timer: S1659493225.139033,VS0,VE5
Date: Sat, 20 Aug 2022 22:20:42 GMT
Content-Type: image/png
Cache-Control: public, max-age=32
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 100ms
51ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 20 Aug 2022 22:20:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 620395cf4703130001aacf7b Show response
api.vidiom.net/wrapper/6202810a4703130001aac845/ 166 KB
55 KB 104ms
41ms Script
text/javascript 3.223.235.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidiom.net/wrapper/6202810a4703130001aac845/620395cf4703130001aacf7b?page_url=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&domain=linkvertise.download&ddomain=linkvertise.download&sub_id=wr-mrkt&org=6202810a4703130001aac845&wrapper_id=620395cf4703130001aacf7b&wv=3678&wrapper_container_id=wrapper-620395cf4703130001aacf7b
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/wrapper/hb.loader.js?wrapper_id=620395cf4703130001aacf7b&org=6202810a4703130001aac845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.235.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-235-82.compute-1.amazonaws.com
Software: /
Resource Hash: 63c59982412467a0206538f841cdb0bf098ff5fea756720ce41f22ed0ea19af0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
content-encoding: gzip
last-modified: Sat, 20 Aug 2022 22:20:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 55982
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 57ms
52ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=76cc206f97b8ec4a1fb877fd&account=5985631845001&destination=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&platform_version=6.65.3&player=players.brightcove.com%2F5985631845001%2FW9aTecLme_default&player_name=Player%20mit%20Ads%20f%C3%BCr%20Linkvertise.com&source=&autoplay=false&ads_enabled=false&usage=overlay!2.1.4&usage=inpage-embed&event=player_load&time=1661034042734&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=29400000&qos.performance.memory.totalJSHeapSize=35100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1661034041507&qos.performance.timing.domContentLoadedEventStart=1661034041507&qos.performance.timing.domInteractive=1661034041157&qos.performance.timing.domLoading=1661034040857&qos.performance.timing.responseEnd=1661034040855&qos.performance.timing.responseStart=1661034040854&qos.performance.timing.requestStart=1661034040516&qos.performance.timing.secureConnectionStart=1661034040496&qos.performance.timing.connectEnd=1661034040516&qos.performance.timing.connectStart=1661034040486&qos.performance.timing.domainLookupEnd=1661034040486&qos.performance.timing.domainLookupStart=1661034040474&qos.performance.timing.fetchStart=1661034040473&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1661034040473&qos.player.dimensions=%5B%5B1661034042733%2C%220x0%22%2C%22100x100%22%5D%5D&qos.player.pixelratio=%5B%5B1661034042733%2C1%5D%5D&qos.player.screendimensions=%5B%5B1661034042733%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 20 Aug 2022 22:20:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame AE47 12 KB
4 KB 30ms
29ms Document
text/html 104.102.251.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG57U1V
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.102.251.152 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-251-152.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3751
Content-Type: text/html; charset=utf-8
Date: Sat, 20 Aug 2022 22:20:42 GMT
Expires: Sat, 20 Aug 2022 22:25:42 GMT
Vary: Accept-Encoding
x-powered-by: Express

POST
H2 200 ptmdP
dts.clnmde.com/ 7 B
324 B 87ms
38ms Ping
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG57U1V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
via: 1.1 google
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 7

GET
H2 200 cenw.js Show response
dts.clnmde.com/ 36 B
355 B 85ms
39ms XHR
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ce91bd7b9df9ef3878926696ee19b8bbf6cc777a48dea08e3bb7c85d963f2690

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
via: 1.1 google
etag: W/"24-Sr9VwW2QPUilnmPGv2pcPg"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 36

GET
H2 200 ptmdDual
dts6.clnmde.com/ 70 B
335 B 89ms
41ms Image
image/gif 2600:1901:0:cba2::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22166103404275332964686286%22%2C%22za%22%3A1%2C%22gcd%22%3A1661034042767%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:cba2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:42 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3416 42 KB
22 KB 50ms
50ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&cb=7wdwb7p0kmw8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c0626dcaf8a2bc9bbbe18dd5aa9eac6eba661b6d3ccad3e78cca8dedf09b2ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ezksxC3dwW12-DqLxxFc2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22208
content-security-policy: script-src 'report-sample' 'nonce-ezksxC3dwW12-DqLxxFc2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Aug 2022 22:20:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 129ms
129ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=discord.gg&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84902b58714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjltsF%2B7BUIS03Rr1VSkmEWWKfzSUWsOIadWysxM5%2B83vkm%2BhluSCsNgZFg44jsITV1%2BGzZxM27Vbhze1i4%2BrF0jZbfIDbLoEdBg6KuI4HOhRi1MGX8wejrI6K8%2BAF3rJ79EvsSdv8kVAZqJNMOTQp%2FWd0dzIcqC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 137ms
137ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=mistermodzzforum.space&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84902b5e714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRiRDsarmeHNHfn2sJ0hPVJzJd%2FIIf%2B63ZmsHzrmyMCcMjN7pMyCNcaMf1sLQ7MJS%2BxnLpAqcwLjvGytNlGTC8pOZQKfOmNdBQJrVAbwIooiGXu%2FZLy2Ab7kknbrB6D52lIihmDInntHL19rSJNui8gpscdrswmw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 157ms
157ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=linkvertise.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84903b67714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S29hJcHK523cipFFEOCuGPFj8BzbZxwaZ6uir8eG1f46oxHBIK2nc5VZliSM9ZrkQqicSH%2FeKwpENTRh3Su%2BhYtrqsqYPQ6%2Bd1npA0jd7cmMjJhOLKHLRXiAARpu771uCD2fV91VIOeVejM1yBuk44FDzewK0nmf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 141ms
141ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=linkvertise.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84903b72714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKu2DPzu9KecBz%2Bv6UbXocVKNMZrydSBFwA72mxThi59O6EcIYGBshDmj4wIAyrmu0KIAc3SKTyeY8FU7gq0%2F4DzsT1QeOf91mmgEVhsRBcEUzVsh1E3XYUPnWYyS1sgw6ETRoC8JGvlgCJcNt4PvMviVrOd4AhE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 856 B
1 KB 181ms
181ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=discord.gg&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d51ad35c382b56ee6f1ebd262f359d37f0c40196d102a42489c51daeb53889b7

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=670hqdGpg76eGSp6skWhZ%2Bs8SjvCa8g4%2FEm68LHOD18f5KCBh2greYZv%2Bnp3Seq8WTugfxnwRMo%2Fl0XUXk3Kd4V42P4N4jA4b%2Bw3DG0jlcx%2F%2BfcNjbTrANMQYHi9kVo%2Br39y167ZL7liDD1J%2Br6MW9dg%2BWhSgrPz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de8490fc3d714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 571 B
1 KB 169ms
169ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=mistermodzzforum.space&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

381ec9823501b056ee269ca62a9508582f7c7cf3cefd6a92bd27613ddb9d71c4

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnY1I8grXf16QNey%2F6H%2FBJCxg1Hw3BMXpYQYouBY5r3q49t0Gcs1AOMHcJGMX%2Burb760gxOsN5J7MnMjDbG%2Bs39nCGKmr6RjUFZR3dMoUVtrRAaO%2FBUaHl8wJERxKp%2FLMsmQrU94V29Mn8ShF3H1ZLeJnJ9Ki2RW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84910c5c714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 1 KB
1 KB 158ms
158ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=linkvertise.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42311f31804d8717d7f4ecab84b641240ad30a85ddca9d652d63325b19f9906f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXSCKvdVYOPP3IYQIR8a7fqm39I4BMgvdPAIb3U4o8fDn933KXr4%2FfYn9NFePPCp92gqro3VHvx5RjdjvGX24S8V3ec9RzOy0uEYjI588CI9pd%2FH48xijf%2FcA0CB%2F84zxsKeHdO4ics7VxRBI%2FiOT5kQ7DeJc2Qg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84912c93714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 1 KB
1 KB 155ms
155ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=linkvertise.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42311f31804d8717d7f4ecab84b641240ad30a85ddca9d652d63325b19f9906f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC78Cs7s75h%2BMlLah6jlQLfSOSdATOTOW9Tjg8xLlOl4KecV4O5uqsVYYYe%2FUlRoCHDOni7GTwBPBzt0RX2CQZwvm0aMp9KhhC5GiQyRvxhqGSxSGzEp3B0kY3z9Igode5kAxWZP%2Bw2HqZ0%2FxIGx4zVz8SawE3yO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84911c6f714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 67ms
43ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 20 Aug 2022 22:20:42 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/3a5a5d6b-5708-4682-b50d-7506f9de9ac8/1280x720/match/ 135 KB
136 KB 104ms
22ms Image
image/jpeg 108.139.47.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/3a5a5d6b-5708-4682-b50d-7506f9de9ac8/1280x720/match/image.jpg
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-69.jfk50.r.cloudfront.net
Software: / BC
Resource Hash: 302becc2531a154994178c7742ca28e1c95c328b08492c1f287648ecc4a8c9ad

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 25 May 2022 16:52:14 GMT
Via: 1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 7536509
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: JFK50-P1
X-Amz-Cf-Id: kIJnjwy7ozAHy5dMhq-yWsfeoHkbOG18nR2jN1WtzfQC_8mwU2D8Aw==
Expires: Thu, 25 May 2023 16:52:14 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/10s/ 7 KB
7 KB 43ms
13ms XHR
application/x-mpegurl 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/10s/master.m3u8?fastly_token=NjMwMWIxNTBfODJjMTJlMDk3Mjk3MWZjNzIwNzk3OWVjOGI4YjRiNzA1NGI3NTZkZTJiZmE3NTM3YjAxODY2NjYxY2MwMzVmMA%3D%3D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 793017a3e91e0a5eb94f3499cb029cf3772fad2e73dec60c540a43dde3373574

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 varnish
age: 9811
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 7261
x-served-by: cache-yul12824-YUL
x-device-group: desktop-chrome
x-timer: S1661034043.196851,VS0,VE0
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 2

GET
H2 200 player.js Show response
api.vidiom.net/js/6202810a4703130001aac845/620395414703130001aacf6c/ 123 KB
42 KB 34ms
28ms Script
text/javascript 3.223.235.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidiom.net/js/6202810a4703130001aac845/620395414703130001aacf6c/player.js?t=bladex&config=rise-620395414703130001aacf6c-config&callback=rise-620395414703130001aacf6c-callback
Requested by: Host: api.vidiom.net
URL: https://api.vidiom.net/wrapper/6202810a4703130001aac845/620395cf4703130001aacf7b?page_url=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&domain=linkvertise.download&ddomain=linkvertise.download&sub_id=wr-mrkt&org=6202810a4703130001aac845&wrapper_id=620395cf4703130001aacf7b&wv=3678&wrapper_container_id=wrapper-620395cf4703130001aacf7b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.235.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-235-82.compute-1.amazonaws.com
Software: /
Resource Hash: dc4edd6d836289665fe3ddf917d716a70b2af6ddf46253659986afe6bd5c8493

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: gzip
last-modified: Sat, 20 Aug 2022 22:20:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 42910
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 3416 52 KB
24 KB 62ms
19ms Stylesheet
text/css 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&cb=7wdwb7p0kmw8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 22:17:30 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ Frame 3416 387 KB
154 KB 72ms
30ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157275
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:03:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 22:08:23 GMT

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 145ms
145ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=downloads.mistermodzz.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84923daa714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sulhgL8XQ8rldktfDpG6c3GYyjS%2F%2F2bfzECLuCAviAS2zhIR6wR%2Fx%2B8AvIjFE2HeaNY8rWfn6VLlmFnYHeQK%2B5NQUY7sCLFYpA7jEpoJjeqZWfo7iPAO0%2BhgCzxlP%2BpCJ%2FIApIAcKGvbGDcWmxkajkhTxDN7GTfX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 140ms
138ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=mistermodzzforum.space&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84924dc1714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BTp2cE2MGeFmnzEZcAeJT43lfznbJxgSkITVb3BjaVTQu%2F7qNqCmaw4ML0mRg8hQFDOa1mXh3nU8cnrlGWfr4804t%2BdNtr2NaAXsdozcbo%2FYVauznlTlJwsLpSqJkbts6QnKKTWs%2B%2FAbUysTdP%2BI2dxGnXUdPzH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 158ms
157ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=pastebin.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84925dcb714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG6lm%2B2Hzx9AnvATvEsz8EyCxa6ccWB9bEx5HQriakuXH2miNXGVT9ee%2BcuRZuYx3O8ODgnn4tMIL4v5mhT%2FVP6F21oXohBNJz1f6nU3B0WiKXxabd71TaHwJd9vzI1u5l4LrkdiioQXFgmUIt0EIKXVMVoufqwe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 129ms
129ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=github.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84925dd1714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c93PQuWr5WsCTT6t7vPml66kvLh%2B5pVbv3hCMV%2B%2FSFvQ4I%2BQBJd%2FDubkRZtANAECPEUBnw7iYhnqvKZSt77eP4JmgcF80p4fs6yjj%2FqGIvvEhblX%2B9RjhXuPiNbiZ0I%2B7COZnxrvHmN9efSSyNebu5G64%2Bd%2BIBDd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 163ms
163ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=github.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84925dd7714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRQWLYHeHBkC2GAhwoYmBIkOV2NZHJU1M7woD6T40uJPHrhL2BmOwkAj%2FoD%2FwgzQ84zePRRGKLXRTViMJKWcG5QhqnmCb6tMciz3NPFQw9VFRcpmLmKmhimEcnKp66HDb%2BfTWt8y0TBdsGGgGjkEuwNqS6WHL7bh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 125ms
125ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=pastebin.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84925dd9714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbtI3Ae%2FS8gfBA5rhdmIz2oaWadmYLLAnVFwtSdd67Z3%2B8WPk0ivd%2B6LWdSUvFUwhCT3I5JZKpJNlwNliL8v40D90zD1Oc15nQzqWNJfnlBl1TuOQQL0yHAyX8zsQm39NhoZhtM0aPqMS872lEdQRsvA32iwXePw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 130ms
130ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=cdn.discordapp.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84926ddf714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSn080bBdGhMMdW4xCCBAEVF3t80Jmaz4n%2FtZT2NuXmcTR8uI6EqUNt9rE45LAoGuLPo60FZsv1%2Fq0Inx9ccv6p5Aj%2FGcbiPqsxQ0JeTB4pJ6OzxVFhCEG39%2BXflJ3eYQOAdRKe5xoRnUjW3YGLUs01y%2FnblVFDq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 161ms
161ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=cdn.discordapp.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84926de6714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPuhCm8lKZolDQgD19jOZxqN2XNf0RV920DVMWz0%2BuVYHgT8ZIAXx0CjO1ohgiem7EjevCzY14D1o8VnoNxlqd2WOV3z3INOSjVQIogvHOjkOeIpNFCHVZLmR%2B7F%2BMZdFCaKlW30c9rBhWKMK7F8ZT%2BogFslnjXP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

