urlscan.io logo urlscan.io
SecurityTrails logo

secretm.me Open in urlscan Pro
2606:4700:3036::ac43:9ba4  Public Scan

Go To Rescan Add Verdict Report
URL: https://secretm.me/message.php?id=19unixnq
Submission: On September 19 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 15 countries across 119 domains to perform 477 HTTP transactions. The main IP is 2606:4700:3036::ac43:9ba4, located in United States and belongs to CLOUDFLARENET, US. The main domain is secretm.me. The Cisco Umbrella rank of the primary domain is 761251.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.
This is the only time secretm.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
9 139.45.197.251 9002 (RETN-AS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 49 151.101.129.44 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
1 3 13.224.214.36 16509 (AMAZON-02)
1 3 2620:116:800b... 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 13.224.205.195 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 67.226.210.221 26120 (RHYTHMONE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 74.119.119.129 19750 (AS-CRITEO)
2 5 192.96.200.41 30633 (LEASEWEB-...)
2 185.184.10.30 203690 (RTB-HOUSE...)
2 34.107.148.139 15169 (GOOGLE)
1 28 2606:4700:10:... 13335 (CLOUDFLAR...)
2 145.40.89.200 54825 (PACKET)
4 9 68.67.160.26 29990 (ASN-APPNEX)
6 51.222.239.230 16276 (OVH)
1 199.187.193.200 47043 (SMARTADSE...)
2 4 172.98.26.245 399668 (E-PLANNING-)
2 13.224.202.36 16509 (AMAZON-02)
11 2606:4700:303... 13335 (CLOUDFLAR...)
2 3.92.156.8 14618 (AMAZON-AES)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2a0f:f4c1:2::1b 36040 (YOUTUBE)
2 10 141.226.224.48 200478 (TABOOLA-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
4 17 52.46.128.147 16509 (AMAZON-02)
8 184.29.128.213 16625 (AKAMAI-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 6 8.28.7.81 62713 (AS-PUBMATIC)
3 3 2600:9000:20e... 16509 (AMAZON-02)
19 19 35.211.178.172 19527 (GOOGLE-2)
6 7 34.133.71.175 396982 (GOOGLE-CL...)
6 12 3.221.233.8 14618 (AMAZON-AES)
16 23.73.244.44 16625 (AKAMAI-AS)
4 4 2606:ae80:147... 26762 (CNVR-US-EAST)
2 3 35.71.139.29 16509 (AMAZON-02)
3 6 185.167.164.49 198622 (ADFORM)
3 6 151.101.194.49 54113 (FASTLY)
6 6 18.204.235.41 14618 (AMAZON-AES)
18 24 142.250.176.194 15169 (GOOGLE)
2 7 199.187.193.192 47043 (SMARTADSE...)
1 2 198.148.27.140 19189 (PULSEPOINT)
1 1 132.226.41.106 31898 (ORACLE-BM...)
2 31 8.28.7.83 62713 (AS-PUBMATIC)
5 5 216.200.232.249 30419 (MEDIAMATH...)
2 2 173.231.178.83 32475 (SINGLEHOP...)
1 38.91.45.7 398989 (DEEPINTENT)
1 5 74.119.119.150 19750 (AS-CRITEO)
2 2 52.205.223.187 14618 (AMAZON-AES)
11 15 199.127.204.147 26120 (RHYTHMONE)
16 16 35.71.131.137 16509 (AMAZON-02)
4 4 18.235.217.239 14618 (AMAZON-AES)
2 2 69.90.254.78 13768 (COGECO-PEER1)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 72.44.36.54 14618 (AMAZON-AES)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
4 34.149.40.38 15169 (GOOGLE)
3 5 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
4 8.28.7.84 62713 (AS-PUBMATIC)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 54.175.87.114 14618 (AMAZON-AES)
1 1 44.193.193.135 14618 (AMAZON-AES)
3 3 207.198.113.87 13768 (COGECO-PEER1)
1 18.213.85.80 14618 (AMAZON-AES)
2 2 54.85.248.187 14618 (AMAZON-AES)
1 2 4.78.226.233 3356 (LEVEL3)
7 7 68.67.160.76 29990 (ASN-APPNEX)
7 11 69.173.151.100 26667 (RUBICONPR...)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 2 8.43.72.98 26667 (RUBICONPR...)
1 139.45.195.8 9002 (RETN-AS)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.126.160 16509 (AMAZON-02)
7 7 23.3.125.24 16625 (AKAMAI-AS)
1 1 8.39.36.141 26667 (RUBICONPR...)
3 4 63.251.114.137 32475 (SINGLEHOP...)
1 44.209.207.157 14618 (AMAZON-AES)
11 12 162.19.138.117 16276 (OVH)
3 3 69.166.1.10 27630 (AS-XFERNET)
9 10 107.178.246.49 15169 (GOOGLE)
4 4 35.207.24.140 15169 (GOOGLE)
6 7 35.244.159.8 15169 (GOOGLE)
1 185.255.84.153 200271 (IGUANE-)
1 31.220.27.135 39572 (ADVANCEDH...)
1 82.145.213.8 39832 (NO-OPERA)
1 2a04:4e42:600... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 5 104.18.18.126 13335 (CLOUDFLAR...)
2 6 2a02:2638:1::13 44788 (ASN-CRITE...)
27 104.126.112.26 16625 (AKAMAI-AS)
1 23.34.59.152 20940 (AKAMAI-ASN1)
2 15 23.206.216.29 16625 (AKAMAI-AS)
3 74.119.119.139 19750 (AS-CRITEO)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.98.26.241 399668 (E-PLANNING-)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
1 26 2606:4700:10:... 13335 (CLOUDFLAR...)
8 8 64.202.112.127 23352 (SERVERCEN...)
4 8 104.126.112.185 16625 (AKAMAI-AS)
4 4 96.46.186.57 7979 (SERVERS-COM)
2 2 3.92.9.222 14618 (AMAZON-AES)
4 4 199.38.167.129 54312 (ROCKETFUEL)
2 2 35.210.53.219 15169 (GOOGLE)
2 2 3.232.202.111 14618 (AMAZON-AES)
4 4 23.3.125.39 16625 (AKAMAI-AS)
1 1 172.105.235.90 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 74.222.140.126 35908 (VPLSNET)
5 5 141.94.171.214 16276 (OVH)
2 3 34.229.3.43 14618 (AMAZON-AES)
4 4 76.13.32.147 26101 (YAHOO-BF1)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
2 3 13.224.214.125 16509 (AMAZON-02)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 34.201.183.209 14618 (AMAZON-AES)
6 13.224.214.92 16509 (AMAZON-02)
2 2600:1f18:659... 14618 (AMAZON-AES)
2 3 2600:1f18:1c9... ()
5 5 52.40.183.14 16509 (AMAZON-02)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
4 4 34.111.131.239 15169 (GOOGLE)
2 2 199.187.193.199 47043 (SMARTADSE...)
4 16 3.224.10.93 14618 (AMAZON-AES)
2 2 35.190.90.30 15169 (GOOGLE)
5 54.227.59.83 14618 (AMAZON-AES)
2 2 54.80.61.218 14618 (AMAZON-AES)
1 13 104.18.19.126 13335 (CLOUDFLAR...)
1 1 34.96.71.22 15169 (GOOGLE)
2 2 15.235.43.132 16276 (OVH)
1 2 34.236.72.34 14618 (AMAZON-AES)
1 104.16.111.154 13335 (CLOUDFLAR...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2 54.83.49.252 ()
477 106
15    2606:4700:3036::ac43:9ba4 (United States)

ASN13335 (CLOUDFLARENET, US)
secretm.me
1    2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
media.vlitag.com
4    2607:f8b0:4006:81e::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
yonhelioliskor.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
49    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprnjmp.taboola.com
match.taboola.com
3    2607:f8b0:4006:820::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2607:f8b0:4006:820::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    13.224.214.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-36.phl50.r.cloudfront.net
sb.scorecardresearch.com
3    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    2607:f8b0:4006:80c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4006:80d::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
2    2607:f8b0:4006:80a::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:20ed:ea00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    67.226.210.221 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
5    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
2    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
28    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ss-pbs.quantumdex.io
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    68.67.160.26 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
6    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
1    199.187.193.200 (Canada)

ASN47043 (SMARTADSERVER, CA)
prg.smartadserver.com
4    172.98.26.245 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
2    13.224.202.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-202-36.phl50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
11    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
2    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    2607:f8b0:4006:817::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2a0f:f4c1:2::1b (Ukraine)