OPTIONS
H3 204 favicons
publisher.linkvertise.com/api/v1/media/ Frame 0
0 140ms
140ms Preflight 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=linkvertise.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://linkvertise.download
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://linkvertise.download
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73de84926ded714b-YUL
date: Sat, 20 Aug 2022 22:20:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ0c6DkVWbMVEOu%2FPHuhxibQx9ejpVGXkeAHGH2y2%2FyHuarCO7sDmsbdK1RYigRhcBL1yCFGuSHBZ5Emf1G9Up2QR6anxxtn7HYwwMiIIbrcmY5ivoFMfnILFbd3ay%2FRBiFCnQuRdc%2Fri5b7zd%2Bx9iWSoncq5qq0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: sameorigin

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 1 KB
2 KB 143ms
142ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=downloads.mistermodzz.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fb72b38222f7e6dba79ea86a980ae0625bf3c00b4d51096d618e5566cfa09c

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZ5HSxVNX5himvH%2B%2BFJ37ACi%2BkKLAevDgv5%2F%2FxilRg%2Fwj555YaB6W8rhHUi07ZEMq83NLesFDVSVenibmYbCJKmsM5Qev7MP9AeY4aqNLzFTJ5SvBFy4AI%2BTH9CcO3eAar%2F4EInrrXkyHckwxVZFxgXTLMXHkFar"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84932ee3714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 571 B
1 KB 163ms
163ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=mistermodzzforum.space&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

381ec9823501b056ee269ca62a9508582f7c7cf3cefd6a92bd27613ddb9d71c4

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGoSgJl5Lp07P%2FyJRBeMEXK5JQZkj%2FVesMdHhNVSVnVNL6EJxmvQPga5aw5URb8Xth%2BvRR7PZc0ZRH9AMwdxKT%2FLzBmFKvD10sIFe0xa7gdAfkU6bMqIFTEb5JyOjM6nEdYnQV%2F91njS8G%2Fy30kc3%2FBsax23XiIo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84932ee5714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 571 B
1 KB 151ms
150ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=pastebin.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887a61f15b3a51985912a97e6682fa2fb6b3a14523df731abe66556962583270

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9s6i922YdXaU6dT7HmP8c9K%2FU1yIoBK5L4yFkMJ8bJ0VLOVcWtsnj5pzml84XNqt5m39KecluZSsj5bR3Pv1kG0Hb8fYOTLuURIhBoePdjua5O7bYlow%2F1VkEBQ8iPvzuTr65upDt4qeC6i5WW%2FZtdzPrV63QRdE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84935f23714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 578 B
1 KB 169ms
168ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=github.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6a0f5dd0902fb92cde1e537734c95c713e10f345685af62402b8247435f1f1

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rfiJso2dFMmesJbMOMCSpsJf5keZAkpiX9J9c3h%2FHzV5FUsAqSpEmjd%2BfGJ5kmnwn6mMtq2h%2BkluACn1%2F2KX5spACpD0FInIFrUdZxf2W3tYdE9XubQJbcpLri3rboa4mddOvXZg8SxeW5vJkzNANwUJWx4UV%2B3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84932ede714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 578 B
1 KB 181ms
181ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=github.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6a0f5dd0902fb92cde1e537734c95c713e10f345685af62402b8247435f1f1

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgZDdliEmq%2BVa6kVAXWp4EH45Kr1eSbZfMHJR9U6InJbmA7mDMDST6vbsZpNgo3DWmshzLDGNdxiSTQhu7qC%2F8PzhqEonsIJ%2BkIqGZrhJljkJKyXbiMeHpp6xhf1N6%2BksJMGUlHBMI2kdC2bfLQRg8UE%2BcBEnEdD"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84936f3a714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 571 B
1 KB 160ms
159ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=pastebin.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887a61f15b3a51985912a97e6682fa2fb6b3a14523df731abe66556962583270

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxAL0qHAtI1wmLl7KadHp%2BQVBmZVwyyDZXTeKOgpLlVYRjTAwq8%2FRD8s0WEY0FANdZpzMUDmV66brM%2BG3N7aEtacp78HmQVF4Bbzc6mT3vifX9%2F44CSteuZKYCZJ4wYlA2aNJ0tXHD7alDXVqFmmxHLikp1%2FIDdv"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84932ee2714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 1 KB
2 KB 158ms
158ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=cdn.discordapp.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fb72b38222f7e6dba79ea86a980ae0625bf3c00b4d51096d618e5566cfa09c

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4InHcJL2LTH3MgridgAm4fQeyepCSJt3gVHuFUK5Iqxmih0ycbtuJ%2FZ0HrnP5lHLmKKNfrzXU6uITcml4Yx1xTJ84E1ARF%2Bn0g5ytWBAx1Fl4l4g8pfqgQ03pch1USRdjnMeYqt86ERVNW5%2FLo3FhQONslFEcMx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84933eef714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 1 KB
2 KB 138ms
138ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=cdn.discordapp.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fb72b38222f7e6dba79ea86a980ae0625bf3c00b4d51096d618e5566cfa09c

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYGJCK9wWltZkCCMCeLQ9T5aeE0c69UDVy0T%2FPAHdWxJBOvQbql2p1f3C0pDeXTIcQP70u3QPxPCoaiIdEt%2FiqTtLgKs36x2GL0q%2BMIQINmDiKLzsIWKy7pjlzbHMaus1rC33R%2FBhQ9vuZ55HcsxIevuZsLiC%2BvD"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84936f3e714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 favicons Show response
publisher.linkvertise.com/api/v1/media/ 1 KB
1 KB 190ms
190ms XHR
application/json 2606:4700:3034::ac43:c3a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://publisher.linkvertise.com/api/v1/media/favicons?domain=linkvertise.com&X-Linkvertise-UT=kUOdI2y5NPA4pKiWM4NTgaPVHsHPkCVXICK9TvCaf69fVVzaHPBL9IwdsGx85fyD

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c3a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42311f31804d8717d7f4ecab84b641240ad30a85ddca9d652d63325b19f9906f

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json
Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxZtYrMpH%2Bx%2FVA6Rq15MXsmQZsUbaUxYekijwdWPc%2BtQybwIzEi3beH3NmTwk26WNBoHjSfNPg%2FcALCJ3PwX8wgfr81gO%2BERB09SiVRxCzKIFpveJT1lLqngk52Cdy0KrmuAes71jr5O0tGBsaaLnURLrc8x%2Bazi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73de84934f16714b-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK 4cdf3f16-1f23-41e1-8cca-2493a47e6a3a
https://linkvertise.download/ 7 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://linkvertise.download/4cdf3f16-1f23-41e1-8cca-2493a47e6a3a
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 6656
Content-Type: application/javascript

GET
BLOB 200
OK ff15d767-3360-4f88-81b8-27d5d56942c0
https://linkvertise.download/ 87 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://linkvertise.download/ff15d767-3360-4f88-81b8-27d5d56942c0
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d8a6828f215a7cf57c457d54dc100bc7a73928ff68297dd22d451de053dca6b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 88599
Content-Type: application/javascript

GET
BLOB 200
OK 823e688f-d768-4cdf-85c5-c081448f4fc2
https://linkvertise.download/ 87 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://linkvertise.download/823e688f-d768-4cdf-85c5-c081448f4fc2
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d8a6828f215a7cf57c457d54dc100bc7a73928ff68297dd22d451de053dca6b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 88599
Content-Type: application/javascript

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/8ab9848c-0214-48c2-9378-ecadc4564195/10s/ 3 KB
3 KB 11ms
11ms XHR
application/x-mpegurl 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/8ab9848c-0214-48c2-9378-ecadc4564195/10s/rendition.m3u8?fastly_token=NjMwMTkwMWNfNzdkYzk2OWUxZjY1ZTc1ZWRiNzU0MGQ2ZWYxN2QxOWFiMGM3MTQ1MDRiNzZhZDQwOWZjYzQ2NWUwZDY5OGY3OQ%3D%3D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5eace02e342d846d4b424576a8d4d58a092b5b9ba4c4990abb3db428ef940926

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 varnish
age: 9837
x-powered-by: BC
x-cache: HIT
content-length: 2871
x-served-by: cache-yul12824-YUL
x-device-group: desktop-chrome
x-timer: S1661034043.291036,VS0,VE0
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 2

GET
H2 200 cenw.js Show response
dts.clnmde.com/ Frame AE47 36 B
125 B 37ms
37ms XHR
text/html 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dts.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1fb0cb91f400f2b69d68f338149feb0b50afe11df92adf798470abcb0a76dc24

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 google
etag: W/"24-7Tf7L1kYHaePsopZaFJs8A"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1800
alt-svc: clear
content-length: 36

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
139 B 39ms
38ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=166103404275332964686286_N4IgxmAWDWIFwG0QGYDsyCsAGVBOAbBiADQgBMGyyBAjPsiALqkAOAlgCYAu8SWJIfsxAAnAKYAzAKoiANj0QgBTUgGcRYGfN4hIXLi1UBSZAEEjZAGIXLstgDtoANzEiubVWIB0HAPYB3e1lfAEMOGz9A4LCbTCwADjIbLl8ADzYwAFtfDgAvXIBaJzYWAsyxewBXAoBzLhCMG1SAYQAhAHUATwANfwBZexzO6DJc3BpK0398AHEATVVcaDYAFkSAeUqTazJ8AEdK106TABEAFTSMvpzcgC0LDDIsADUASQAFB6e+iq2KJ5m9SIpD0BmMZhsNjsjhcbg83kiQVC4SsiOiKMscUSyUuWRuhWKpXKVVqQKabS6vQGQxGYwmU1mCyWqw2W2QO32hxEx2Q51x1zy93+Lw+XywPyqYsBDRUICcqgA+pwFAgqrJZMQ1bJhJB5UruDosEasHR8DQsMgVlgVmQqE8KBaMDQVhgMOhXagBMaTfgzRarStkObkFgHZhnR61ibZWBKqouPqVSB4s0pDM3VIaM8BCm0xmszGRE4dMAADood04AgYctwMsgLidFhiWvlsAifXl4jl4qd+Dl03BgMRk1Ua34Lvl3WKzitwTGwf+6225D27Dhl1uzBu8sAX13AnrFCotHotfrjebc-bfe7crYfbgA99Q+tzvQ1BtT0nuj1s-785GoulrWkGFqhuuTqbqgUY0HuB7CPYIS8DauArAQqC7CsxA0CB8SoBauDEJQRrxGsIaISEqjwGQREgGwISZLwWDCAx1FwPEpBsMWcBYF4GBqPUXBxihxBUGJ2GYGJ+BiagYmcdQxC0cQknIBJYkCcgMloPJYlETQuDCLkyFwDQrA1PAcoCDUkCWcBAZkKglCrgQKz4PE+BkB5AjypZ+BeHx6G4AIISyPAakgBIYDwAUZkgGI7h2S+S42gI8YWbxaiwHAID2cuCpOiGm4rCsTlkAIYglHZ6H8f5NCUF4NDxMFpCwpZLAiDkFWVCZcWVGw8BYKQYhOGFiDCCwvnjWosjxklfogTaMGeqQsgSPAcWxvG+qWbm6aoJm2atQ+nDza+KzvieX78KQNTRaZyWLXacV7GIG2kBIA1wGQu5AA
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

GET
BLOB 200
OK e96cb7e0-74bd-4f89-a980-baebea9dc3d8
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/e96cb7e0-74bd-4f89-a980-baebea9dc3d8
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 556eb112c92e6a1890b1e013d104531116671ec1c61782d2a5d5045a29f022ed

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61605
Content-Type: image/svg+xml

GET
BLOB 200
OK 91b70aca-05da-49e1-95eb-63a33834163d
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/91b70aca-05da-49e1-95eb-63a33834163d
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30d604f9056ecb2a835c2a7ee65e1e22b4a9155b65adcea60af08b1445823453

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61116
Content-Type: image/svg+xml

GET
BLOB 200
OK e61fb3bf-8041-4908-a834-df63b781c882
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/e61fb3bf-8041-4908-a834-df63b781c882
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66ea3d6797505470ea117f5a3ab241018b5dd1448af42c2568aefb0cf6aa364b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61630
Content-Type: image/svg+xml

GET
BLOB 200
OK 13e9f9fb-9bbf-40c7-b9b4-029142b09fdf
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/13e9f9fb-9bbf-40c7-b9b4-029142b09fdf
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ab8177825280cfa61b52e33eea57e8f3d94e5e63bcd2c0247f82cc27e3352e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61842
Content-Type: image/svg+xml

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/7fbf3a47-a55d-490a-a59c-e7e8dbb0b412/10s/ 3 KB
3 KB 11ms
11ms XHR
application/x-mpegurl 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/7fbf3a47-a55d-490a-a59c-e7e8dbb0b412/10s/rendition.m3u8?fastly_token=NjMwMTkwMWNfNWFjZmU0ZjE3ZTA1NjJjODVmODZkZThkZmRmNGE4MDVjNjk3ZWY4M2FhYTYyYzc3YmFjMmE3MzRkYTViY2JlZQ%3D%3D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 5b70ad48011cf83779e5beb73f2dcee87d951f011dc03ef091559c590b536b15

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 varnish
age: 2939
x-powered-by: BC
x-cache: HIT
content-length: 2865
x-served-by: cache-yul12824-YUL
x-device-group: desktop-chrome
x-timer: S1661034043.361711,VS0,VE0
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 2

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 43ms
43ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 20 Aug 2022 22:20:43 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 json Show response
trc.taboola.com/linkvertise-link-to/trc/3/ 50 KB
14 KB 254ms
245ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/linkvertise-link-to/trc/3/json?tim=22%3A20%3A43.364&lti=deflated&data=%7B%22id%22%3A728%2C%22ii%22%3A%22%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2Fxcbwyxwmnodyk2z91uaw6gys9ki482ou%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1660827110417%2C%22vi%22%3A1661034043360%2C%22cv%22%3A%2220220818-14-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou%22%2C%22vpi%22%3A%22%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2Fxcbwyxwmnodyk2z91uaw6gys9ki482ou%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2090%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2Fxcbwyxwmnodyk2z91uaw6gys9ki482ou%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7830f38d1b2ad0fe04a37e5c2e3cabff38f4db64da69387c5fd5e03578ed5ec2

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 234
date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: gzip
server: nginx
x-timer: S1661034043.380036,VS0,VE234
x-served-by: cache-yul12824-YUL
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://linkvertise.download
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/8ab9848c-0214-48c2-9378-ecadc4564195/5x/ 697 KB
698 KB 100ms
33ms XHR
video/mp2t 2600:141b:13::17d7:82ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/8ab9848c-0214-48c2-9378-ecadc4564195/5x/segment0.ts?akamai_token=exp=1661046786~acl=/media/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/8ab9848c-0214-48c2-9378-ecadc4564195/*~hmac=ee6853c1901c1355ff650e8f09f208dc2c0379fd4460d9c5619bbebcd340f229
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:13::17d7:82ea New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: e6fb9ccc20a175c91617d984be1c6b2bd5ce7cc7bbaa98ab5b614fc61ed86e6f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Unused62: 8096267
Date: Sat, 20 Aug 2022 22:20:43 GMT
X-Amz-Cf-Pop: IAD89-C1
X-Powered-By: BC
Backend-IP: 13.249.32.225
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 713272
X-Served-By: cache-dca17723-DCA
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1621707335.860422,VS0,VE3
X-Powered-From: gantry
ETag: "7e3496b30f2d23edd3ac5c312fd4740b"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=17917670
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: 3ZcSEn04p2I3auhc8UiQMHa_mPOebq4UIz5j2PLhlSq_7MmaK9bmhQ==
Expires: Thu, 16 Mar 2023 07:28:33 GMT
X-Cache-Hits: 1

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/linkvertise-link-to/log/3/ 0
250 B 82ms
18ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/linkvertise-link-to/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://linkvertise.download
pragma: no-cache
date: Sat, 20 Aug 2022 22:20:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 sr.bladex.js Show response
sdk.streamrail.com/blade/ 629 KB
161 KB 21ms
21ms Script
application/javascript 2600:9000:2209:c400:c:492d:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.streamrail.com/blade/sr.bladex.js
Requested by: Host: api.vidiom.net
URL: https://api.vidiom.net/js/6202810a4703130001aac845/620395414703130001aacf6c/player.js?t=bladex&config=rise-620395414703130001aacf6c-config&callback=rise-620395414703130001aacf6c-callback
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c400:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c27cd3a5edf281c903c344fc4f9b89637b288b65ff4617e90d8d500890cd2414

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:13:58 GMT
content-encoding: gzip
last-modified: Sun, 14 Aug 2022 11:32:56 GMT
server: AmazonS3
age: 406
etag: "c5e00c52ac0cc01e3654ae0428b91bf2"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: EWR53-P1
accept-ranges: bytes
content-length: 164728
x-amz-cf-id: 7_CLuTIwUarrs61hKAmu2tZFUVpR85Xg0_bucc2teJZDZ7JocfRMmw==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3416 102 B
134 B 40ms
39ms Other
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF

Requested by

Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99584f816df6714b39895e4032ede0c137cd7fd764abbb64845f25848ccc0565

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdxzNoUAAAAAC7rwigQ9hI75HZl9mXhumAUR-B-&co=aHR0cHM6Ly9qcy5jaGFyZ2ViZWUuY29tOjQ0Mw..&hl=en&v=PRMRaAwB3KlylGQR57Dyk-pF&size=invisible&cb=7wdwb7p0kmw8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 20 Aug 2022 22:20:43 GMT

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/7fbf3a47-a55d-490a-a59c-e7e8dbb0b412/5x/ 171 KB
172 KB 68ms
32ms XHR
video/mp2t 2600:141b:13::17d7:82ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/7fbf3a47-a55d-490a-a59c-e7e8dbb0b412/5x/segment0.ts?akamai_token=exp=1661053684~acl=/media/v1/hls/v4/clear/5985631845001/b2cd9766-f2e5-42e1-ba76-709f30f04642/7fbf3a47-a55d-490a-a59c-e7e8dbb0b412/*~hmac=127d38f5963fc1fc5262f568cbf27edd5035134d6a57c030f967a6a08b328420
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:13::17d7:82ea New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: f0bc52c7c40e879112cabdfb65940ff93fb0b29a7fa3209ceb6cafbf597c0dfd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Unused62: 8096267
Date: Sat, 20 Aug 2022 22:20:43 GMT
X-Amz-Cf-Pop: EWR53-P1
X-Powered-By: BC
Backend-IP: 54.230.244.150
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 174840
X-Served-By: cache-ewr18151-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1621352385.915329,VS0,VE2
X-Powered-From: gantry
ETag: "1499a826aba99b431d2d923f176445a7"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=26385970
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: FuxmBhWIx_VEAYkuJK8FOqEAuCwvK4CroXhdXBXpUNJrdSdSNDZHSQ==
Expires: Thu, 22 Jun 2023 07:46:53 GMT
X-Cache-Hits: 1

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
552 B 84ms
42ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Aug 2022 20:48:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Aug 2022 22:20:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Aug 2022 22:20:43 GMT

GET
H2 200 prebid-ads Show response
ads.nighttstand.com/ 0
264 B 24ms
24ms XHR
text/plain 34.199.102.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.nighttstand.com/prebid-ads
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.102.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-102-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://linkvertise.download
date: Sat, 20 Aug 2022 22:20:43 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

GET
BLOB 200
OK cf4327d0-7537-49f0-af6b-93b2f2d0c6d8
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/cf4327d0-7537-49f0-af6b-93b2f2d0c6d8
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d962426197c7c45d66894601c8dd5b1e5615ca51a813ee68c959fc24312ca

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61949
Content-Type: image/svg+xml

GET
H2 200 cta-component.20220818-14-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 12ms
11ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220818-14-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/linkvertise-link-to/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff585bd021828f293a470ab1f3e5a3c8e794782831e00c38395474406f8211b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: Q9SUBuWcw13cfyKsFYGcBvbysEu03bdC
content-encoding: gzip
etag: "7effbf5747b05fc78f351727875c3138"
age: 57
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5109
x-amz-id-2: 7vdZ9sMhk7hwAjQZBcCK7bAobrHhlfwTthGqxCWlaQeIyfvuWVOUSrB+iOg9JeP4ItAUBjih3nk=
x-served-by: cache-yul12824-YUL
last-modified: Thu, 18 Aug 2022 13:12:19 GMT
server: AmazonS3
x-timer: S1661034044.719678,VS0,VE0
date: Sat, 20 Aug 2022 22:20:43 GMT
vary: Accept-Encoding
x-amz-request-id: SW6ZWN3VW0TX94AT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 68

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.0/ 103 KB
30 KB 13ms
12ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220818-14-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 104677a0f5e8b6f902f921ee6b02f47193f0a5d4832093facbd0b08d5c98be13

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 e0170582752f8bcacf802243afe5509c.cloudfront.net (CloudFront), 1.1 varnish
age: 393350
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 29881
x-served-by: cache-yul12824-YUL
last-modified: Tue, 16 Aug 2022 09:03:55 GMT
server: AmazonS3
x-timer: S1661034044.726023,VS0,VE0
etag: "ff76a26f0b86850d629e384357d71e2e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: YUL62-C2
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: D-9KZrKAl1OJgwkmdp-MLRlO_sLruY5MFYUCtAJ__uEXnnm8GCU2fg==
x-cache-hits: 35254

GET
H2 200 userx.20220818-14-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 11ms
11ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220818-14-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/linkvertise-link-to/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 447882bb1d3014679759527153b4e4b3ecabfe2c0688c5f4870d13abc1df12ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: grTCyjQI5lijdatrpCHUHwH4FweS6qGO
content-encoding: gzip
etag: "023bf2064f7563b2bba46731ac2c506e"
age: 92
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: cO/mFjY7njeEugbi0GRkCF4I3fOc0lquDjnGRLjgCmQS2fwgLtcuWoKKjrjFRh51ztHdD2O6cso=
x-served-by: cache-yul12824-YUL
last-modified: Thu, 18 Aug 2022 13:15:32 GMT
server: AmazonS3
x-timer: S1661034044.725700,VS0,VE0
date: Sat, 20 Aug 2022 22:20:43 GMT
vary: Accept-Encoding
x-amz-request-id: PJHJF4F9PMXXQFJX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 36

GET
H2 204 debug
us-trc-events.taboola.com/linkvertise-link-to/log/2/ 0
89 B 24ms
22ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-trc-events.taboola.com/linkvertise-link-to/log/2/debug?tim=22%3A20%3A43.709&type=usage&msg=cta-_1661034043709&llvl=2&id=2537&cv=20220818-14-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou%22%2C%22itemId%22%3A%22~~V1~~2101469392900082023~~0JqsDhOpQpPwR%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A3%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22innerText%22%3A%22Basement%20Repair%20%7C%20Search%20AdsCheap%20Foundation%20Leak%20Repair%20Services%20in%20Montreal%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17753

GET
H2 204 debug
us-trc-events.taboola.com/linkvertise-link-to/log/2/ 0
89 B 22ms
22ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-trc-events.taboola.com/linkvertise-link-to/log/2/debug?tim=22%3A20%3A43.709&type=usage&msg=cta-_1661034043709&llvl=2&id=2702&cv=20220818-14-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou%22%2C%22itemId%22%3A%22~~V1~~2101469392900082023~~0JqsDhOpQpPwR%22%2C%22type%22%3A%22filter%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-filter-item_branding_before_title%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A3%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22innerText%22%3A%22Basement%20Repair%20%7C%20Search%20AdsCheap%20Foundation%20Leak%20Repair%20Services%20in%20Montreal%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17753

GET
H2 204 debug
us-trc-events.taboola.com/linkvertise-link-to/log/2/ 0
89 B 21ms
20ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-trc-events.taboola.com/linkvertise-link-to/log/2/debug?tim=22%3A20%3A43.711&type=usage&msg=cta-_1661034043711&llvl=2&id=9644&cv=20220818-14-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou%22%2C%22itemId%22%3A%22~~V1~~-8398023125997721361~~K0pC9omxY9GR%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A5%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22innerText%22%3A%22Thing2know.comBest%20Car%20Insurance%20Companies%20-%20Read%20This%20Before%20You%20Make%20A%20Decision%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17753

GET
H2 204 debug
us-trc-events.taboola.com/linkvertise-link-to/log/2/ 0
89 B 19ms
18ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-trc-events.taboola.com/linkvertise-link-to/log/2/debug?tim=22%3A20%3A43.711&type=usage&msg=cta-_1661034043711&llvl=2&id=576&cv=20220818-14-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou%22%2C%22itemId%22%3A%22~~V1~~-8398023125997721361~~K0pC9omxY9GR%22%2C%22type%22%3A%22filter%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-filter-item_branding_before_title%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A5%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22innerText%22%3A%22Thing2know.comBest%20Car%20Insurance%20Companies%20-%20Read%20This%20Before%20You%20Make%20A%20Decision%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17753

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfbbed5d3ec07d4d80fd922f1a8c2e16d4e17acc2ac77ad87d6a2da9752fdd8c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK 334ee393-ac47-4df6-a01d-7211a068452c
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/334ee393-ac47-4df6-a01d-7211a068452c
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 558c578e7c528037f1052b3df570d10c85a362586ed5dea44c15aa5bebde0277

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61342
Content-Type: image/svg+xml

GET
BLOB 200
OK cb113990-e03e-4b78-a385-7e730a576c13
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/cb113990-e03e-4b78-a385-7e730a576c13
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5ed59107b20367ec153982e912c22d9a7026f312cfac68e70bd644762db6d4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61694
Content-Type: image/svg+xml

GET
BLOB 200
OK 517872e4-6ce0-4691-9863-72af57b474fc
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/517872e4-6ce0-4691-9863-72af57b474fc
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4db486fb99e41fc2cb08882825f95253c3676e4bf6cc2c210e5c6c0ad66473f0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61353
Content-Type: image/svg+xml

POST
H2 204 bulk-metrics Show response
us-trc-events.taboola.com/linkvertise-link-to/log/3/ 0
249 B 19ms
19ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us-trc-events.taboola.com/linkvertise-link-to/log/3/bulk-metrics?route=US%3AUS%3AV&lti=deflated&bulkSize=5
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://linkvertise.download
pragma: no-cache
date: Sat, 20 Aug 2022 22:20:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
BLOB 200
OK 428754eb-025a-403d-80b2-28663b4c76d8
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/428754eb-025a-403d-80b2-28663b4c76d8
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fcc066d0086dd9c72d74aedf363b198d6179aca6a66e6156a7f96b3398f9a20

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61103
Content-Type: image/svg+xml