ASN36040 (YOUTUBE, US)
r8---sn-quxapm-3c2s.googlevideo.com
10    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
us-trc-events.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
1    2600:9000:20ed:1e00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
17    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    184.29.128.213 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
assets.vlitag.com
6    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2600:9000:20ed:a800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
19    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
7    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
12    3.221.233.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-233-8.compute-1.amazonaws.com
match.sharethrough.com
16    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2606:ae80:1471:16::760 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
6    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
6    18.204.235.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-235-41.compute-1.amazonaws.com
match.prod.bidr.io
24    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
cm.g.doubleclick.net
7    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
31    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
5    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    173.231.178.83 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
5    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    52.205.223.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-223-187.compute-1.amazonaws.com
sync.srv.stackadapt.com
15    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
usermatch.targeting.unrulymedia.com
16    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    18.235.217.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-217-239.compute-1.amazonaws.com
pm.w55c.net
2    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    72.44.36.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-36-54.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
4    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    2600:1f18:4e9:5a02:89a8:874b:1d82:df0e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    44.193.193.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-193-135.compute-1.amazonaws.com
sync.ipredictive.com
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    18.213.85.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-85-80.compute-1.amazonaws.com
rtb.adentifi.com
2    54.85.248.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-248-187.compute-1.amazonaws.com
ads.creative-serving.com
2    4.78.226.233 (Fort Worth, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
7    68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    23.3.125.24 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-24.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
4    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
ap.lijit.com
1    44.209.207.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-207-157.compute-1.amazonaws.com
e1.emxdgt.com
12    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
3    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
10    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
1    185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
6    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
27    104.126.112.26 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-26.deploy.static.akamaitechnologies.com
contextual.media.net
1    23.34.59.152 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-152.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
15    23.206.216.29 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-216-29.deploy.static.akamaitechnologies.com
warp.media.net
hblg.media.net
lg3.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2606:4700:3031::6815:29fd (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
2    172.98.26.241 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
4    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
26    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
8    64.202.112.127 (Lovettsville, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
8    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
4    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    3.92.9.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-9-222.compute-1.amazonaws.com
ssp.disqus.com
4    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    3.232.202.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-202-111.compute-1.amazonaws.com
t.pswec.com
4    23.3.125.39 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-39.deploy.static.akamaitechnologies.com
px.owneriq.net
1    172.105.235.90 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1889-90.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    74.222.140.126 (United States)

ASN35908 (VPLSNET, US)
PTR: 74.222.140.126.CUSTOMER.VPLS.NET
match.bnmla.com
5    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
3    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loada.exelator.com
loadus.exelator.com
4    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
3    13.224.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-125.phl50.r.cloudfront.net
aa.agkn.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.201.183.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-183-209.compute-1.amazonaws.com
rtb.gumgum.com
6    13.224.214.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-92.phl50.r.cloudfront.net
tags.crwdcntrl.net
2    2600:1f18:6593:f602:8bd3:480b:a39:d536 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
3    2600:1f18:1c96:4102:a960:6792:1f2e:dfa (None, )

ASN- ()
sync.tidaltv.com
5    52.40.183.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-183-14.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    85.114.159.93 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    199.187.193.199 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
16    3.224.10.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-10-93.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
5    54.227.59.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-59-83.compute-1.amazonaws.com
beacon.krxd.net
2    54.80.61.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-61-218.compute-1.amazonaws.com
usermatch.krxd.net
13    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    34.96.71.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    15.235.43.132 (Canada)

ASN16276 (OVH, FR)
PTR: ns5011542.ip-15-235-43.net
gu.dyntrk.com
2    34.236.72.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-72-34.compute-1.amazonaws.com
um2.eqads.com
1    104.16.111.154 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    54.83.49.252 (None, )