GET
BLOB 200
OK 3d8aad31-8a9b-40c7-a5d9-d2acd27e83a3
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/3d8aad31-8a9b-40c7-a5d9-d2acd27e83a3
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e5657c39160abaf0a9033e2e8a30728dcae3a5c33969150ab85c0a91d2e2daa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61937
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1b1ed242aa8f1b44e94ddebf66e08ec4297fce5f55f3df3169dadf103aa9f32

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07a463f8a435ff24b34621fa69d05ca6f8008bf9f75358f94ef969bf24bfdcc9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec849f84387e58ddc1f5f260ba5b615aa799f6c17553612be9306e254a04c471

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ProfilesEngineServlet Show response
api.intentiq.com/profiles_engine/ 81 B
796 B 72ms
29ms XHR
text/html 13.226.39.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1660370273&pt=17&dpn=1&jsver=4&iiqidtype=2&iiqpcid=816945f8-3a8f-415d-89aa-f99709958952&iiqpciddate=1661034043898&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=0&tsrnd=376_1661034043899&fbp=2503514557&cttl=43200000
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-49.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 17b6e35c461004dfbeac437344a9266bafcfa1cc293626f14835ab60c2862bdc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent: https://www.almondnet.com/ip
pragma: no-cache
server: Apache-Coyote/1.1
access-control-max-age: 3600
access-control-allow-methods: POST, GET
content-type: text/html
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id: PEAbzt89WEaHKL4OLS17-ZYRn-jI_iVrXlgHRI6eQiaukPRrqD3i4A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs.html Show response
sdk.streamrail.com/cs-config/ Frame 348B 3 KB
4 KB 19ms
18ms Document
text/html 2600:9000:2209:c400:c:492d:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:c400:c:492d:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f48a6d82840fe8d6952bd2570b2f0a960b42bba1b10d4786b0564f04be87fa19

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 58376
content-length: 3480
content-type: text/html
date: Sat, 20 Aug 2022 06:07:48 GMT
etag: "a0a441bd34ade33598ec2a72125b5709"
last-modified: Tue, 12 Apr 2022 07:32:27 GMT
server: AmazonS3
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-amz-cf-id: hna7QbRJZFD3iGE-vvQCXcZB_2NVF3ya_Jc0bIrEaHuv2sTZYNaicg==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H2 200 54797004 Show response
powerad.ai/vast/ 647 B
889 B 79ms
25ms XHR
text/xml 54.158.11.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/vast/54797004
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.11.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-11-168.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5a3aa5188747ecbe397900d975ab848b7bd99f950038c4fb11c979f3a5965dba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
x-powered-by: Express
etag: W/"287-9YU/GCXfTYbb/ypBP2uIzYa1ewo"
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://linkvertise.download
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 647

GET
H2 204 x
k.streamrail.com/ 0
91 B 91ms
43ms Image
text/plain 107.178.247.57
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.streamrail.com/x?at=vpaid-js&s=uvGz5Ja%2Fq%2FIBlvzVgRo&mv=d81_2c8&hh=ip-172-31-67-42&or=5b4f573aebf85b0001000002&d=linkvertise.download&pi=620395414703130001aacf6c&pageurl=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2Fxcbwyxwmnodyk2z91uaw6gys9ki482ou&w=400&h=225&ps=medium&sam_js_ver=2535&si=wr-mrkt&l=1&en=d&den=d&bl=2041&tc=620393a400be360001985d37&v=3678&pl=bx_3678&cc=Rh0&ns=1&os=windows&ov=10&b=chrome&bv=104&ip=149.56.153.189&dt=desktop&wri=620395cf4703130001aacf7b&wv=3678&dw=400&dh=225&ds=medium&stc=620394d200be360001985d87&ac=2&aw=1&blf=3047&r1=9e85415c8b7340ad0d2ea49cf4e46a57&ts=iLmUkAE&a=am&ca=adserver&lt=4&sd=toxicmodzz-vip-menu-gta5%2Fxcbwyxwmnodyk2z91uaw6gys9ki482ou&co=adsmanager&p=2241953164&rand=549300733&dd=linkvertise.download
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.247.57 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 57.247.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1660370273&rnd=105150&iiqidtype=2&iiqpcid=816945f8-3a8f-415d-89aa-f99709958952&iiqpciddate=1661034043898&tsr...
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1660370273&rnd=105150&iiqidtype=2&iiqpcid=816945f8-3a8f-415d-89aa-f99709958952&iiqpciddate=1661034043898&ts...
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=KC407fjEX4&expires=1825&rnd=-2006008232

42 B
775 B

149ms
24ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=KC407fjEX4&expires=1825&rnd=-2006008232
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=KC407fjEX4&expires=1825&rnd=-2006008232
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
content-type: image/gif
content-length: 43
x-amz-cf-id: FXWv7xDQJFWEMmqoCrsFHZqQsHbNS3e2whFEn38cqgKoWjhNqb0PXA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 5ed49b02-2a94-4369-b635-ab4b688e5ad0
https://linkvertise.download/ 60 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://linkvertise.download/5ed49b02-2a94-4369-b635-ab4b688e5ad0
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11f8845b71933a283feef80429c30444d8ed30e2bfb46b051c1b83364362db3d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 61604
Content-Type: image/svg+xml

GET
H2 200 list Show response
cs.yellowblue.io/ Frame 348B 3 KB
3 KB 99ms
24ms Script
application/javascript 52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.yellowblue.io/list?cb=__SRCsSC10709815&tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: f0d74a1221b8d10ac3cf1f8a5b29b360c54aebed2db2fb751c22d77a4d9ed7d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

GET
H2 204 debug
us-trc-events.taboola.com/linkvertise-link-to/log/2/ 0
89 B 20ms
20ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-trc-events.taboola.com/linkvertise-link-to/log/2/debug?tim=22%3A20%3A44.184&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=45&cv=20220818-14-RELEASE&lt=deflated&pct=1
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 17908

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 91CD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

281 B
573 B

79ms
23ms

Document
text/html

23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sdk.streamrail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 Aug 2022 22:20:44 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 20 Aug 2022 22:20:44 GMT
location: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7862&gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11561%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7862&gdpr=0&gdpr_consent=0&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11561%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=55484abe-20d6-...
https://cs.yellowblue.io/cs?aid=11561&id=55484a5f-20d6-11ed-b08b-125e01710403

0
281 B

1636ms
1636ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11561&id=55484a5f-20d6-11ed-b08b-125e01710403
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:46 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

Date: Sat, 20 Aug 2022 22:20:44 GMT
Server: nginx
Location: https://cs.yellowblue.io/cs?aid=11561&id=55484a5f-20d6-11ed-b08b-125e01710403
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 72
Connection: keep-alive
Content-Length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=0&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
https://cs.yellowblue.io/cs?aid=11563&id=bf460dcd-e71d-492b-a65d-e8c79988c3c8&gdpr=0&gdpr_consent=0

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11563&id=bf460dcd-e71d-492b-a65d-e8c79988c3c8&gdpr=0&gdpr_consent=0
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

date: Sat, 20 Aug 2022 22:20:44 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cs.yellowblue.io/cs?aid=11563&id=bf460dcd-e71d-492b-a65d-e8c79988c3c8&gdpr=0&gdpr_consent=0
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11564%26id%3D%24UID
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11564%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9jcy55ZWxsb3dibHVlLmlvL2NzP2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fcs.yellowblue.io%252Fcs%253Faid%253D11564%2526id%253D%2524EMXUID%26b...
https://cs.emxdgt.com/umcheck?apnxid=361841949617637721&redirect=https://cs.yellowblue.io/cs?aid=11564&id=$EMXUID&b64_redirect=aHR0cHM6Ly9jcy55ZWxsb3dibHVlLmlvL2NzP2FpZD0xMTU2NCZpZD0kRU1YVUlE
https://cs.yellowblue.io/cs?aid=11564&id=361841949617637721brt56791661034044376010b3

0
281 B

24ms
23ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11564&id=361841949617637721brt56791661034044376010b3
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

location: https://cs.yellowblue.io/cs?aid=11564&id=361841949617637721brt56791661034044376010b3
date: Sat, 20 Aug 2022 22:20:43 GMT
content-length: 0
content-type: text/html

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://csync.loopme.me/?gdpr=0&gdpr_consent=0&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
https://cs.yellowblue.io/cs?aid=11571&id=df56b229-6e59-4c71-9d8c-b99722e481bb&gdpr_consent=0&gdpr=0

0
281 B

25ms
25ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11571&id=df56b229-6e59-4c71-9d8c-b99722e481bb&gdpr_consent=0&gdpr=0
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

date: Sat, 20 Aug 2022 22:20:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://cs.yellowblue.io/cs?aid=11571&id=df56b229-6e59-4c71-9d8c-b99722e481bb&gdpr_consent=0&gdpr=0
cf-ray: 73de8498fce97142-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D
https://cs.yellowblue.io/cs?aid=11575&uid=FA84A57380CF450A9E4FC0C8BEE5DC39

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11575&uid=FA84A57380CF450A9E4FC0C8BEE5DC39
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 varnish
server: nginx
age: 0
location: https://cs.yellowblue.io/cs?aid=11575&uid=FA84A57380CF450A9E4FC0C8BEE5DC39
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain
access-control-allow-origin: https://sdk.streamrail.com/
access-control-allow-credentials: true
x-varnish: 130763897
content-length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjE0RjJBNDAtNDk4Ni00NDg2LTg4RDUtQ0ZDMzgzOERFNzE4&gdpr=0&gdpr_consent=0
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjE0RjJBNDAtNDk4Ni00NDg2LTg4RDUtQ0ZDMzgzOERFNzE4&gdpr=0&gdpr_consent=0&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
https://cs.yellowblue.io/cs?aid=11576&id=B14F2A40-4986-4486-88D5-CFC3838DE718

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11576&id=B14F2A40-4986-4486-88D5-CFC3838DE718
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

location: https://cs.yellowblue.io/cs?aid=11576&id=B14F2A40-4986-4486-88D5-CFC3838DE718
date: Sat, 20 Aug 2022 22:20:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 104
content-type: text/html; charset=utf-8

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rise?zcc=1&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D&cb=1661034044392
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5142428227
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5142428227
https://sync.1rx.io/usersync/tradedesk/fe12010f-1b82-45cc-b3fc-d2b4d75d6e37
https://sync.targeting.unrulymedia.com/csync/RX-50fc0f89-6540-40df-ad96-fc4940425e79-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-50fc0f89-6540-40df-ad96-fc4940425e79-005
https://cs.yellowblue.io/cs?aid=11579&id=RX-50fc0f89-6540-40df-ad96-fc4940425e79-005

0
281 B

1682ms
1682ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11579&id=RX-50fc0f89-6540-40df-ad96-fc4940425e79-005
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:46 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

Date: Sat, 20 Aug 2022 22:20:44 GMT
Server: Tengine
ETag: RX50fc0f89654040dfad96fc4940425e79005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cs.yellowblue.io/cs?aid=11579&id=RX-50fc0f89-6540-40df-ad96-fc4940425e79-005
Connection: keep-alive
Content-Type: text/html

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
https://cs.yellowblue.io/cs?aid=11580&puid=78211126683458

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11580&puid=78211126683458
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 100000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://cs.yellowblue.io/cs?aid=11580&puid=78211126683458
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://x.bidswitch.net/sync?ssp=rise&gdpr=0&gdpr_consent=0&user_id=owOUipjak
https://x.bidswitch.net/ul_cb/sync?ssp=rise&gdpr=0&gdpr_consent=0&user_id=owOUipjak
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=fae6614c-d413-44b1-88b3-c5b0bb9793a8&ssp=rise&gdpr=0&gdpr_consent=0
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594858865230008242&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10594858865230008242&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=e82e2379-cb06-4391-83da-f4c2c6a8d105&ssp=rise&gdpr_consent=0&gdpr=0
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594858865230008242&ssp=rise&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214910604249014826738&ssp=rise&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10594858865230008242&ssp=rise&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11582&id=fae6614c-d413-44b1-88b3-c5b0bb9793a8

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11582&id=fae6614c-d413-44b1-88b3-c5b0bb9793a8
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:45 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

Location: //cs.yellowblue.io/cs?aid=11582&id=fae6614c-d413-44b1-88b3-c5b0bb9793a8
Date: Sat, 20 Aug 2022 22:20:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D&s=194590&C=1
https://cs.yellowblue.io/cs?aid=11583&id=YwFePEFT0gJ8ZLYdQXj7BgAAAIoAAAIB

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11583&id=YwFePEFT0gJ8ZLYdQXj7BgAAAIoAAAIB
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjpXFCUMYwwU9fDBLIiV0gcbJ8GevvelfsvuEd2Qh8mXKNySmfoRxreAs2bO%2FH%2BiFe3lpefUthAS6D36%2FLWo0EBeOw3mwTvztHNg9%2FaviVIRduKT%2FlPBwS4HyKMaK0%2B6uW2TnMtmcpofiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cs.yellowblue.io/cs?aid=11583&id=YwFePEFT0gJ8ZLYdQXj7BgAAAIoAAAIB
cache-control: no-cache
cf-ray: 73de84998af5a1ff-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://ads.yieldmo.com/pbsync?is=rise&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
https://cs.yellowblue.io/cs?aid=11584&uid=gfdb5d6fe8575948e491&gdpr=&gdpr_consent=&us_privacy=

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11584&uid=gfdb5d6fe8575948e491&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
location: https://cs.yellowblue.io/cs?aid=11584&uid=gfdb5d6fe8575948e491&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
https://cs.yellowblue.io/cs?aid=11585&id=3040356441455740000V10

0
281 B

24ms
23ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11585&id=3040356441455740000V10
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sat, 20 Aug 2022 22:20:44 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://cs.yellowblue.io/cs?aid=11585&id=3040356441455740000V10
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
x-mnet-hl2: E
expires: Sat, 20 Aug 2022 22:20:44 GMT

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=0
https://cs.yellowblue.io/cs?aid=11587&uid=3e72ada8-ebce-4097-8126-4d2509c1b8ea