ASN- ()
io.narrative.io
Apex Domain
Subdomains		 Transfer
61 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 697
15.taboola.com — Cisco Umbrella Rank: 7282
images.taboola.com — Cisco Umbrella Rank: 1779
vidstat.taboola.com — Cisco Umbrella Rank: 2577
us-trc-events.taboola.com — Cisco Umbrella Rank: 5910
imprnjmp.taboola.com — Cisco Umbrella Rank: 7167
us-match.taboola.com — Cisco Umbrella Rank: 7165
us-vid-events.taboola.com — Cisco Umbrella Rank: 6770
sync.taboola.com — Cisco Umbrella Rank: 1037
sync-t1.taboola.com — Cisco Umbrella Rank: 1309
match.taboola.com — Cisco Umbrella Rank: 2758
pips.taboola.com — Cisco Umbrella Rank: 1549
cds.taboola.com — Cisco Umbrella Rank: 1446
3 MB
50 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
image2.pubmatic.com — Cisco Umbrella Rank: 883
simage2.pubmatic.com — Cisco Umbrella Rank: 690
image4.pubmatic.com — Cisco Umbrella Rank: 835
simage4.pubmatic.com — Cisco Umbrella Rank: 1191
aud.pubmatic.com — Cisco Umbrella Rank: 4381
74 KB
44 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net — Cisco Umbrella Rank: 559
warp.media.net — Cisco Umbrella Rank: 2230
hblg.media.net — Cisco Umbrella Rank: 1563
lg3.media.net — Cisco Umbrella Rank: 3643
hbx.media.net — Cisco Umbrella Rank: 1441
cs.media.net — Cisco Umbrella Rank: 1318
c21lg-d.media.net — Cisco Umbrella Rank: 1716
216 KB
37 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 564
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4436
92 KB
28 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11028
sync.quantumdex.io — Cisco Umbrella Rank: 5385
ss-pbs.quantumdex.io — Cisco Umbrella Rank: 39781
5 KB
26 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1707
mwzeom.zeotap.com — Cisco Umbrella Rank: 1669
7 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
133 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
64 KB
22 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1273
bcp.crwdcntrl.net — Cisco Umbrella Rank: 838
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
46 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
8 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
13 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
acdn.adnxs.com — Cisco Umbrella Rank: 611
30 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
9 KB
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
dis.criteo.com — Cisco Umbrella Rank: 688
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
12 KB
15 secretm.me
secretm.me — Cisco Umbrella Rank: 761251
188 KB
13 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 858
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
cms.analytics.yahoo.com — Cisco Umbrella Rank: 869
5 KB
12 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
19 KB
12 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
3 KB
11 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 20891
4 KB
11 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 22547
assets.vlitag.com — Cisco Umbrella Rank: 28308
media.vlitag.com — Cisco Umbrella Rank: 34449
519 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
804 B
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1396
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
sync.smartadserver.com — Cisco Umbrella Rank: 1540
6 KB
10 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 831
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3043
2 KB
9 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
6 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
40 KB
9 yonhelioliskor.com
yonhelioliskor.com — Cisco Umbrella Rank: 74811
54 KB
8 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 501
tags.bluekai.com — Cisco Umbrella Rank: 511
5 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
5 KB
8 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1785
mp.4dex.io — Cisco Umbrella Rank: 2010
u.4dex.io — Cisco Umbrella Rank: 4955
27 KB
7 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 513
usermatch.krxd.net — Cisco Umbrella Rank: 1103
2 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 650
eu-u.openx.net — Cisco Umbrella Rank: 1768
us-u.openx.net — Cisco Umbrella Rank: 396
1 KB
7 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
3 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
3 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
rtd-tm.everesttech.net — Cisco Umbrella Rank: 2442
1023 B
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
dmp.adform.net — Cisco Umbrella Rank: 5011
3 KB
6 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 5593
s.e-planning.net — Cisco Umbrella Rank: 7201
4 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
4 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
5 KB
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3161
2 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 331
646 B
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
3 KB
5 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 19002
sync.aralego.com — Cisco Umbrella Rank: 3193
1 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26264
1 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 973
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
3 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2092
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
ap.lijit.com — Cisco Umbrella Rank: 597
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
d.turn.com — Cisco Umbrella Rank: 1042
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
3 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4676
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2956
1 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
231 KB
3 tidaltv.com
sync.tidaltv.com
750 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
2 KB
3 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 23045
loadus.exelator.com — Cisco Umbrella Rank: 1198
2 KB
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
1 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
3 KB
3 gstatic.com
fonts.gstatic.com
55 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
55 KB
2 narrative.io
io.narrative.io
643 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3327
563 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1315
1 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578
1 KB
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10822
822 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1084
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3868
624 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3449
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4590
753 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2279
589 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4415
965 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3911
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
719 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
639 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1348
833 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1333
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
867 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
1 KB
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 990
r8---sn-quxapm-3c2s.googlevideo.com
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
895 B
2 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 12794
344 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
imasdk.googleapis.com — Cisco Umbrella Rank: 424
127 KB
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 1761
470 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3550
420 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1053
209 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2520
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3623
463 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2657
900 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3386
347 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5718
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6007
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2373
395 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3273
625 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1527
296 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
464 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1057
342 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1308
120 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
574 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12638
541 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1186
35 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 919
554 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
391 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1896
291 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 860
222 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1190
800 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
548 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
682 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
28 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1027
5 KB
477 119
Domain Requested by
27 contextual.media.net secretm.me
assets.vlitag.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
25 sync.quantumdex.io 1 redirects assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
24 mwzeom.zeotap.com 1 redirects spl.zeotap.com
24 cm.g.doubleclick.net 18 redirects eus.rubiconproject.com
secretm.me
spl.zeotap.com
bcp.crwdcntrl.net
22 simage2.pubmatic.com 2 redirects ads.pubmatic.com
secretm.me
20 images.taboola.com secretm.me
19 x.bidswitch.net 19 redirects
17 s.amazon-adsystem.com 4 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
eus.rubiconproject.com
spl.zeotap.com
ssum-sec.casalemedia.com
16 match.adsrvr.org 16 redirects
16 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
secretm.me
contextual.media.net
sync.quantumdex.io
15 secretm.me secretm.me
services.vlitag.com
static.cloudflareinsights.com
14 cdn.taboola.com secretm.me
cdn.taboola.com
13 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
12 id5-sync.com 11 redirects assets.vlitag.com
12 match.sharethrough.com 6 redirects s.amazon-adsystem.com
match.sharethrough.com
11 px.vliplatform.com secretm.me
assets.vlitag.com
10 pixel.tapad.com 9 redirects
10 trc.taboola.com 1 redirects cdn.taboola.com
secretm.me
spl.zeotap.com
9 sync.1rx.io 9 redirects
9 image2.pubmatic.com ads.pubmatic.com
9 ib.adnxs.com 4 redirects assets.vlitag.com
acdn.adnxs.com
spl.zeotap.com
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secretm.me
9 yonhelioliskor.com secretm.me
8 sync.crwdcntrl.net bcp.crwdcntrl.net
8 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
8 b1sync.zemanta.com 8 redirects
8 ads.pubmatic.com secretm.me
ads.pubmatic.com
contextual.media.net
sync.quantumdex.io
7 secure-assets.rubiconproject.com 7 redirects
7 secure.adnxs.com 7 redirects
7 rtb-csync.smartadserver.com 2 redirects secretm.me
7 um.simpli.fi 6 redirects ads.pubmatic.com
6 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
6 gum.criteo.com 2 redirects static.criteo.net
contextual.media.net
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 match.prod.bidr.io 6 redirects
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 onetag-sys.com assets.vlitag.com
sync.quantumdex.io
5 beacon.krxd.net spl.zeotap.com
bcp.crwdcntrl.net
5 dpm.demdex.net 5 redirects
5 pixel.onaudience.com 5 redirects
5 ssum-sec.casalemedia.com 2 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 idsync.rlcdn.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 dis.criteo.com 1 redirects ads.pubmatic.com
contextual.media.net
5 sync.mathtag.com 5 redirects
5 assets.vlitag.com services.vlitag.com
secretm.me
assets.vlitag.com
5 services.vlitag.com secretm.me
services.vlitag.com
4 idsync.frontend.weborama.fr 4 redirects
4 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
4 cms.analytics.yahoo.com 4 redirects
4 px.owneriq.net 4 redirects
4 cs.media.net contextual.media.net
4 p.rfihub.com 4 redirects
4 ads.betweendigital.com 4 redirects
4 stags.bluekai.com 4 redirects
4 cdn.aralego.net assets.vlitag.com
cdn.aralego.net
4 rtb.mfadsrvr.com 4 redirects
4 sync.taboola.com 2 redirects secretm.me
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 u.4dex.io ads.pubmatic.com
eus.rubiconproject.com
secretm.me
4 pm.w55c.net 4 redirects
4 sync.targeting.unrulymedia.com 2 redirects contextual.media.net
4 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
spl.zeotap.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pbjs.e-planning.net 2 redirects secretm.me
4 targeting.unrulymedia.com assets.vlitag.com
4 www.googletagmanager.com secretm.me
www.googletagmanager.com
3 sync.tidaltv.com 2 redirects spl.zeotap.com
3 aa.agkn.com 2 redirects
3 us-u.openx.net 3 redirects
3 lg3.media.net assets.vlitag.com
contextual.media.net
3 mug.criteo.com
3 hblg.media.net assets.vlitag.com
3 u.openx.net 2 redirects secretm.me
3 sync.go.sonobi.com 3 redirects
3 sync-t1.taboola.com secretm.me
3 pixel-sync.sitescout.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ad.turn.com 3 redirects
3 eb2.3lift.com 2 redirects secretm.me
3 s.ad.smaato.net 3 redirects
3 hb.aralego.com assets.vlitag.com
3 c.amazon-adsystem.com services.vlitag.com
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
secretm.me
3 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com secretm.me
2 io.narrative.io 1 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 c21lg-d.media.net contextual.media.net
2 gu.dyntrk.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 odr.mookie1.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dmp.v.fwmrm.net spl.zeotap.com
2 dmp.adform.net spl.zeotap.com
2 usermatch.targeting.unrulymedia.com sync.quantumdex.io
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 t.pswec.com 2 redirects
2 pool.admedo.com 2 redirects
2 sync.aralego.com 2 redirects
2 hbx.media.net 2 redirects
2 ap.lijit.com 2 redirects
2 ssp.disqus.com 2 redirects
2 spl.zeotap.com assets.vlitag.com
2 s.e-planning.net assets.vlitag.com
2 simage4.pubmatic.com ads.pubmatic.com
2 match.taboola.com secretm.me
ads.pubmatic.com
2 rtd-tm.everesttech.net 2 redirects
2 ce.lijit.com 1 redirects secretm.me
2 pixel-us-east.rubiconproject.com 2 redirects
2 static.criteo.net assets.vlitag.com
static.criteo.net
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 csync.loopme.me 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 ums.acuityplatform.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cm.adgrx.com 2 redirects
2 bh.contextweb.com 1 redirects secretm.me
2 amazon-tam-match.dotomi.com 2 redirects
2 pixel.quantserve.com 1 redirects secretm.me
2 c2shb.pubgw.yahoo.com assets.vlitag.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 prebid.a-mo.net assets.vlitag.com
2 useast.quantumdex.io assets.vlitag.com
2 prebid.media.net assets.vlitag.com
2 prebid-us.creativecdn.com assets.vlitag.com
2 bidder.criteo.com assets.vlitag.com
2 mp.4dex.io assets.vlitag.com
2 script.4dex.io assets.vlitag.com
secretm.me
2 cdn.jsdelivr.net assets.vlitag.com
services.vlitag.com
2 securepubads.g.doubleclick.net www.googletagservices.com
1 d.turn.com 1 redirects
1 loadus.exelator.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 ss-pbs.quantumdex.io eus.rubiconproject.com
1 s.company-target.com 1 redirects
1 rtb.gumgum.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 aud.pubmatic.com
1 match.bnmla.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 eu-u.openx.net 1 redirects
1 acdn.adnxs.com assets.vlitag.com
1 id.a-mx.com assets.vlitag.com
1 warp.media.net assets.vlitag.com
1 qsearch-a.akamaihd.net secretm.me
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com secretm.me
1 s.uuidksinc.net secretm.me
1 visitor.omnitagjs.com secretm.me
1 e1.emxdgt.com secretm.me
1 pixel-us-west.rubiconproject.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 my.rtmark.net secretm.me
1 rtb.adentifi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 us-vid-events.taboola.com secretm.me
1 us-match.taboola.com vidstat.taboola.com
1 imprnjmp.taboola.com vidstat.taboola.com
1 pxl.qccerttest.com secretm.me
1 us-trc-events.taboola.com secretm.me
1 r8---sn-quxapm-3c2s.googlevideo.com secretm.me
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 prg.smartadserver.com assets.vlitag.com
1 rules.quantcount.com secure.quantserve.com
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 imasdk.googleapis.com services.vlitag.com
1 www.googletagservices.com services.vlitag.com
1 secure.quantserve.com secretm.me
1 static.cloudflareinsights.com secretm.me
1 fonts.googleapis.com secretm.me
477 192
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.vlitag.com
GTS CA 1P5		 2022-08-11 -
2022-11-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
yonhelioliskor.com
R3		 2022-07-30 -
2022-10-28		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2022-09-08 -
2022-12-07		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.e-planning.net
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
truffle.bid
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.gumgum.com
Amazon		 2022-09-14 -
2023-10-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-19 -
2023-06-19		 a year crt.sh
um3.eqads.com
Amazon		 2022-06-11 -
2023-07-09		 a year crt.sh
*.truoptik.com
Entrust Certification Authority - L1K		 2021-10-22 -
2022-10-22		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh

This page contains 87 frames:

Primary Page: https://secretm.me/message.php?id=19unixnq
Frame ID: 0F8923AF6B3495C53CF0748E8C6A1433
Requests: 148 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66515585&crid=6351725&dast=V7xWQCFgMy6RZa7nDMiAQy6RZa7nDMiAUAAAAGBvQHJDkxGWe2iWctXFh8a9Fu4VpLPJ6NW7Ry2Rwjx3BkcViGQFLO4WTjmKzcwplntRatPIO1xGNZuGUjk8k5WniMo8lmCiDGcpkMaoGEZfb7DkK-22V4-FwGUdH1ttgdTrPnDSpoOh0-171e8_JYXqa3Xe3yq12ez8PnsguOhv_S5F4sV3en8e64AwAAAMADANh6G8QPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoCCYYAGgMmGQHTIgdB-u-nycpj9AQDw8AACACCAQQJwYPtWAtBC2X4CAAAAAAAAAMDy____HzNgLx8oM9Df8doD8OAD8EBEoFnECAAAAKASJ1P2aFInVBZVAAAE6VYAVwAAAYNTwnYFYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcgGACBNeBLFXu0XEABg7RcQAIBt3AAA3gLggi4AVhcQswMAAAC4-____9cDmdVyuZn4Nq6JbzGYWUau0crhWrkGK8_IsJu4LNvbxbsZ1w8eG-0TEZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADFYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEiZXNMLM5XG7VxGJaiyYrx1picTncIuPKtNzNPA6LZeMWvT6mh2UxW602XhQMaNmL4CKdKF5P6-HysHvdmpfH8jK93S6LWKI5WaQT2WXfWS2Xm4lv45r4FoOZZeQarRyulWuw8owMu4nLsm-sbIaZzeFyqyYW01o0WTnWEovL4RYZV6blbuZxWCwbt-j1MT0si9lqtfE3ZrPNarVbLWf7xmy2Wa12q-Vs32EyPVOfs9G1E149LtXxtNYWaw6DwmWweFeq00pbkBy02avI6dLMlEWdUfn8jrwGhefgUV2G121XOFRPb-HmwnGwKGKJ4HSRToR-t8silkieFulE5txsPI7hcmFybJyj2WK4WKxmE5vNZBgZN7vRxCKWKE0X6USvdnk-D5_LLjga_kuTe7Fc3Z3Gu-Oi_qNDjJZz1WyuWG3mit1wlQAAAAAAAAAAljBl3gQAAADgNKjBarRaLRegogVCF9gEAAAAAABglySuF-J5d2u7uPHjiXg9rYfLw-51a14ey8v0drusDFDR8sC82TNBrNVqWQMAAAhgAwAABHDr5i0QHZLbB8oCAAAAAADgJ8DNajA!&cmcv=&pix=undefined&cb=1663557597090&uv=3226&tms=1663557597090&abt=inc_all_video_vA!nrlc_vB!spa2_vA!t45!tvrReverse1_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=9bd8f6b3-8ab7-47a5-bc3c-4eef1d18dba2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 0EC8D057308D37C7A17639DD1F309D1D
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V7xWQCFgMy6RZa7nDMiAQy6RZa7nDMiAUAAAAGBvQHJDkxGWe2iWctXFh8a9Fu4VpLPJ6NW7Ry2Rwjx3BkcViGQFLO4WTjmKzcwplntRatPIO1xGNZuGUjk8k5WniMo8lmCiDGcpkMaoGEZfb7DkK-22V4-FwGUdH1ttgdTrPnDSpoOh0-171e8_JYXqa3Xe3yq12ez8PnsguOhv_S5F4sV3en8e64AwAAAMADANh6G8QPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoCCYYAGgMmGQHTIgdB-u-nycpj9AQDw8AACACCAQQJwYPtWAtBC2X4CAAAAAAAAAMDy____HzNgLx8oM9Df8doD8OAD8EBEoFnECAAAAKASJ1P2aFInVBZVAAAE6VYAVwAAAYNTwnYFYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcgGACBNeBLFXu0XEABg7RcQAIBt3AAA3gLggi4AVhcQswMAAAC4-____9cDmdVyuZn4Nq6JbzGYWUau0crhWrkGK8_IsJu4LNvbxbsZ1w8eG-0TEZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADFYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEiZXNMLM5XG7VxGJaiyYrx1picTncIuPKtNzNPA6LZeMWvT6mh2UxW602XhQMaNmL4CKdKF5P6-HysHvdmpfH8jK93S6LWKI5WaQT2WXfWS2Xm4lv45r4FoOZZeQarRyulWuw8owMu4nLsm-sbIaZzeFyqyYW01o0WTnWEovL4RYZV6blbuZxWCwbt-j1MT0si9lqtfE3ZrPNarVbLWf7xmy2Wa12q-Vs32EyPVOfs9G1E149LtXxtNYWaw6DwmWweFeq00pbkBy02avI6dLMlEWdUfn8jrwGhefgUV2G121XOFRPb-HmwnGwKGKJ4HSRToR-t8silkieFulE5txsPI7hcmFybJyj2WK4WKxmE5vNZBgZN7vRxCKWKE0X6USvdnk-D5_LLjga_kuTe7Fc3Z3Gu-Oi_qNDjJZz1WyuWG3mit1wlQAAAAAAAAAAljBl3gQAAADgNKjBarRaLRegogVCF9gEAAAAAABglySuF-J5d2u7uPHjiXg9rYfLw-51a14ey8v0drusDFDR8sC82TNBrNVqWQMAAAhgAwAABHDr5i0QHZLbB8oCAAAAAADgJ8DNajA!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 5308A827DC55970A37E0709836675B0D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
Frame ID: 051D2495802431ECC6843B7ECED8C86D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 06A8FB09A61420F57F38453FA82CAED5
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: BBBE9AA1111DFABD0A1674C57BAFED1F
Requests: 10 HTTP requests in this frame

Frame: https://services.vlitag.com/passback/?t=1663171543&d=18420&z=78065&divID=vi_1842078065_1&w=320&h=50&geo=US&hn=secretm.me
Frame ID: 8ABAA77D9713BD010ED79ED917AFD212
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 7134ED0B65BFFDB6A1C4A78E7A7F8B0F
Requests: 4 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 1F12D54AD20140F65B4B0FE268F64CED
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 80C8AED3637024C85EEB6CC5E15A3A76
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABy761qQyDPANdoV4_AAAAAAA&expiration=1663643997&is_secure=true
Frame ID: 29F9DF4EF72461A7B5AA79322B6D2BC7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=662737811153841467575
Frame ID: 3552A23F72E98723E753D60227C5D169
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: C5953B798F9AEDC9864F87AEA0E0ABD8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: A1DA7984C724E44D0BE7968D44D062CC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFWA07GT8AAAA-PgyShyw
Frame ID: 75B047A7E7D42D757D3273A7025C960D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&gdpr=0&gdpr_consent=
Frame ID: 7E13389E5E56FCA658DE01022DA13C7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f04b31c0-37c9-11ed-bc06-b199e15137b5
Frame ID: 21FE3CE84B69677AB9B0798493195012
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: FAC5212108D76EE77FD79E0F315D2599
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5DC3052D99B52C17BC48BFE1D88C8AAD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f9zbI5dQSTFuOOM6frOHY5U4mbI
Frame ID: E5FEC3A058C6A4A8C761E931D91F4A02
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Frame ID: D77FCDF08354BE5BF0F29ADA9D0613F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:REpD1VrU1OA7ka5&gdpr=0&gdpr_consent=
Frame ID: 6C735BE29A9CE747F41C155431CE2611
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693869928991
Frame ID: 60B129D7FEE60F72545136F8C478F9F7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F33D4F3B3D4380FA3EEF58696DCCBE95
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: 19E26FD98E683B24C79F3E30943EB946
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: 39F7843994349BC8010E88F2C5144D5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F7ziqx4ap
Frame ID: 3506C63DB2CA085C2001626E004796C5
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: AB2BD323100845C2FE323036E654C8B7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 1CB518C6AFA8D11A8FBB099D96C84334
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 12C8493F6B0C8DD005DF2D37D57CD6CE
Requests: 2 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8878POX-1U-8LKK
Frame ID: 5BA3B0F8F839AE218142F364AFC2F234
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=secretm.me
Frame ID: 7762832C3D566211D4EC2B3D12E3F4AC
Requests: 2 HTTP requests in this frame