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11587&uid=3e72ada8-ebce-4097-8126-4d2509c1b8ea
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

location: https://cs.yellowblue.io/cs?aid=11587&uid=3e72ada8-ebce-4097-8126-4d2509c1b8ea
date: Sat, 20 Aug 2022 22:20:44 GMT
content-length: 0

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58547/occ?gdpr=0&gdpr_consent=0
https://ups.analytics.yahoo.com/ups/58547/occ?gdpr=0&gdpr_consent=0&verify=true
https://cs.yellowblue.io/cs?aid=11591&id=y-E8LuFYxE2uHcU4poNhJQoD10dIqQ.gQefmpJTrU-~A

0
281 B

25ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11591&id=y-E8LuFYxE2uHcU4poNhJQoD10dIqQ.gQefmpJTrU-~A
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

location: https://cs.yellowblue.io/cs?aid=11591&id=y-E8LuFYxE2uHcU4poNhJQoD10dIqQ.gQefmpJTrU-~A
date: Sat, 20 Aug 2022 22:20:44 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=0&rurl=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
https://cs.yellowblue.io/cs?aid=11592&uid=BSTTHBlgSSTE&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=0&gdpr=0

0
281 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11592&uid=BSTTHBlgSSTE&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=0&gdpr=0
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sdk.streamrail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://sdk.streamrail.com/
date: Sat, 20 Aug 2022 22:20:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
location: https://cs.yellowblue.io/cs?aid=11592&uid=BSTTHBlgSSTE&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=0&gdpr=0
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5ff85589b7-klcch
expires: -1

GET
H2

200

cs
cs.yellowblue.io/ Frame 348B
Redirect Chain

https://sync.inmobi.com/oRTB?redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11595%26id%3D%7BID5UID%7D
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11595%26id%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://cs.yellowblue.io/cs?aid=11595&id=ID5-ZHMOLXZu_fwlhoFKxCS_PgSBEY7S-8_37cxujR3f2g

0
274 B

24ms
24ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11595&id=ID5-ZHMOLXZu_fwlhoFKxCS_PgSBEY7S-8_37cxujR3f2g
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/cs-config/cs.html?tc=620393a400be360001985d37&org=6202810a4703130001aac845&as=5ee9f94156cb0a00015f6a2b
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: cs.yellowblue.io
date: Sat, 20 Aug 2022 22:20:45 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

location: https://cs.yellowblue.io/cs?aid=11595&id=ID5-ZHMOLXZu_fwlhoFKxCS_PgSBEY7S-8_37cxujR3f2g
date: Sat, 20 Aug 2022 22:20:44 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET us
sync.go.sonobi.com/ Frame 348B 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 91CD 31 KB
10 KB 19ms
19ms Script
text/html 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4f2f35e1b2c0e6303c9315039626fb1a7560f713460759f9b212a210f3d7bdd1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 20 Aug 2022 22:20:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21335
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Sun, 21 Aug 2022 04:16:19 GMT

GET
H2 200 st Show response
imprnjmp.taboola.com/ Frame 9618 8 KB
2 KB 35ms
34ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&cmcv=&pix=undefined&cb=1661034044451&uv=3218&tms=1661034044451&abt=adh5c-1_vA!ecp_vC!esv_vA!inc_all_video_vA!Noappq22_vC!scec9_vA!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=ed460956-8fd8-4a77-8a8b-f35a146690d2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bddd7fb493c77bb08090620dc7d5c58be017da67b861a7fdc2e8daed7f6d5cdc

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sat, 20 Aug 2022 22:20:44 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yul12824-YUL
x-timer: S1661034044.462436,VS0,VE23

GET
H2 200 sync Show response
us-match.taboola.com/ Frame 17CC 8 KB
8 KB 40ms
24ms Document
text/html 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us-match.taboola.com/sync?dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: bf46fd813676defbf8c9e6aea76ecd66896f0f7c6b69af68466a84e618891740

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 20 Aug 2022 22:20:44 GMT
machineid: 3106
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
791 B 173ms
165ms XHR
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=64&height=36&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1661034044461&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1472&pt=-538413471&tz=0&viewable=true&ddast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1776275&dpubid=358305&abtst=adh5c-1_vA!ecp_vC!esv_vA!inc_all_video_vA!Noappq22_vC!scec9_vA!spa2_vB!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Flinkvertise.download&en=1
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 081aaa5e696c59cdd8ee848c82a9d906c39c0238e038f259d6927e3704eb7f11

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: text/plain

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
content-encoding: gzip
access-control-allow-origin: https://linkvertise.download
machineid: 1164
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yul12824-YUL
pragma: no-cache
server: nginx
x-timer: S1661034044.477435,VS0,VE154
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
us-vid-events.taboola.com/ 0
43 B 32ms
19ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&cmcv=&pix=31589837&cb=1661034044451&uv=3218&tms=1661034044451&abt=adh5c-1_vA!ecp_vC!esv_vA!inc_all_video_vA!Noappq22_vC!scec9_vA!spa2_vB!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1661034040473.2!ts:1661034044451&mntl=1
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
content-length: 0
server: nginx

GET
H2

200

cs
cs.yellowblue.io/ Frame 91CD
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=L72GS7AK-27-8036
https://cs.yellowblue.io/cs?aid=11590&id=L72GS7AK-27-8036

0
284 B

1647ms
1647ms

Image
application/javascript

52.70.80.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11590&id=L72GS7AK-27-8036
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol: H2
Server: 52.70.80.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-80-198.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://eus.rubiconproject.com/
date: Sat, 20 Aug 2022 22:20:46 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cs.yellowblue.io/cs?aid=11590&id=L72GS7AK-27-8036
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91CD
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyR1M3QUstMjctODAzNg==

170 B
188 B

37ms
37ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyR1M3QUstMjctODAzNg==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDcyR1M3QUstMjctODAzNg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 91CD
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hApqYqwwTfi5scTmOff-iA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hApqYqwwTfi5scTmOff-iA

43 B
556 B

29ms
29ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hApqYqwwTfi5scTmOff-iA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Aug 2022 22:20:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CB0GMT2A4V658MYPE12V
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hApqYqwwTfi5scTmOff-iA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 91CD
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L72GS7AK-27-8036&sigv=1&esig=2~192013c594abb35c89ef9c9b8afb953588325da8

0
194 B

96ms
25ms

Image
text/plain

2001:4998:1c:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L72GS7AK-27-8036&sigv=1&esig=2~192013c594abb35c89ef9c9b8afb953588325da8

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

Protocol

Server

2001:4998:1c:800::1000 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L72GS7AK-27-8036&sigv=1&esig=2~192013c594abb35c89ef9c9b8afb953588325da8
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 91CD
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L72GS7AK-27-8036

0
574 B

134ms
73ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L72GS7AK-27-8036
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E60814C9E03C4CE4A19A992DCED3BBB4 Ref B: YTO01EDGE0715 Ref C: 2022-08-20T22:20:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXms6Az5woHtsZU6zhcjw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L72GS7AK-27-8036
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 368ba1c92c09ff88b641150fbbf94341
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 91CD
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fe12010f-1b82-45cc-b3fc-d2b4d75d6e37&gdpr=0&gdpr_consent=&expires=30

42 B
775 B

26ms
26ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fe12010f-1b82-45cc-b3fc-d2b4d75d6e37&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fe12010f-1b82-45cc-b3fc-d2b4d75d6e37&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91CD
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDY5NGZmZDgyYzI1Njg1YzQ4YWViY2FmODNkNWI0ZmQ4NzRkZjI4NQ

170 B
188 B

44ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDY5NGZmZDgyYzI1Njg1YzQ4YWViY2FmODNkNWI0ZmQ4NzRkZjI4NQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDY5NGZmZDgyYzI1Njg1YzQ4YWViY2FmODNkNWI0ZmQ4NzRkZjI4NQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame 91CD
Redirect Chain

https://id.rlcdn.com/709414.gif
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

36ms
26ms

Image
text/plain

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 91CD
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=knVILZVaS8ayE3-mF0jSqQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=knVILZVaS8ayE3-mF0jSqQ

43 B
556 B

104ms
104ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=knVILZVaS8ayE3-mF0jSqQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Aug 2022 22:20:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XEPEVNATR9P3QBR8DESJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=knVILZVaS8ayE3-mF0jSqQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_1_8/infra/ 725 KB
124 KB 37ms
13ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_1_8/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8e5222350bd22079ba76a819e20ccea6be4235110a4b8cebd33564fdda18cab7

Request headers

Referer: https://linkvertise.download/
Origin: https://linkvertise.download
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 varnish
age: 225840
x-amz-meta-mtime: 1660808030
x-cache: HIT
x-amz-meta-ctime: 1660808032
x-amz-meta-mode: 33188
content-encoding: br
content-length: 126712
x-amz-id-2: IkvE4TraYnNxlBvnDHGrFB08jq4ZCPB18dSQY9AbPLqHnOMtNiz4ZAM7Ja83XvEAQgkuPz+rCxo=
x-served-by: cache-yul12820-YUL
accept-ranges: bytes
last-modified: Thu, 18 Aug 2022 07:33:53 GMT
server: AmazonS3-br
x-timer: S1661034045.710733,VS0,VE0
etag: "5f22089507fa10d5707ce2727a7dc3e8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: SYAPJXCJYNHA0WCC
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 66239

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_1_8/assets/css/ 63 KB
9 KB 11ms
11ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_1_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 varnish
age: 225842
x-amz-meta-mtime: 1660808085
x-cache: HIT
x-amz-meta-ctime: 1660808085
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8297
x-amz-id-2: 7jUuZiRCMTLiLT27AQk8ZRJsTuGa3qta7HUoiIwXM+ymFZZWhOGGuwzGQvRfCqwmJJTaUx2fnBM=
x-served-by: cache-yul12824-YUL
accept-ranges: bytes
last-modified: Thu, 18 Aug 2022 07:34:46 GMT
server: AmazonS3-br
x-timer: S1661034045.688749,VS0,VE0
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: EEYWNZJ4RXXNDT1A
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 210393

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v14.7.2/ 426 KB
85 KB 12ms
11ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.7.2/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_1_8/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ba9cd33ba068be2e8f9e08809d1ff0b208692b741b86dbe996cf23953feaa8e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 varnish
age: 314928
x-amz-meta-mtime: 1660719037
x-cache: HIT
x-amz-meta-ctime: 1660719050
x-amz-meta-mode: 33188
content-encoding: br
content-length: 86523
x-amz-id-2: LNWbdE9ty2h9WwOG2e/xpg8iMmMusMDtbrI3TB5a3b+0R9gVP39Kk9i3WsSZ74imo4oMdNhkn1U=
x-served-by: cache-yul12824-YUL
accept-ranges: bytes
last-modified: Wed, 17 Aug 2022 06:50:51 GMT
server: AmazonS3-br
x-timer: S1661034045.873670,VS0,VE0
etag: "e811661e4f469a8bf2e763c67e43d1cf"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 80DD2BFMK4SGKVB9
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 309195

GET
H2 200 sync Show response
us-match.taboola.com/ Frame 7C07 8 KB
8 KB 21ms
21ms Document
text/html 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://us-match.taboola.com/sync?dast=V7VT4CFgOx1hBiz8OEWgSx1hBiz8OEWgUAAAAGBuIHJGUyzQbL1WwtnJmMa9HCt1sLF8aJW-ZZLRyj2Ww5GFmGQFIm02ywXM3WwpnJuBYtfLu1cGGcuGWe1cIxms2Wg5FlChjCMvt9BwXl9PSYXQZR0fW22B1Os-cNZWg6HT7XvV7stHttL8vp6XnZRX7f3ex3mPwiv-9u9jtMfs1qMJzsRX_j0-P2m6zXt-xpeKtddtdbZ3q49sIPhdc89t50v8n5tUyfi9WDd9sxO8-t0zSc7Fl3AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAMNkQiA45ENpvN11eDrM_AAAAAEAAAAAASAAK7kJLADY0Jk_-_________2MG6DNvZP7___9vFHoAHnwAHoQAAAAuhmjJFYPjC21WiQgIixgBAAAAVOJk9h5N6oTKour__7_fCuAKACBAsBcLQyJLd1DiLQwAAIBgbIEeFr_f7LBr_G6X_f________-b_Z_9ownZAACkCU-i2Kv9AgIArP0CAgCwqRsAwFsAXNARtGIwWJ1C7IazxW6zW05mBwAAAHD3____rweCE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5vFe-Oq4Ayzqi14chLLPfd1BQTk-P2WUQFV1vi93hNHvuN2GL0Woy2SyHs-ViMhiOhqPR_gZiMBrgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiJMWSwO32AzXKuGo-VaNNoN18LVaLTWjGwOy2C5W05mo7Xo9TE9Zw6XZ2LxomCA114kT4t0InHZViaTzbZcrjbDmXHicaxsFttq43H4RqbhzGIRSzQni3Qiu-yLE5vJtBs5PMPZxmUczUwTz8wycm1sntFkN1t5_C2LxeEbbIZr1XC0XItGu-FauBqN1pqRzWEZLHfLyWy0Fr0-pufM4fJMLP7GbLYYbEaD0WbfmM0Wg81oMNrsO3SG7-pzNjqjo5PH59BOe8blzWFQuAwW70p1WmkLkoM2exU5XZqZsqgzKp_fkdeg8Bw8po8t-hd5tpWvtWRUOA4GRSwRXKQTsdPutb0sp6fn5RY77V636G8RS5Smi3SiF_l9d7PfYfJrVoPhZC_6G58et99kvb5lT8Nb7bK73jrTw7UXfiy-5_H3tvtNzq9l-lysHr7bzvl5bp2m4WTvuoglgtNFOhG9jKeL-o8OMVrOVbO5YrWZK4bLVQIAAAAAAAAAWMKceRMAAACA02BWw81gtc6D2O1mk91quQASLF66QAtwDDjSUffFjR9PsNPutb0sp6fn5RY77V636G9lAAkWLebNnwlirVbLGgAAQAAbAAAggFs3b4HoUPz___9_HAAAgIwcPQAAgPg-0Axu1HqhBy6_wRY3u826!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_1_8/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 939618f1ab6c3c62708540151a9470d0f9d8e55eeaf060da783ac8877e972e31