Frame: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Frame ID: 0CF26674D5772828E95A67CE5446279B
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI
Frame ID: 60CA106A04E9EA47468B82001D038628
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663557597014
Frame ID: C0E31927C998761CBFB8452790B23D90
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: F6C8A3065466C041FD4821587B361F13
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: AA2369F44ABB2247FB8C7AD42FB4B6D1
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F5A4FF10F1319DDF5076CB6326E42FBC
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 89DE61497779A8153D919B07BCD944F7
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1663557597015
Frame ID: A705BF5C4801FADC9D1EF533893A47ED
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 40CAA845810CC8FBB676691A5761818B
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 594518C7FA3A4407520E2EA578FF7C22
Requests: 13 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: F5092A3D9E8436A7DE91B066315FCE1B
Requests: 23 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 2639CF93F4763F8A35B8152616BCF4D0
Requests: 2 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 5A17B11FE72107962CA17F992BE60EB7
Requests: 23 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: CB71CA3F166ECD9F0DF4B8E7E1024873
Requests: 4 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: C59CC634731CAA09C88C5E1F3E67EAD5
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=765284172&size=728x90&cc=CA&chnm=HARMONY&pid=8PO2H3S30&tpid=T2MH1C5&https=1&vif=2&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&kwrf=https%3A%2F%2Fsecretm.me&nse=5&vi=1663557600227145839&ugd=4&adt1=8CU2LD671&adt2=946648751&bae=B44/zzqBax&bcpf=B44%2F8fOnRrolnfOur8zzqBax&bdrId=294&bid=328214&ntv=0&matchstring=hr%3D0&pgid=p0861350161t202209190320&goent=1&htmlsrc=1&allsc=QC
Frame ID: C9774190DAEE991F7414236DF85F7616
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 510F99BF6975F1A8BD10F0C1C03BD989
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: C68867F71EDA4176734869D1896A437D
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005423065592001454640000V10&ovsid=979321827729254669
Frame ID: 1B1135F1E1F9C44DE02D26D64ED23D16
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3DPM_UID
Frame ID: 36288E0E9613B36EAA065797644067F4
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 633A12D13205CDFB2FEA6BD88383FDBA
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005663065592001454640000V10&ovsid=968907260740163974
Frame ID: 3597DDF8B92F0D30E51FAA240E0CD870
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3DPM_UID
Frame ID: 67530908292DC33B05F3E75C8636F05F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168440001839935516
Frame ID: 9EC220E8AEB611D6A8378AE224CAC879
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DiH1KxaUDZWqGRO_4d8nYw
Frame ID: EBB537B87206B970E48F9CE2DD1BAC78
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C8FFFDDE54F59B02DE0C4F36D0DF372A
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 372416E188A811C9BA22F85F920AA3CF
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 477DC58EA01DCB4CF5A9DED33E853D44
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f1dd804e-2ca0-4541-9b2c-a87e73744a65
Frame ID: C53C6690054001538BFC8EB47D1C50AC
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/epx
Frame ID: 680B4340787BDD2583612C955306EAC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
Frame ID: F6964129C277C1F1EF8C49F7F21134A5
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: D3B04A112AB3081349D3A2CB0F501DD4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: AFE70CD0911B6A2F2E71B0A4267C1A5C
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: D72D026D27FDF1266F0D3BE86B804CEA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 47B3AC004685EA4344EE5510AC90A78D
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 8F68763447EDD0963A0349948ABACC8A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DAD0DB1FECE712BA4DBDE9A713D64AF9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 00443FE942FAD3F6BD924F8895A92D12
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: B878718FE2442DB75C449D28A980CB16
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: EB58C7128ADC179473310072EAB54A8B
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FEF78C10A0AE641DC1FC972EC79DCC63
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: EF15D7F38A34CAA5895353E91D2640EF
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 447940E0DA921A500197E6DCE6D9D979
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 267649106906027983A0DB957649F5DE
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=9&vsid=3065592001454680000V10&type=rkt&refUrl=&vid=35576009243065592001454680000V10&ovsid=968907260740163974
Frame ID: D551880FE3E2725F963DF3F081A42CA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3DPM_UID
Frame ID: 2E61727C241088CB7238248A023653A0
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 21707CA1CBA2B80C295C5E8D2B4C5597
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 87464EE1414DF8E01F5B1B3DFA1163BC
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Frame ID: 4B24D09FAC3584437152E501DF3E492D
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Frame ID: A042DADBA026B1FD7048037C2D5E34F7
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=pba&refUrl=&vid=35576005423065592001454640000V10&ovsid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: FD6BCF5DBFC6838AF0C0A4B4CD5F7493
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=pba&refUrl=&vid=35576005663065592001454640000V10&ovsid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: 0C405CC21ADB888B0B8DA2EED9A63E22
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: 3FF9D446C38D6DFBDA5DBB18B4638C7D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: CF36D1682968055D5C031BECFB076DDC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=9&vsid=3065592001454680000V10&type=pba&refUrl=&vid=35576009243065592001454680000V10&ovsid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Frame ID: FE91254B6B195610C1851DC929AEAFA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Send Secret Message to your friend on SecretM.Me