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 20 Aug 2022 22:20:44 GMT
machineid: 3108
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 23ms
11ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://linkvertise.download/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish
age: 57197
x-amz-meta-mtime: 1497790207
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-yul12824-YUL
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1661034045.919977,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: YUL62-C2
accept-ranges: bytes
content-type: video/mp4
access-control-allow-headers: *
x-amz-cf-id: 0Wwp0qQPTOe4z1VTy46V7usYwzVot9xEt7H5eXIsV8sUReRowYzRVA==
x-cache-hits: 64398

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
131 B 39ms
39ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=166103404275332964686286_N4Ig1ghiBcIKwBY4HYEA4AmAGAtAJiwwDYcBGUgUwxwCMNTqBOAZmSKwubTUoxABpwNGKUEBjAG4wQwADogANgHsxEBQH0AzgBclAJwgBzCvOjzEKdNnyES5KrXpNW7Tt17z+8zRU2aAlkoAdlq6Bsam5kiomLgExGS8jgw4LGwcXDxUnvJiSkpg-hTqGBDaEJHw0VZxtokOdClprpkeIAC+AiCG2gBmMADaWPzDw3gjALqCPZqDoyMLWFMgOrPQQ4uLyxRi2gC20kTkXRQAHtJYXZp50qRER1jMCFgIeOpwpMwvcIgIyHB4K55frQUQrPLaW73UiPZ6vd6fb6-f5vNA0AhoZA0GF4MSMTgUOC9XpUUhiUh-NBUNHINBApR9ESCa4MviwO4PJ4vN4fL5IZEA9TIUhYxhHXpiCiMCXICgQP7ILBksREYhwCgUqX07QYEFgiiQaSICDxRU2BL2ag0dhwHBwGhiYkS0hoCDIKCCA3CUHiCRrGTyZSqDQ6fRGEwwKImwhm+J2JLWrC2+2O4nk13unIrXwBYKhMMRSNVaMYWN1S20G12h1O9NuioCXL5QrFUrlSrG021C0Jqsp2su+vyTqetSDbYQAAOgxAFMYADo4ER56Q4MwV2hGCBlv4pNBxitytoAK5rAaMfh4Zj8F03xjLABeUB9IEnhmkUmmAAsoZy4Xh-mYZg8DFBAiDQIg8Agro-UOecsHnBBGC3QQx2ga8QAlGAyE9bR-F-GEuVeK5tHfaBhhWMACNhbkET5H4ED+AETn8ad2SQxdl1XdcXRQkAJAoPRpEnPQlD4T1j2fMFj3w8jPQkBRx0ESdYPWZZNAUHRqKIgC-i6BQ9XEU9tHUfw2RANAAGEAFUAHEUGs0gADUYP8UzzI5Qi4QpZAgMYV4CC6QwxBEaEaMYxgsAvEAAEcKCZTDZOYdogA
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

POST
H2 204 bulk Show response
trc.taboola.com/linkvertise-link-to/log/3/ 0
329 B 30ms
29ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/linkvertise-link-to/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 18
pragma: no-cache
date: Sat, 20 Aug 2022 22:20:44 GMT
via: 1.1 varnish
server: nginx
x-timer: S1661034045.919698,VS0,VE18
x-served-by: cache-yul12824-YUL
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 vpaid.js Show response
powerad.ai/vast/ Frame C6BA 65 KB
13 KB 76ms
28ms Script
application/javascript 54.158.11.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/vast/vpaid.js
Requested by: Host: sdk.streamrail.com
URL: https://sdk.streamrail.com/blade/sr.bladex.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.11.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-11-168.compute-1.amazonaws.com
Software: / Express
Resource Hash: 9c6f48dabebd7b56fea9e574fd8be5ffd756ef01e9e17ba2f16a31a667a5caf4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 11:17:10 GMT
x-powered-by: Express
etag: W/"10532-182b5d23bf4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 14046 Show response
hb.brainlyads.com/json-parts/ Frame C6BA 3 KB
1 KB 83ms
24ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/14046

Requested by

Host: powerad.ai
URL: https://powerad.ai/vast/vpaid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / Express

Resource Hash

bdb110bb73163cfabf64e222d791ebc75378499ba2fee6af5fc8259cf8e1fd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
etag: W/"b92-0kvXxb8OWpvxTX6/Ayn30PV4+vk"
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 pbjs_wrapper.js Show response
hb.brainlyads.com/ Frame F4DF 19 KB
7 KB 73ms
25ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/vast/vpaid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6d54791e4fa937d2b5b89e10908c9dd42140bac35fe7f358432fde7ec89de2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
last-modified: Mon, 08 Aug 2022 16:57:24 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62f14074-4d24"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 27 Aug 2022 22:20:46 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame F4DF 574 KB
171 KB 28ms
28ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

edb50fe914a87cb3b398dbac39b83d81de7d4adbebebdf666ffc1f9997ef554e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 15:07:30 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62e2a632-8f793"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Sat, 27 Aug 2022 22:20:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F4DF 83 KB
28 KB 93ms
35ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccbe73def45b5faee29dd3626d2ebaec5bd922fdd260225d1bdc8f9bd03465d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28485
x-xss-protection: 0
server: sffe
etag: "1309 / 76 of 1000 / last-modified: 1660946721"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 20 Aug 2022 22:20:46 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame F4DF 15 B
368 B 41ms
10ms XHR
application/json 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://linkvertise.download
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 c Show response
prebid.a-mo.net/a/ Frame F4DF 459 B
841 B 71ms
21ms XHR
application/json 145.40.88.5
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 2cd88acf1e8e04767b951451d9470fbedbd88305907b8a596a8a33da3319c479

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://linkvertise.download
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 274

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame F4DF 139 B
385 B 119ms
75ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=c2ojccQHar7ik7rkHcnnVW
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b19341208f957a8c418fc3ec12ceb3779f27d0fa648886a7d6a7f7489c67370f

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://linkvertise.download
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F4DF 138 B
990 B 40ms
39ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ef37fef23b22edeadd9e9d2f49efef29354a205941b176cb98276917d9ae78ec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Aug 2022 22:20:46 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: e8ff6967-15d8-49a6-9576-0c0962f5fc46
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://linkvertise.download
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F4DF 144 B
1 KB 94ms
58ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ba79b81c113a1368f716688cab3d62dcc0b99ab7795992dfb5ef57294a1831ff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Aug 2022 22:20:46 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0691dc6e-cb50-4b41-8acf-86e97f9e3845
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://linkvertise.download
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avjp Show response
next-millennium-d.openx.net/v/1.0/ Frame F4DF 106 B
417 B 74ms
48ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://next-millennium-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=80c4b3a1-2ef5-4955-abee-7ac29c732d51&nocache=1661034046760&schain=1.0%2C1!nextmillennium.io%2C16097%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A300%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fx-ms-wmv%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22linearity%22%3A1%2C%22startdelay%22%3A1%2C%22placement%22%3A1%7D%7D%5D%7D&auid=540225762&vwd=400&vht=300
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:46 GMT
via: 1.1 google
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://linkvertise.download
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 43ms
43ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7DRMH8RP03&gtm=2oe8h0&_p=1645246227&cid=55841967.1661034042&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661034041&sct=1&seg=0&dl=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&dt=Loading...%20%7C%20Linkvertise&en=scroll&epn.percent_scrolled=90&_et=13
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7DRMH8RP03&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 22:20:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://linkvertise.download
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F4DF 384 KB
131 KB 77ms
19ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 10:41:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Aug 2023 10:41:15 GMT

GET
H2 200 ptmd
dts.clnmde.com/ 70 B
131 B 40ms
39ms Image
image/gif 34.111.96.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dts.clnmde.com/ptmd?t=166103404275332964686286_N4IgHgZiBcIAwDYIEYDGAmAnAEwEbowHYBWADnQFNcBmXUuAFhXWIWvULhABpwIAXGCFLUKCCpky4IDOLkIME6ahFTViyFdjipimOOmw8QEAIYwA2tRKlkcQqVbc7pbnDcf3Xzz+9eAurxmAM4wCLwAFhGWxITcZIEmUNDIvACuaTAM1AxBAG5CxgCWBdC5IMH8pvxpodBW7izOmIkAXuYpvAAOAOZCBbw90bDICAh2OYwcxNTsmAiKpEpLxnl1IAgAdHCbDJLGpgA2MNRBqDAAtKkgFPxFQqPjcJMM6MaVfdDuFQDWD2MTWSvAD6GmojGIxAYDBIb14FCKXQee02rE2yBm6NImFWFAATkIuniAPZGeFpDrXNL3L7wvLHeqJLprSzwAAE6E5CDZyBAiWCh0q-yeLw4MOMh2S11QtX4wKKRlgpAAwgBVADisVVyAAaqsivLFSBHoDGMgYbNMK90FxBucUgDnkCEA50LwAI4UGDXCA0hgAXyAA
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/download/35082/toxicmodzz-vip-menu-gta5/xCBWyXwMnodyk2z91uAw6GYs9ki482Ou
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.96.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.96.111.34.bc.googleusercontent.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://linkvertise.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
via: 1.1 google
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
x-powered-by: Express
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif
access-control-allow-origin: *
alt-svc: clear

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5199 375 KB
125 KB 105ms
51ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/vast/vpaid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9de60a4a40041bcdd773e2c469628982e863dceb6fafa771a72cb6b8ad2d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127726
x-xss-protection: 0
expires: Sat, 20 Aug 2022 22:20:46 GMT

GET
H3 200 bridge3.525.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C05F 635 KB
205 KB 70ms
20ms Document
text/html 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d47d16bf34e4c557ae13192bf351083ee15c9bed72a139fb1e14272d7b391230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://linkvertise.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 241659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210284
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Aug 2022 03:13:08 GMT
expires: Fri, 18 Aug 2023 03:13:08 GMT
last-modified: Mon, 15 Aug 2022 15:50:27 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5199 44 KB
17 KB 119ms
38ms Script
text/javascript 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Aug 2022 22:20:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5199 107 B
549 B 114ms
47ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Aug 2022 22:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C05F 156 B
142 B 167ms
126ms XHR
text/xml 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=3756480255707395&sz=400x300&url=https%3A%2F%2Flinkvertise.download%2Fdownload%2F35082%2Ftoxicmodzz-vip-menu-gta5%2FxCBWyXwMnodyk2z91uAw6GYs9ki482Ou&iu=%2F90814396%2FLinkvertise_video_HB&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.525.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4207345325&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.525.0&sid=3293607A-5665-447D-910B-8B99E871128A&nel=0&eid=44737473%2C44752996%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&ref=https%3A%2F%2Flinkvertise.download%2F&dt=1661034047278&cookie_enabled=1&scor=3489994020903683&ged=ve4_td0_er965.1610.1119.1910_vi0.0.1200.1600_vp0_eb16616

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.525.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 22:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST statistics-form-data
report2.hb.brainlyads.com/ Frame F4DF 0
0

POST
H3 204 m Show response
k.streamrail.com/ 0
10 B 75ms
42ms XHR
text/plain 107.178.247.57
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://k.streamrail.com/m
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.247.57 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 57.247.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://linkvertise.download
date: Sat, 20 Aug 2022 22:20:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 m Show response
k.streamrail.com/ 0
10 B 42ms
42ms XHR
text/plain 107.178.247.57
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://k.streamrail.com/m
Requested by: Host: linkvertise.download
URL: https://linkvertise.download/polyfills-es2015.969a1913cf35389c10c8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.247.57 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 57.247.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://linkvertise.download/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://linkvertise.download
date: Sat, 20 Aug 2022 22:20:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us?gdpr=0&consent_string=0&loc=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D

Domain: report2.hb.brainlyads.com
URL: https://report2.hb.brainlyads.com/statistics-form-data