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

477
Requests

68 %
HTTPS

24 %
IPv6

119
Domains

192
Subdomains

106
IPs

15
Countries

5214 kB
Transfer

9478 kB
Size

242
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663557596511&ns_c=UTF-8&c7=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&c8=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663557596511&ns_c=UTF-8&c7=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&c8=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&c9=
Request Chain 68
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/secretm.me/ROS?rnd=0.989216420431102&e=320x50_0%3A320x50%2C300x50%2C300x31&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=320x50_0%3A320x50%2C300x50%2C300x31&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955
Request Chain 84
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/secretm.me/ROS?rnd=0.989216420431102&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955
Request Chain 92
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1663570954&ei=qr8nY4HoE-qBsfIP7MCn8AY&ip=184.164.141.146&id=o-AF9BsN6p8CV3y1WKBB3U6-40aVFKLe3d_Bu48YsNbzG8&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-5hneknes%2Csn-5goeenez&ms=au%2Conr&mv=u&mvi=3&pl=23&vprv=1&mime=video%2Fmp4&ns=H6Yx7uCJee61uooFhvTVqTkI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1663548769&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=kE4kLLnLx4cSSu80&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgaLxfA18spFIr87yXzcwQ2LKlYBOgMihGl5EpsLO4njECIQCeeqR3R82aRZgznSWdXjRrk2d3fX3Tplyz_sHSsLnSlg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAI_u9gu-TXfWAjs5bfG3TeRvX-FI8jo-PfEpjOyBfpP4AiAL4JXR99rNleaOFpwuWOEmQA6N6aQ0CNlotF40L3INcw%3D%3D HTTP 302
  • https://r8---sn-quxapm-3c2s.googlevideo.com/videoplayback?expire=1663570954&ei=qr8nY4HoE-qBsfIP7MCn8AY&ip=184.164.141.146&id=o-AF9BsN6p8CV3y1WKBB3U6-40aVFKLe3d_Bu48YsNbzG8&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=H6Yx7uCJee61uooFhvTVqTkI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=kE4kLLnLx4cSSu80&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgaLxfA18spFIr87yXzcwQ2LKlYBOgMihGl5EpsLO4njECIQCeeqR3R82aRZgznSWdXjRrk2d3fX3Tplyz_sHSsLnSlg%3D%3D&cms_redirect=yes&mh=3a&mip=2607:5300:60:7867::15&mm=31&mn=sn-quxapm-3c2s&ms=au&mt=1663557180&mv=m&mvi=8&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOoQMsiQ7NYmotecDpyYBNyIiuoatypxyw50lo1gzM7ACIQD_RJ4_b98fAxQuzPQRk7gpGI0i7OvcNuPyzvfevpYIHg%3D%3D
Request Chain 120
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
Request Chain 136
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3a2778e
Request Chain 137
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
Request Chain 138
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7EAD9857E4014D778875661041256C5A&ex=simpli.fi&status=ok
Request Chain 141
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=1d90291b63b81604&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABy761qQyDPANdoV4_AAAAAAA&expiration=1663643997&is_secure=true
Request Chain 142
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=662737811153841467575
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Request Chain 149
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGV0EwN0dUOEFBQUEtUGd5U2h5dw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGV0EwN0dUOEFBQUEtUGd5U2h5dw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFWA07GT8AAAA-PgyShyw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5164764702849156945 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFWA07GT8AAAA-PgyShyw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5164764702849156945%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=5164764702849156945&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFWA07GT8AAAA-PgyShyw&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFWA07GT8AAAA-PgyShyw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5164764702849156945%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=5164764702849156945&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFWA07GT8AAAA-PgyShyw
Request Chain 150
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&gdpr=0&gdpr_consent=
Request Chain 151
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f04b31c0-37c9-11ed-bc06-b199e15137b5
Request Chain 154
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f9zbI5dQSTFuOOM6frOHY5U4mbI
Request Chain 155
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1663557597847 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4123285604 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8c547213-44f5-41c0-9f3e-f4df6d624005 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-ad006d29-5932-421f-aa6d-8a406243cead-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Request Chain 156
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:REpD1VrU1OA7ka5&gdpr=0&gdpr_consent=
Request Chain 157
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693869928991
Request Chain 158
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 159
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c6129cc4-c2ec-4f3e-b106-f49d27416ea8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Request Chain 160
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 161
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F7ziqx4ap
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ChT1TeZSLO5QaW7TmMXfA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ChT1TeZSLO5QaW7TmMXfA%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 164
  • https://idsync.rlcdn.com/420486.gif?partner_uid=DC2853D5-3799-48B3-B941-A5BB4E63177C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJERDMjg1M0Q1LTM3OTktNDhCMy1COTQxLUE1QkI0RTYzMTc3QxAAGg0I3b-fmQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=bc85de15baac2a90eedd2787b905fc7f92a94754b06fb1569e3fa5dc0be28e4e791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYzg1ZGUxNWJhYWMyYTkwZWVkZDI3ODdiOTA1ZmM3ZjkyYTk0NzU0YjA2ZmIxNTY5ZTNmYTVkYzBiZTI4ZTRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI3b-fmQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYzg1ZGUxNWJhYWMyYTkwZWVkZDI3ODdiOTA1ZmM3ZjkyYTk0NzU0YjA2ZmIxNTY5ZTNmYTVkYzBiZTI4ZTRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI3b-fmQYSBAgCEABCAEoA&google_error=3 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=7b38c69b-1201-49c8-a3de-b1c07c175a9b
Request Chain 165
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e206327-dfde-4d00-ab76-f159d6d1793a
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMyODUzRDUtMzc5OS00OEIzLUI5NDEtQTVCQjRFNjMxNzdD&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMyODUzRDUtMzc5OS00OEIzLUI5NDEtQTVCQjRFNjMxNzdD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKBQWMderpazD698mKN2lY8&google_cver=1
Request Chain 168
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
Request Chain 169
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3232777307143540978&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 170
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c547213-44f5-41c0-9f3e-f4df6d624005
Request Chain 172
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC2853D5-3799-48B3-B941-A5BB4E63177C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PlEVa2hE2uWrgqvUdi4sSkDYLhxfbFw-~A&gdpr=0&gdpr_consent=
Request Chain 173
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5ad9f333-1342-47cc-9601-9b4fede0b79b&gdpr=0&gdpr_consent=
Request Chain 174
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=177430568407624767&gdpr=0&gdpr_consent=
Request Chain 175
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=560685b1b2e919fa&is_secure=true&networkId=17100&version=1&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJOpQSY_SOMwMU3-OIAAAAAAA&expiration=1663643998&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 176
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341&gdpr=0&gdpr_consent=
Request Chain 178
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4e491354-ff89-46c3-8ad4-a5c2e193b131&ssp=pubmatic&expires=30&user_group=5&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 180
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_F66F0406_99F868BD&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 181
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1426208387086089782
Request Chain 185
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=
Request Chain 186
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Request Chain 187
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Request Chain 188
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Request Chain 193
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L8878POX-1U-8LKK HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L8878POX-1U-8LKK&ex=d-rubiconproject.com&status=ok
Request Chain 197
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8878POX-1U-8LKK
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEzmsydzIQYYzttpXCIr1I0&google_cver=1
Request Chain 199
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4NzhQT1gtMVUtOExLSw==
Request Chain 201
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=&expires=30
Request Chain 202
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQxYjQ0NTZlNTczMjAyZmI2ZjEwNzEzYjIyYjA1YzZkN2NjNzAxNQ
Request Chain 203
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sPN29gix4Wsh9QNGXHJO7Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7138489281021023736
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Z1mWo123ShWMSGx2FEbYFw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Z1mWo123ShWMSGx2FEbYFw
Request Chain 205
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 206
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 209
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L8878POX-1U-8LKK HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L8878POX-1U-8LKK
Request Chain 211
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8878POX-1U-8LKK
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIOTbRfKX1Gmch2IOXkVVoU&google_cver=1
Request Chain 214
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
Request Chain 215
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c547213-44f5-41c0-9f3e-f4df6d624005
Request Chain 216
  • https://ce.lijit.com/merge?pid=42&3pid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 220
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a3af821a-70cb-4061-8c35-0aa0709d3884
Request Chain 221
  • https://id5-sync.com/s/464/9.gif?puid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=177430568407624767&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=4e206327-dfde-4d00-ab76-f159d6d1793a&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=8c547213-44f5-41c0-9f3e-f4df6d624005&ttl=%%TTL%% HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/3/5.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/2/6.gif?puid=bdd621ad-373c-48e7-8fa2-f15f07807f54&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/1/7.gif?puid=2649b0e0-6bba-422c-a092-22b21a9541f8&gdpr=0&gdpr_consent= HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yyff4AAAISIPfgAE HTTP 302
  • https://id5-sync.com/c/464/136/0/8.gif?puid=Yyff4AAAISIPfgAE&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
Request Chain 222
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=693869928991&expires=30&user_group=1&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
Request Chain 223
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5f217df4-4aa3-4f7b-b84b-73b42d4f6649 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D5f217df4-4aa3-4f7b-b84b-73b42d4f6649&isDirect=0
Request Chain 224
  • https://u.openx.net/w/1.0/sd?id=543998486&val=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=
Request Chain 228
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=f9zbI5dQSTFuOOM6frOHY5U4mbI
Request Chain 229
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 231
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d8c44a94-1b8c-40f8-967d-1ee5f308131c
Request Chain 236
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1 HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
Request Chain 251
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=secretm.me&sn=ChromeSyncframe&so=0&topUrl=secretm.me&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5dfVoHwwUVFuTTF5dGpnWUh6NDBLaXU4MWlUbUIwbE9NeXp0d3lueTVBRlRCdDVHUlhKZGR2U2gwejdpTUxGVWJIWUxtazN6LzF3Sk1JamViRk5HMTY4U0hiT3hlOTdmQ2V4bjVJbzNGQXA0MDQyZGdrem14bTh5ZUlWekRQaVEreS92OU5Ua29KSG1TMnRqdWxtMHFvdGtJVjJtZDVnbXpNVUV3Si9zcXBlRFJJRUxhMmdMZXJOWjNTbTYrT3RGVzZhdGV6VWExMHlNLzArKysvNk5CYjFUODZ0OUhmVHVPZmhoNVF2RTcwSVpSMW1hNjUwMnBSd3dRWlZOZjdmclBuL1lJMzlkTEN2WGU0dkZHWDZZQ0MrNjFwQT09fA&cppv=2
Request Chain 254
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecretm.me%2F&domain=secretm.me&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=zGT_onxuRC9Sa2ptZFpRbCthZnQ4UDd3aEROUzI5bjhMQnkzbG04OTdTKzhtd2JQV1ZmL2FiTE5XSHRMYTI1RUZ3Rm1neTNlT0V3Rk4xMEFWSDRhZHFhMUs1VENDb1BjVE8xVVN0NnZuT3VLbEtPeDZkdVJKY1FOV3Z0NXRxUlVZZDk3WnEvY3ZPRVNNT1Z1dks4VUdUNzlXbGdXQ2x2cDBhanFVN28zOWV3TjdlY2k2UnM2azFxaWgxZ3Zmc2MvZ1BVL1BUbERTQXNXRkJ2a1hxM1hSRHRLZ2VJZHVUeVJ4QlJxSXFpYlA2eHhQZmxlSWtaQ2JzNm1WYkZzYS9aV1F3RHFrQW1FbmxPb2tUbU9JazcxNEhUOUV6UT09fA&cppv=2
Request Chain 269
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5164764702849156945&gdpr=0&gdpr_consent=
Request Chain 270
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=4a773e4f-604f-4ec3-a341-a15f74666c6e
Request Chain 271
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5ORHWQUBXJE4EYWLSLBXWQQ3SKFIHENRN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5ORHWQUBXJE4EYWLSLBXWQQ3SKFIHENRN HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tOhP7I8LYrXohCrQPr6-
Request Chain 272
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3232777307143540978&gdpr=0&gdpr_consent=
Request Chain 273
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1426208387086089782&gdpr=0&gdpr_consent=
Request Chain 279
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
Request Chain 280
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
Request Chain 281
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
Request Chain 282
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
Request Chain 283
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
Request Chain 284
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
Request Chain 285
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
Request Chain 286
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
Request Chain 287
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
Request Chain 288
  • https://sync.aralego.com/idsync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MDBjYjE5ZTMtNDEyOS0zMmFjLTg5MDMtNGRmNTg0ODc1MmVm&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 289
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
Request Chain 290
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
Request Chain 291
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
Request Chain 292
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
Request Chain 293
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
Request Chain 294
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
Request Chain 295
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
Request Chain 296
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
Request Chain 297
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
Request Chain 299
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 300
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Drkt%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005423065592001454640000V10&ovsid=979321827729254669
Request Chain 302
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005423065592001454640000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005423065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
Request Chain 303
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dopx%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005423065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
Request Chain 304
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ad006d29-5932-421f-aa6d-8a406243cead-005&rndcb=3458563358 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b20538f5-2838-4e82-8157-07747f2caacd&user_group=1&ssp=adconductor&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5047f2b9-b6f8-4817-8b9f-f5305f524dc8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NTU5MjAwMTQ1NDY0MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
Request Chain 306
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Ddxu%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005423065592001454640000V10&ovsid=REpD1VrU1OA7ka5
Request Chain 308
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4e206327-dfde-4d00-ab76-f159d6d1793a&expires=30&ssp=medianet&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 309
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dzem%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDMLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTKNJXGYYDANJUGIZTANRVGU4TEMBQGE2DKNBWGQYDAMBQKYYTAJTWONUWIPJTGA3DKNJZGIYDAMJUGU2DMNBQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDMLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTKNJXGYYDANJUGIZTANRVGU4TEMBQGE2DKNBWGQYDAMBQKYYTAJTWONUWIPJTGA3DKNJZGIYDAMJUGU2DMNBQGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005423065592001454640000V10&vsid=3065592001454640000V10
Request Chain 310
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3065592001454640000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
Request Chain 311
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
Request Chain 313
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NTU5MjAwMTQ1NDY0MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
Request Chain 315
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Drkt%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005663065592001454640000V10&ovsid=968907260740163974
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&google_hm=NTA0N2YyYjktYjZmOC00ODE3LThiOWYtZjUzMDVmNTI0ZGM4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMMRihsdTx7DEqemQ7Gp1ns&google_cver=1&ssp=medianet&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 318
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3065592001454640000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
Request Chain 321
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005663065592001454640000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005663065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
Request Chain 322
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dopx%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005663065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
Request Chain 323
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ad006d29-5932-421f-aa6d-8a406243cead-005&rndcb=4889081436 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=adconductor&bsw_user_id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=adconductor&bsw_user_id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=c0909991-d209-419c-84c0-5908597ca204&expires=3&user_group=1&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5047f2b9-b6f8-4817-8b9f-f5305f524dc8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3DRX-ad006d29-5932-421f-aa6d-8a406243cead-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&vsid=3065592001454680000V10&type=r1&refUrl=&vid=35576009243065592001454680000V10&ovsid=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Request Chain 324
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Ddxu%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005663065592001454640000V10&ovsid=REpD1VrU1OA7ka5
Request Chain 325
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dzem%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDMLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTKNJXGYYDANJWGYZTANRVGU4TEMBQGE2DKNBWGQYDAMBQKYYTAJTWONUWIPJTGA3DKNJZGIYDAMJUGU2DMNBQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDMLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTKNJXGYYDANJWGYZTANRVGU4TEMBQGE2DKNBWGQYDAMBQKYYTAJTWONUWIPJTGA3DKNJZGIYDAMJUGU2DMNBQGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005663065592001454640000V10&vsid=3065592001454640000V10
Request Chain 326
  • https://sync.aralego.com/idsync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MDBjYjE5ZTMtNDEyOS0zMmFjLTg5MDMtNGRmNTg0ODc1MmVm&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 327
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7168440001839935516&uid=Q7168440001839935516&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168440001839935516
Request Chain 328
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DiH1KxaUDZWqGRO_4d8nYw
Request Chain 330
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 332
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f1dd804e-2ca0-4541-9b2c-a87e73744a65
Request Chain 333
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://um.simpli.fi/epx
Request Chain 334
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
Request Chain 336
  • https://pixel.onaudience.com/?partner=214&mapped=DC2853D5-3799-48B3-B941-A5BB4E63177C HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f535d2551393d2124221b2f934f96722&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=8c547213-44f5-41c0-9f3e-f4df6d624005&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-coRlxYxE2pTSgUy.Z7BSffLoET31QFP1wA--~A&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=dbf239721e13e9fb
Request Chain 337
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DC2853D5-3799-48B3-B941-A5BB4E63177C&addseg=10,33,39
Request Chain 338
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DC2853D5-3799-48B3-B941-A5BB4E63177C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DC2853D5-3799-48B3-B941-A5BB4E63177C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 340
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=177430568407624767
Request Chain 341
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a43f58da-b153-4708-ab41-60a29c16d19b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 344
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 357
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%252Chttps%253A%252F%252Fmwzeom.zeotap.com%252Fmw%253Fcid%253D2649b0e0-6bba-422c-a092-22b21a9541f8%2526zpartnerid%253D5%2526env%253DmWeb%2526eventType%253Dmap%2526gdpr%253D1%2526gdpr_consent%253D%2526id_mid_4%253D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%2526reqId%253Dd940724f-2126-43f6-5e52-95e6005624d8%2526zdid%253D1361&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c547213-44f5-41c0-9f3e-f4df6d624005&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%2Chttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D2649b0e0-6bba-422c-a092-22b21a9541f8%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 359
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361&gdpr=0&gdpr_consent= HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 362
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 363
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6a7ae9dc-c707-4164-bcb4-ef8e3dc4e160&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 364
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 365
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7144925487027583115&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 366
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361&bounce=1&random=2881441198 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 367
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 368
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 369
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
Request Chain 370
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CAN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=Mo3gO3Spc75gxqcK3%2F%2FE0w0kYEZuqfJq%2BS41iYitP1U%3D
Request Chain 371
  • https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10606540073709234445&zdid=1361&reqId=d940724f-2126-43f6-5e52-95e6005624d8&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=1&gdpr_consent=
Request Chain 374
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Request Chain 375
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361&dcc=t
Request Chain 379
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%252Chttps%253A%252F%252Fmwzeom.zeotap.com%252Fmw%253Fcid%253D2649b0e0-6bba-422c-a092-22b21a9541f8%2526zpartnerid%253D5%2526env%253DmWeb%2526eventType%253Dmap%2526gdpr%253D1%2526gdpr_consent%253D%2526id_mid_4%253D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%2526reqId%253D3dab3c5f-d321-4c3d-437d-50a4a061bf70%2526zdid%253D1361&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c547213-44f5-41c0-9f3e-f4df6d624005&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%2Chttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D2649b0e0-6bba-422c-a092-22b21a9541f8%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 381
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361&gdpr=0&gdpr_consent= HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 384
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 386
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 387
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7144925491308918923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 388
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361&bounce=1&random=1901823955 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 389
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 390
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Request Chain 391
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
Request Chain 392
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CAN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=%2FcUdZwckx4lgxqcK3%2F%2FE00YuKnjHENsR%2BS41iYitP1U%3D
Request Chain 393
  • https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10610902935401796924&zdid=1361&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=1&gdpr_consent=
Request Chain 396
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PFmngjtl&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8
Request Chain 397
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361&dcc=t
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpkOZTQSEueQCuO8mqxVRI&google_cver=1
Request Chain 402
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yyff356zThWaqrsQ-11EXQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjzjAvdoHPTPUCQXw0kv58&google_cver=1
Request Chain 403
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&expiration=1666149601&gdpr=0&gdpr_consent=
Request Chain 405
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679196000&external_user_id=28c02b3f-aa87-49d4-b41e-4fda73e4054a
Request Chain 406
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
Request Chain 407
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29 HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168440001428602739&uid=Q7168440001428602739&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168440001428602739
Request Chain 408
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_6327dfe0e0261&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6327dfe0e0261
Request Chain 411
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=177430568407624767
Request Chain 413
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yyff4AAAISIPfgAE
Request Chain 414
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3232777307143540978
Request Chain 415
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
Request Chain 416
  • https://idsync.rlcdn.com/461886.gif?partner_uid=Yyff356zThWaqrsQ-11EXQAA%26158&&gdpr_consent=&gdpr= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0a38d6d1-3cca-47cf-bbaa-9f906beed670
Request Chain 417
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69738a86-aeb4-4988-9ad8-dc4c1211f807&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 421
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8878POX-1U-8LKK HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8878POX-1U-8LKK
Request Chain 423
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 424
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression&khaos=L8878POX-1U-8LKK HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=rubicon&uid=L8878POX-1U-8LKK HTTP 302
  • https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L8878POX-1U-8LKK
Request Chain 428
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 429
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Drkt%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=9&vsid=3065592001454680000V10&type=rkt&refUrl=&vid=35576009243065592001454680000V10&ovsid=968907260740163974
Request Chain 431
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119738&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 433
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ad006d29-5932-421f-aa6d-8a406243cead-005&rndcb=7284432612 HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907260740163974&expires=30&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/5047f2b9-b6f8-4817-8b9f-f5305f524dc8?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Request Chain 434
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dzem%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDMLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTKNJXGYYDAOJSGQZTANRVGU4TEMBQGE2DKNBWHAYDAMBQKYYTAJTWONUWIPJTGA3DKNJZGIYDAMJUGU2DMOBQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDMLJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTKNJXGYYDAOJSGQZTANRVGU4TEMBQGE2DKNBWHAYDAMBQKYYTAJTWONUWIPJTGA3DKNJZGIYDAMJUGU2DMOBQGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=9&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576009243065592001454680000V10&vsid=3065592001454680000V10
Request Chain 442
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-T2ILLRlE2pzJwLlAxeQTC4B8HnT9QrXLuiY-~A&gdpr=0
Request Chain 446
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c547213-44f5-41c0-9f3e-f4df6d624005/gdpr=0/gdpr_consent=
Request Chain 447
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4e206327-dfde-4d00-ab76-f159d6d1793a&src=lot&gdpr=0
Request Chain 448
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=94073d30c6a6c33e434c937c64bf25b1&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D2649b0e0-6bba-422c-a092-22b21a9541f8%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D2649b0e0-6bba-422c-a092-22b21a9541f8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=177430568407624767&pt=2649b0e0-6bba-422c-a092-22b21a9541f8%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D2649b0e0-6bba-422c-a092-22b21a9541f8 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2649b0e0-6bba-422c-a092-22b21a9541f8
Request Chain 449
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341/gdpr=0
Request Chain 451
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/94073d30c6a6c33e434c937c64bf25b1/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3232777307143540978/gdpr=0
Request Chain 452
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=894798916 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=177430568407624767/gdpr=0/rand=894798916
Request Chain 467
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:DC2853D5-3799-48B3-B941-A5BB4E63177C HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=f3e8d531-37c9-11ed-bcb0-0ad5a2cbd9d9&companyId=673&id=pubmatic_id:DC2853D5-3799-48B3-B941-A5BB4E63177C
Request Chain 469
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=DC2853D5-3799-48B3-B941-A5BB4E63177C HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=2649b0e0-6bba-422c-a092-22b21a9541f8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D2649b0e0-6bba-422c-a092-22b21a9541f8%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04391427402192166912549765893084360539&pt=2649b0e0-6bba-422c-a092-22b21a9541f8%2C