Verdicts & Comments Add Verdict or Comment

313 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

92 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkvertise.download/	1970-01-20 07:33:30	Name: _gcl_au Value: 1.1.719196897.1661034042
linkvertise.download/	1970-01-20 05:38:18	Name: userRecurring Value: FALSE
.linkvertise.download/	1970-01-20 05:25:20	Name: _gid Value: GA1.2.1753778966.1661034042
.linkvertise.download/	1970-01-20 05:23:54	Name: _gat_UA-123426114-2 Value: 1
.linkvertise.download/	1970-01-20 14:59:54	Name: _ga_7DRMH8RP03 Value: GS1.1.1661034041.1.0.1661034041.0.0.0
.linkvertise.download/	1970-01-20 14:59:54	Name: _ga Value: GA1.1.55841967.1661034042
paper.ostrichesica.com/	1970-01-20 13:27:44	Name: cg_uuid Value: 5aae655e0164d0e101cfa397fcb0519d
.publicdomainpictures.net/	1970-01-20 05:23:55	Name: __cf_bm Value: NfiWteW9FF.esu8YZVXIlJ2ZzkdQCtMOMovk9gawd0I-1661034042-0-Aczz9D7O78E2Pi8Ee+PGUrh697pHdicE8GNr6JPJTSuttHfw76iAZHqnO2t/lCCwJkKT7nBHnDn4XQ9kkN5G/Aw=
.linkvertise.download/	1970-01-20 14:59:54	Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78 Value: Direct
.linkvertise.download/	1970-01-20 14:59:54	Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1661034042759
.linkvertise.download/	1970-01-20 05:23:55	Name: bfp_sn_pl Value: 1661034042\|1_513045544752
linkvertise.download/	1970-01-20 05:23:55	Name: session_depth Value: linkvertise.download%3D1%7C373507965%3D1%7C253396163%3D1
.linkvertise.download/	1970-01-20 14:59:54	Name: bafp Value: 545748d0-20d6-11ed-bd1d-93760e3881ed
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 05:23:55	Name: bfp_sn Value: 1661034042_513045544752
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 05:23:55	Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78 Value: 1661034042_513045544752_8b2087b102c9e3e5ffed1c1478ed8b78
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 05:23:55	Name: bfp_sn_td_717b961fce9fc7ea47701cc6d65e14e9 Value: 1661034042_513045544752_717b961fce9fc7ea47701cc6d65e14e9
.pxlclnmdecom-a.akamaihd.net/	1970-01-20 14:59:54	Name: bafp_t Value: 54a20d70-20d6-11ed-b605-5bcfffc18a7a
linkvertise.download/	1970-01-20 14:09:30	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Debba7038-5849-4478-8544-3dfa20979264-tuct9fae3bb
.intentiq.com/	1970-01-20 14:59:54	Name: IQver Value: 1.9
.intentiq.com/	1970-01-20 14:59:54	Name: intentIQ Value: KC407fjEX4
.intentiq.com/	1970-01-20 14:59:54	Name: intentIQCDate Value: 1661034044231
.intentiq.com/	1970-01-20 06:07:06	Name: IQRubiconCookieSync Value: 1661034044241
.intentiq.com/	1970-01-20 14:59:54	Name: CSDT Value: UEQ6MTUxMjVfMCZURjVsWlpK
.intentiq.com/	1970-01-20 14:59:54	Name: ASDT Value: 0
.intentiq.com/	1970-01-20 14:59:54	Name: IQPData Value: 2503514557#1661034044231#0#1661034044231
.yellowblue.io/	1970-01-20 06:07:06	Name: wrvUserID Value: owOUipjak
.openx.net/	1970-01-20 14:09:30	Name: i Value: 84ea2e02-9975-4b99-b7cc-7cbddc062476\|1661034044
.pubmatic.com/	1970-01-20 05:25:20	Name: KTPCACOOKIE Value: YES
.technoratimedia.com/	1970-01-20 14:59:54	Name: tads_uid Value: FA84A57380CF450A9E4FC0C8BEE5DC39
.technoratimedia.com/	1970-01-20 14:59:54	Name: tads_uid_cd Value: 20220820182044-0400
.technoratimedia.com/	1970-01-20 14:59:54	Name: tads_zora Value: 2
.pubmatic.com/	1970-01-20 07:33:30	Name: SyncRTB3 Value: 1662163200%3A220
.pubmatic.com/	1970-01-20 07:33:30	Name: KADUSERCOOKIE Value: B14F2A40-4986-4486-88D5-CFC3838DE718
.casalemedia.com/	1970-01-20 14:09:30	Name: CMID Value: YwFePEFT0gJ8ZLYdQXj7BgAA
.casalemedia.com/	1970-01-20 07:33:30	Name: CMPS Value: 138
.casalemedia.com/	1970-01-20 07:33:30	Name: CMPRO Value: 138
.emxdgt.com/	1970-01-20 07:33:30	Name: uid Value: 56791661034044376010b3
.bidswitch.net/	1970-01-20 14:09:30	Name: tuuid Value: fae6614c-d413-44b1-88b3-c5b0bb9793a8
.bidswitch.net/	1970-01-20 14:09:30	Name: c Value: 1661034044
.bidswitch.net/	1970-01-20 14:09:30	Name: tuuid_lu Value: 1661034044
.rubiconproject.com/	1970-01-20 14:09:30	Name: khaos Value: L72GS7AK-27-8036
.media.net/	1970-01-20 14:09:30	Name: visitor-id Value: 3040356441455740000V10
.media.net/	1970-01-20 14:09:30	Name: data-ris Value: {{APID}}~~25
.csync.loopme.me/	1970-01-20 07:36:22	Name: viewer_token Value: df56b229-6e59-4c71-9d8c-b99722e481bb
.spotxchange.com/	1970-01-20 06:04:13	Name: audience Value: 55484a5f-20d6-11ed-b08b-125e01710403
.33across.com/	1970-01-20 14:09:30	Name: 33x_ps Value: u%3D78211126683458%3As1%3D1661034044433%3Ats%3D1661034044433
.casalemedia.com/	1970-01-20 07:33:30	Name: CMTS Value: 097
.adnxs.com/	1970-01-20 07:33:30	Name: uuid2 Value: 361841949617637721
.adsrvr.org/	1970-01-20 14:09:30	Name: TDID Value: fe12010f-1b82-45cc-b3fc-d2b4d75d6e37
.emxdgt.com/	1970-01-20 07:33:30	Name: apn_id Value: 361841949617637721
.sharethrough.com/	1970-01-20 06:07:06	Name: stx_user_id Value: 3e72ada8-ebce-4097-8126-4d2509c1b8ea
.mookie1.com/	1970-01-20 14:52:42	Name: id Value: 10594858865230008242
.mookie1.com/	1970-01-20 14:52:42	Name: mdata Value: 1\|10594858865230008242\|1661034044525
.mookie1.com/	1970-01-20 14:52:42	Name: ov Value: 5967e369a53bd10c85a4f5dfb6b12321
.doubleclick.net/	1970-01-20 14:59:54	Name: IDE Value: AHWqTUnAjbYuLzy2CU_RXA1DUDMU2weJkEZ4hwwJuPl-B-YgT02IF_CUGP7BrhnPi7A
.yahoo.com/	1970-01-20 14:09:51	Name: A3 Value: d=AQABBDxeAWMCEEUNH2q26mMhhvCrxyNHmZUFEgEBAQGvAmMLYwAAAAAA_eMAAA&S=AQAAAq1JeTUjNAXU_Xz9hZQYkxk
.contextweb.com/	1970-01-20 14:02:18	Name: V Value: BSTTHBlgSSTE
.contextweb.com/	1970-01-20 14:09:30	Name: pb_rtb_ev Value: 3-1fn5\|8i8.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: ea2a748c9cddd55d
.yieldmo.com/	1970-01-20 14:09:30	Name: yieldmo_id Value: gfdb5d6fe8575948e491%7C1661034044589%7C0%7C
.1rx.io/	1970-01-20 14:09:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-50fc0f89-6540-40df-ad96-fc4940425e79-005%22%7D
.analytics.yahoo.com/	1970-01-20 14:09:30	Name: IDSYNC Value: 196b~26pa
.adsrvr.org/	1970-01-20 14:09:30	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMzpr56IwYE7EAUYBSACKAIyCwislZPKnsGBOxAFOAE.
.tapad.com/	1970-01-20 06:50:18	Name: TapAd_TS Value: 1661034044661
.tapad.com/	1970-01-20 06:50:18	Name: TapAd_DID Value: e82e2379-cb06-4391-83da-f4c2c6a8d105
.rlcdn.com/	1970-01-20 14:09:30	Name: rlas3 Value: LtRFDyHn6fN2KGZsqyUMf0qWzprjjlGz4FKG+LWqMYk=
.rlcdn.com/	1970-01-20 06:50:18	Name: pxrc Value: CLy8hZgGEgYIkLwrEAA=
.pubmatic.com/	1970-01-20 05:25:20	Name: pi Value: 160295:3
.pubmatic.com/	1970-01-20 07:33:30	Name: chkChromeAb67Sec Value: 2
.tapad.com/	1970-01-20 06:50:18	Name: TapAd_3WAY_SYNCS Value:
.amazon-adsystem.com/	1970-01-20 14:59:54	Name: ad-privacy Value: 0
.targeting.unrulymedia.com/	1970-01-20 14:09:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-50fc0f89-6540-40df-ad96-fc4940425e79-005%22%7D
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:09:30	Name: bcookie Value: "v=2&844e413e-dbf5-4fca-8c68-294f6d96cdcd"
.linkedin.com/	1970-01-20 05:25:20	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2855:u=1:x=1:i=1661034044:t=1661120444:v=2:sig=AQEwzzppTZ4EOHGaQYX1-NTGj8lqH4jm"
.mookie1.com/	1970-01-20 05:38:18	Name: syncdata_TAP Value: 1
.id5-sync.com/	1970-01-20 05:23:54	Name: cf Value:
.id5-sync.com/	1970-01-20 05:23:54	Name: cip Value:
.id5-sync.com/	1970-01-20 05:23:54	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:23:54	Name: car Value:
.id5-sync.com/	1970-01-20 05:23:54	Name: gdpr Value:
.id5-sync.com/	1970-01-20 07:33:30	Name: id5 Value: ea910901-ffd3-4ed3-9422-5ca1c770e3d3#1661034044920#2
.id5-sync.com/	1970-01-20 07:33:30	Name: 3pi Value:
.id5-sync.com/	1970-01-20 05:23:54	Name: callback Value:
.agkn.com/	1970-01-20 14:09:30	Name: ab Value: 0001%3Al2T%2FjLfvsSkO7VseDcinB6DLtOmxrKji
.mookie1.com/	1970-01-20 05:38:18	Name: syncdata_NEU Value: 1
.amazon-adsystem.com/	1970-01-20 10:46:27	Name: ad-id Value: AxTTZGD0uEO_m_epgUDizG0
.rubiconproject.com/	1970-01-20 14:09:30	Name: audit Value: 1\|qnh5XA7k5KWzN4XVlfJ4UlcuyZEaVDctu4kzXES0/NYeECEUBMheig8gy4noq0p6K2uCfTXLWd8wHTRO1/p4iDcYwaIiGgn/Et8cd8xWptZl2ndT0ED6s0Lk81W9BIW2k1zVRnAxaUaX67LvzU7ejoN9+lF6+rYV1SCUj/Cq7UqfcKIYYCJB3NAPlTu0R9RN
.prebid.a-mo.net/	1970-01-20 14:09:30	Name: __amc Value: 1_1661034046_1661034046
.a-mo.net/	1970-01-20 14:09:30	Name: amuid2 Value: 34d106d9-3c3c-4338-b836-aa2a66a6f69c
.prebid.a-mo.net/	1970-01-20 14:09:30	Name: sd_amuid2 Value: 34d106d9-3c3c-4338-b836-aa2a66a6f69c
.adnxs.com/	1970-01-20 07:33:30	Name: icu Value: ChkI3MeEARAKGAEgASgBML68hZgGOAFAAUgBEL68hZgGGAA.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUG57U1V(Line 14) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
ads.nighttstand.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
api.intentiq.com
api.vidiom.net
bcbolt446c5271-a.akamaihd.net
bh.contextweb.com
cdn.linkvertise.com
cdn.taboola.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
cm.g.doubleclick.net
contextual.media.net
cs.emxdgt.com
cs.yellowblue.io
csync.loopme.me
dts.clnmde.com
dts6.clnmde.com
edge.api.brightcove.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hb.brainlyads.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
img.youtube.com
imprnjmp.taboola.com
js.chargebee.com
k.streamrail.com
linkvertise.chargebeestatic.com
linkvertise.download
manifest.prod.boltdns.net
match.adsrvr.org
match.sharethrough.com
maxst.icons8.com
metrics.brightcove.com
next-millennium-d.openx.net
odr.mookie1.com
onetag-sys.com
p.typekit.net
paper.ostrichesica.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
players.brightcove.net
powerad.ai
prebid.a-mo.net
publisher.linkvertise.com
px.ads.linkedin.com
pxlclnmdecom-a.akamaihd.net
report2.hb.brainlyads.com
s.amazon-adsystem.com
s0.2mdn.net
sand.ostrichesica.com
sdk.streamrail.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
t1.gstatic.com
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
use.typekit.net
vidstat.taboola.com
vidstatb.taboola.com
vjs.zencdn.net
wf.taboola.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.publicdomainpictures.net
www.thinksuggest.org
x.bidswitch.net
report2.hb.brainlyads.com
sync.go.sonobi.com
104.102.251.152
104.18.18.126
107.178.246.49
107.178.247.57
108.138.106.100
108.139.47.46
108.139.47.69
129.80.94.115
13.226.39.49
141.226.224.48
141.95.98.66
142.250.65.194
142.251.35.162
145.40.88.5
151.101.129.44
151.101.193.44
151.101.66.27
162.248.18.11
18.214.193.123
184.29.129.54
192.35.249.120
198.148.27.139
199.127.204.147
20.127.253.7
2001:4998:1c:800::1000
23.20.158.212
23.41.168.23
23.66.229.147
23.73.244.44
2600:141b:13::17d7:82c3
2600:141b:13::17d7:82c8
2600:141b:13::17d7:82ea
2600:1901:0:cba2::
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:21ec:6000:a:c092:f740:93a1
2600:9000:2209:c400:c:492d:cd80:93a1
2606:4700:10::6814:2da2
2606:4700:3033::6815:447e
2606:4700:3034::ac43:c3a1
2606:4700:3036::6815:cc3
2606:4700::6811:190e
2606:4700::6812:bcf
2606:4700::6813:ac6c
2607:f8b0:4004:c06::9d
2607:f8b0:4006:809::2006
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::2002
2620:1ec:21::14
2a01:4f8:13b:192e:2:2:ffff:2
2a02:6ea0:c400::11
2a04:4e42::729
3.218.90.66
3.223.235.82
3.33.220.150
34.111.96.116
34.149.20.76
34.199.102.77
34.207.4.184
34.98.64.218
35.190.60.146
35.190.90.30
35.211.178.172
35.244.232.184
51.222.239.230
52.46.128.147
52.70.80.198
52.85.61.88
52.85.61.92
52.94.222.140
54.158.11.168
54.198.189.0
67.202.105.23
68.67.160.26
69.173.151.100
8.28.7.83
8.43.72.98
99.84.37.57
02696a1a0fde9653d80de55b4fb1096b88746c00549e4937f3aca36d5044abcf
03629f92211e5e1109078210182cbc262c6af05ef0bf6037ca8310e62448c95a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
07a463f8a435ff24b34621fa69d05ca6f8008bf9f75358f94ef969bf24bfdcc9
081aaa5e696c59cdd8ee848c82a9d906c39c0238e038f259d6927e3704eb7f11
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0626dcaf8a2bc9bbbe18dd5aa9eac6eba661b6d3ccad3e78cca8dedf09b2ce
0d8a6828f215a7cf57c457d54dc100bc7a73928ff68297dd22d451de053dca6b
0e5657c39160abaf0a9033e2e8a30728dcae3a5c33969150ab85c0a91d2e2daa
104677a0f5e8b6f902f921ee6b02f47193f0a5d4832093facbd0b08d5c98be13
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
11f8845b71933a283feef80429c30444d8ed30e2bfb46b051c1b83364362db3d
1283c45f0e6af2ad475ea0e45924d26a2b7b961bae669bfa904a78b272c1a1b0
13b6581e5665a9e516751b0326354eaeb7853be7cbe4153adc6cad59b683e889
17b6e35c461004dfbeac437344a9266bafcfa1cc293626f14835ab60c2862bdc
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fb0cb91f400f2b69d68f338149feb0b50afe11df92adf798470abcb0a76dc24
1fcda6ce28f6ad6240699f87bced665010be4bbc556fd4da3105e40080a22e58
20ab8177825280cfa61b52e33eea57e8f3d94e5e63bcd2c0247f82cc27e3352e
273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a
2aa840d413b4de13e123e79e7dece94cb5ac536703f0963469b72d737963198a
2cd88acf1e8e04767b951451d9470fbedbd88305907b8a596a8a33da3319c479
2e6d4dc9cebd2af2b983d8cf1fee4816ffc91db13729155cfeb46c0644063f27
2f6ae209778e40807655e3d775c4b9408f0cb9dbf19427e6382496a81d70f55c
2fcc066d0086dd9c72d74aedf363b198d6179aca6a66e6156a7f96b3398f9a20
302becc2531a154994178c7742ca28e1c95c328b08492c1f287648ecc4a8c9ad
304476467e3fc9e244f8d986a405beee84da3e81646c64c8476d70e64e8c7ad7
30a41865e201bcb7c0eaaa781bc4d9de1aa3d8c2385698da2e3e8540b0a7da28
30d604f9056ecb2a835c2a7ee65e1e22b4a9155b65adcea60af08b1445823453
3199f240314c1cd776ab9acbd8824b9125982a56553c4955f4f8d68295fb9d36
34b8b76757b6ff96b03b24acf0b67fb690e673c504724dc0cc605dfda74dfcc3
37fb0078a26f5653689475a248e3805b5fbef94081bc4af19cf1182bb23e8f11
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
381ec9823501b056ee269ca62a9508582f7c7cf3cefd6a92bd27613ddb9d71c4
3a63596c775d70c09b4124417efa2007d5e68a131a1822d0493bd0a4f8f8e0bb
3b396c7db2bfc21a81ceaa1789031a4f7ab8b0078c5e504433dd50d7828af018
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42311f31804d8717d7f4ecab84b641240ad30a85ddca9d652d63325b19f9906f
434e27e8926ef4ff37f708d05088cc4160f1d551012ba5d79d61ca4c9c3455c7
447882bb1d3014679759527153b4e4b3ecabfe2c0688c5f4870d13abc1df12ef
47825a900e347c3ebe2ed17dba529d293ca8a3016faaad7ac8b3850df2fcf9f0
4d5ed59107b20367ec153982e912c22d9a7026f312cfac68e70bd644762db6d4
4db486fb99e41fc2cb08882825f95253c3676e4bf6cc2c210e5c6c0ad66473f0
4f2f35e1b2c0e6303c9315039626fb1a7560f713460759f9b212a210f3d7bdd1
556eb112c92e6a1890b1e013d104531116671ec1c61782d2a5d5045a29f022ed
558c578e7c528037f1052b3df570d10c85a362586ed5dea44c15aa5bebde0277
5593812ed51f4f2de527010b8ae1f0fa41ffd0186000b950ee0e30d4690aa442
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
56cf3e897258c9260d6365162ea21a4ea6633b55a3bd1749e4d390f931fc553a
5a3aa5188747ecbe397900d975ab848b7bd99f950038c4fb11c979f3a5965dba
5b47071a02c81693383801aecc7088e04f842989168db75588cd4be960524be9
5b70ad48011cf83779e5beb73f2dcee87d951f011dc03ef091559c590b536b15
5d8d3c0a47e182f05e66c739f9c5f31225c2fd59dec465bbd6fcecac12461311
5eace02e342d846d4b424576a8d4d58a092b5b9ba4c4990abb3db428ef940926
5f9de60a4a40041bcdd773e2c469628982e863dceb6fafa771a72cb6b8ad2d84
60b6075b0fc82bbbfc3b412615e32e2af0d2522c398c40146bd0a9624ba86395
624dceac120f9590ccf8680195464317167cdc56e97d9f3cce4caa8fc8ca619a
63c59982412467a0206538f841cdb0bf098ff5fea756720ce41f22ed0ea19af0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66ea3d6797505470ea117f5a3ab241018b5dd1448af42c2568aefb0cf6aa364b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
696ceb514264f174585cf439129f972b909493a730ce9afe1792118bb44e218f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bbffb8dd31b35301ffd568a6d53fe88abfd567a1037bf68c17e57094c0ce53c
6d54791e4fa937d2b5b89e10908c9dd42140bac35fe7f358432fde7ec89de2d3
6d65ed4b5e5547943c9bddf55f9022d49275bc5b806b5151fca3009a13db1937
6f828aba6d45bcadf19231fc9889f87f687ab3f1a34f263619162493857d3a13
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
723c2dfe77075280c4a8c8ed241f78e714c38bf8144e14fc565b5174bfc7a82c
72bdd6f9814592821297966effb17637fe737b09f6c48e2b717d566edd3af30d
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
76a6e69f501efcba97d0551d4fe836cf017731df5eaab3ce9924e5d7273b1bbe
7830f38d1b2ad0fe04a37e5c2e3cabff38f4db64da69387c5fd5e03578ed5ec2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
793017a3e91e0a5eb94f3499cb029cf3772fad2e73dec60c540a43dde3373574
7c50c4214a98bcdfd7a5986c4c1f48e93b146b45bc6d91d59273dc01e31c9aa0
7c6a0f5dd0902fb92cde1e537734c95c713e10f345685af62402b8247435f1f1
7cb1e77010a4ec3c6b55b5ef37b253f8077d6b748ab2de01b6f0a27841cf040f
7eb0c4590b086c1c5598d39cb257f1bdd7500a053c8122037cf1530b6883c09c
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
7fb97409d4f559eb251f7326a89f5478a221607e8ef4d03ae2ed5b3d0d34e0c8
86803e3e3c94e5c2bc3665a5cac5b4289407704d0523c1116c1881bc407d9887
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86df3118968c70c6e802fd23c7de495e8eeb12f2dde6cbf7285f6eddeeebf9df
887a61f15b3a51985912a97e6682fa2fb6b3a14523df731abe66556962583270
889d32216b10434fc528b3417dc3fabbbb2a9b639f11be31c7546197eb3ae4ba
8c44af787f51e875d3ecc44f5bb1989fce5aeeaa1a48cc0851aec4344b5e6d73
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e5222350bd22079ba76a819e20ccea6be4235110a4b8cebd33564fdda18cab7
900b153b2910e8b137d6f63f2c04e1a155864213d23258bde127697d7f7cb592
939618f1ab6c3c62708540151a9470d0f9d8e55eeaf060da783ac8877e972e31
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fe4ec167979486ac635cd574c88158049513cc39e7e3404d1e2d6a058614d7
99584f816df6714b39895e4032ede0c137cd7fd764abbb64845f25848ccc0565
99fb72b38222f7e6dba79ea86a980ae0625bf3c00b4d51096d618e5566cfa09c
9af23e1a35d560d77232b04adc69d50a19c58ea55ac94bc17ec1a3b7c8ccf8f8
9c6f48dabebd7b56fea9e574fd8be5ffd756ef01e9e17ba2f16a31a667a5caf4
9ec9f50ac6a5dfdf7ace0a047ab4e86a7f8ff297030f93f9b8b4e27c57fdaa51
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a45e6f27c3c47b9c706d964944de1d11ad7cbd9e619ecc9659b0f63bf02895d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d
a710898a402d231b993417b794c50a709fe5396f12b7c855b0e341d86f29a28a
a71c4a80fa73e63ccc8b499a828a32c843c95ee5d42f1b894e23e0940d864b81
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b141292b0744e9ec6b292cda4dbc187a20a26b300a3e2d99e548b6c9ad3c862c
b19341208f957a8c418fc3ec12ceb3779f27d0fa648886a7d6a7f7489c67370f
b1af735cf017f07c82e88c4e7ae104eb140ebec0882691bdc68ad6c1a6e3449f
b6201f3584c94aad51c0cdf8a8e2ba10ac814b1866dc4124c8e95a9991e05dca
b92de97236667df37d7d8ab3ca255405e50b10ba883ce7e989c12b6377ff4c97
ba79b81c113a1368f716688cab3d62dcc0b99ab7795992dfb5ef57294a1831ff
ba9cd33ba068be2e8f9e08809d1ff0b208692b741b86dbe996cf23953feaa8e5
bdb110bb73163cfabf64e222d791ebc75378499ba2fee6af5fc8259cf8e1fd6c
bddd7fb493c77bb08090620dc7d5c58be017da67b861a7fdc2e8daed7f6d5cdc
bf46fd813676defbf8c9e6aea76ecd66896f0f7c6b69af68466a84e618891740
c14ae357a0840aa4b7d791d186418d89d3f756fbfaa8cf138b7024b00860940b
c15f4c509d62e8a3663de04ccb752e4aa3a8d7f6380243e3c46ea347a6e54d2f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27cd3a5edf281c903c344fc4f9b89637b288b65ff4617e90d8d500890cd2414
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
ca72abc28aa52067729524530717cf1a6e618e533b8fd1d595eba421229c047d
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
ce91bd7b9df9ef3878926696ee19b8bbf6cc777a48dea08e3bb7c85d963f2690
cfbbed5d3ec07d4d80fd922f1a8c2e16d4e17acc2ac77ad87d6a2da9752fdd8c
d09e035eb43e62af72227abd93864326eb8d10c4eaaadb31d8e229a2f8c9fe1f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1b1ed242aa8f1b44e94ddebf66e08ec4297fce5f55f3df3169dadf103aa9f32
d2aa778f78649c29ee13c029db9c7d04f59061855eb577152e44e487705c48b3
d3f9d1df8bd9c92322c5a1c136b8741e5fda5cda1c6c178b1e5773ff92fa559b
d47d16bf34e4c557ae13192bf351083ee15c9bed72a139fb1e14272d7b391230
d519d7c7ed0ef60bdff019860cb18b309245d9dd8450acb3ce173f5fe4ff3bc7
d51ad35c382b56ee6f1ebd262f359d37f0c40196d102a42489c51daeb53889b7
d8826abb6f25b98394d68e13e7aba6c8bab2d68f2c39402bf3916d673427648f
dc1ec1c4207db6054b4bccff3e5891772c1cf0dac760b12828ad3134aee196a4
dc4edd6d836289665fe3ddf917d716a70b2af6ddf46253659986afe6bd5c8493
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defb0da9f86d2103035f1b48eef1ec85c5234a8f3e81d97b4d5060fc69172c91
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e160ae423cd859f347f457592e3f8c5b44b871f2777858a868521b3a1bf03ff5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7f54cf81a0ff1f16662abce7b1970ed6a8a8191da96cf05dcf6644d203df3
e41d62cf0ce78fbf46e5296792fec95d6927b03e6788450bf60b94539a822325
e6fb9ccc20a175c91617d984be1c6b2bd5ce7cc7bbaa98ab5b614fc61ed86e6f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9db5cbb7df899e0768a92667dde42c193a51c33185095fd98501f2e283769d3
eb3252d6f5a473f66058ee4aedf9aa4a2374d8275d5032cce5ee28dd3223b2a4
ebbc2ee6e56d3f0e5d82d5393fc853649e9d959a6af445962a75ed1960730b7a
ec849f84387e58ddc1f5f260ba5b615aa799f6c17553612be9306e254a04c471
eccbe73def45b5faee29dd3626d2ebaec5bd922fdd260225d1bdc8f9bd03465d
edb50fe914a87cb3b398dbac39b83d81de7d4adbebebdf666ffc1f9997ef554e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef37fef23b22edeadd9e9d2f49efef29354a205941b176cb98276917d9ae78ec
eff585bd021828f293a470ab1f3e5a3c8e794782831e00c38395474406f8211b
f0bc52c7c40e879112cabdfb65940ff93fb0b29a7fa3209ceb6cafbf597c0dfd
f0d74a1221b8d10ac3cf1f8a5b29b360c54aebed2db2fb751c22d77a4d9ed7d1
f130aba5f2afb61fa9d15d16474a8eb218cdb87ec9231584dec37ce74b63a714
f48a6d82840fe8d6952bd2570b2f0a960b42bba1b10d4786b0564f04be87fa19
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ad402aa2c578977a90f1938f0273e4726c599e17caeeef8b125b3e074e53ce
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f98e1ff060ae3f40d58556ba936f80e5c33614ca7e1aaf9dc07d4690c1d32e67
fb1d962426197c7c45d66894601c8dd5b1e5615ca51a813ee68c959fc24312ca
feb93457e15d527f46a8967385eabee08a1f5381e0a3d3f36442a4309c93a478
fefbb6c23b29fc76a26ace077a44c5278ad3a582b12a3c35b0d72a4e41535869

linkvertise.download Open in urlscan Pro 2606:4700:3033::6815:447e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

255 Requests

83 %HTTPS

37 %IPv6

65 Domains

100 Subdomains

62 IPs

6 Countries

9977 kBTransfer

20681 kBSize

92 Cookies

9 Outgoing links

Redirected requests

255 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

linkvertise.download Open in urlscan Pro
2606:4700:3033::6815:447e Public Scan

Screenshot
Live screenshot

Full Image

255
Requests

83 %
HTTPS

37 %
IPv6

65
Domains

100
Subdomains

62
IPs

6
Countries

9977 kB
Transfer

20681 kB
Size

92
Cookies

255 HTTP transactions
5 data transactions