477 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request message.php
secretm.me/ 		81 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff35667ae307d4aecfa0238aa09bc3f738a7dd0d2a6b190fbae260888626115d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
74cf2eb999db7150-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:19:56 GMT
display
orig_site_sol
expires
Sun, 18 Sep 2022 03:19:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfrPjU2XSObyqUXYktiRJ1u4tMW%2FUF12d%2BzS8RVOz%2BcAU91uI9BKMjaQz7ZXbYd4Pmx7%2FQ5rbVDVVMgFGNHd8nFeUjXpZy%2F96o1oYnCt1AvFDHwlntr5fWRdv3ySDdWXLiXj%2FKsK7U43"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding
x-middleton-display
orig_site_sol
x-middleton-response
200
x-sol
orig
css2
fonts.googleapis.com/ 		3 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a08d72e6f1e9844a2398be22298a6fb9e4f46d9849522bb16ac5c34eff86e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 02:01:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 03:19:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 03:19:56 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/css/ 		141 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13909274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15359
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-235ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEe3ZDPveL5e%2FSxT598EYLB6pRklMOne%2FAmuWBKosa6Kh8UIVE4geuep0vj2nlhjB5dNgqWjB0qJmxgiqTsiXSC3ZoecQOlkCUc3zX3qmBTp0QL97hmTVsDJUl2ZTCJXM0iGDEqHQCmsWCEX1uU2yUdk"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74cf2ec04d23713f-YUL
expires
Sat, 09 Sep 2023 03:19:56 GMT
style.css
secretm.me/src/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secretm.me/src/css/style.css?v=2
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
282ee9ba0d3397b67893dcdeb5fa698f5efd5f72d06ea6daeef40c3bb7b886f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
vary
Accept-Encoding,Origin
cf-cache-status
HIT
x-sol
orig
age
50990
cf-polished
origSize=10613
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Wed, 14 Sep 2022 15:50:10 GMT
server
cloudflare
etag
W/"2975-5e4506d14ae4f-gzip-gzip"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUVi8%2ByPdFGtWxISTb4MqY3d0ByVkJIXyqpN3c34DBx5djCnhNc0lgJFZlEvgzjjDHzPgKeYRx5XGsKP1ucP4OU%2Ffc%2B6E3U%2FaAiufQdCPPFA9wyNz38K9xWWK8%2B0FXDZil%2BBA5pgfLrt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
74cf2ec0095d7150-YUL
display
staticcontent_sol, orig_site_sol
cf-bgj
minify
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10016824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bndm2dLxH2PmvgEQuFg9A%2BJqBgMGGlSUnwHaFRwgrATV4xbRy5pJOinmhNztqFt0ERh8ewgGPhz%2BS6lZeO7Ac1BeN9FqXFwaiHikhwZU1oFMjflOvMA%2FYnqI1p8IH2Rj0tIH0QMqN9zbY5frKE7vViCK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74cf2ec04d24713f-YUL
expires
Sat, 09 Sep 2023 03:19:56 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1454754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11522
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-bf30"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRViAI6kIt4klBg%2BOQTmEatKztYQRNwnBZM1Z%2BPsJtPzGYDHHS8NeIZ68cboVKgihmE7GMOJ%2BlkbNlR30lUVq3TPLyMg%2BdYpC5OkM7eR6GGUsUxJFVH4AdmXHZz5D5%2FqsUz0SUdmF0b3b5CPhXIxBr%2BY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74cf2ec04d26713f-YUL
expires
Sat, 09 Sep 2023 03:19:56 GMT
/
services.vlitag.com/adv1/ 		528 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86976de0e51f4ff32ee5376b12d6f6a5ccde97374a8b3888a067b35da3ff9f22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
etag
W/"77f65091cdb3b479c0aaefcc99c2d163 2022-09-14T02:38:31 v1 default"
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-polished
origSize=540863
cf-ray
74cf2ec0db07ecf6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02de97651a1733bc191cb0c95c048614a209430e26f2da59a6e4c9ed5cd3d0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75708
x-xss-protection
0
expires
Mon, 19 Sep 2022 03:19:56 GMT
ntfc.php
yonhelioliskor.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/ntfc.php?p=4286329
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9368bfb774b617c9169347e63711fdb0b0186cee2fc2f277f04f27e322d96eea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 10:36:49 GMT
server
nginx
etag
W/"632451c1-38a8"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://secretm.me/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
74cf2ec0dba84bc5-YUL
loader.js
cdn.taboola.com/libtrc/quizprank-secretmme/ 		146 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/quizprank-secretmme/loader.js
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34ee669fe01b60de74c078e638dfd36355b560e09303164f204310f06350bbd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
fk.Ei9H2wqKvQ68Wi.XFrM5fYVdJr36M
content-encoding
gzip
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
6
content-length
23819
x-amz-id-2
V+vjttIyI2XJ4Pd8WcVAUvxJnaFjJzM6pW55vjQc3HARWRIDDP+/srBES7J390HlFuWZML8GIRE=
x-served-by
cache-yul12824-YUL
last-modified
Mon, 19 Sep 2022 03:19:56 UTC
server
nginx
x-timer
S1663557596.293002,VS0,VE70
etag
"5e6717e1510d762d210292a367f4a21c34450e18"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
5C3EP1BGP4M8R51D
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Mon, 19 Sep 2022 03:19:56 GMT
abp
31
x-cache-hits
0
cmbv2.js
secretm.me/detroitchicago/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2657fbf3371f8bfa6914e1a168cf4400d9ad9cc09db05880118da37df9594f3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4spkyLnrk3ZqdjwroJo4hI0jfRXfhueR4dbfn5luo5wEVVEcZyWpV0gJw7olMeYdqK00ScK3OzQ0glGHxNC4GvewPx7%2FwPcmk0kriyGC%2Fa90ojXecdDKypuw9jX5SRFa3rq7xA3glEzf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74cf2ec16ddbece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 11:32:27 GMT
x-content-type-options
nosniff
age
229649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 11:32:27 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 05:14:26 GMT
x-content-type-options
nosniff
age
597930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 05:14:26 GMT
message.php
secretm.me/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secretm.me/message.php?id=19unixnq
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-sol
orig
display
orig_site_sol
x-middleton-display
orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pagespeed
off
response
200
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87mpd6WTjr8U697VIM%2FerWYLdSBZoij4Se4zRmenqUOQ0TR%2BEWC8VBvzvUWnRKpylQAAlyTKAMdmD96YP%2F8tAhiU%2FQJGQ8aZ%2BGZs8ShcDjbfZOWtp%2B1E5%2Fxwpao57iiigh1nd3Yla6d2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
74cf2ec11d9aece6-YUL
priority
u=1,i=?0
expires
Sun, 18 Sep 2022 03:19:57 GMT
pxiEyp8kv8JHgFVrJJbecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJbecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
478b3ab728aaa25a76c8cd8bb04addde92c43d72e643d0fdc455340b44c3f074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secretm.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 17:25:00 GMT
x-content-type-options
nosniff
age
294896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39564
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 17:25:00 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147710621-5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9fd133179258be83b253439290aa025baa42da2d8fb5bf6f1dd05e99606db92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42387
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 03:19:56 GMT
collect
www.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-94XQDK4SL9&gtm=2oe9e0&_p=1870830555&cid=1058947189.1663557596&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663557596&sct=1&seg=0&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&dt=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20220918-2-RELEASE.js
cdn.taboola.com/libtrc/ 		684 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/quizprank-secretmme/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6d35e296c27aa00c2dcee1e808d82f4ede204a97ac3ef2a825d49192f2b13675

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
ukOgGmpuzb9jxqe0Vq06usTAGBt4pmUF
content-encoding
br
etag
"00afcce70089f1949f2be1c85604416d"
age
2879
x-cache
HIT
content-length
144991
x-amz-id-2
KiYH3RmJPDklC6lH1z+AutkFIaSQGnh2ZSuywrgJ6dCIY8HjfREn+4aRcIrzeK2MEjpkNAzTYfg=
x-served-by
cache-yul12824-YUL
last-modified
Sun, 18 Sep 2022 10:23:02 GMT
server
AmazonS3-br
x-timer
S1663557596.410016,VS0,VE0
date
Mon, 19 Sep 2022 03:19:56 GMT
vary
Accept-Encoding
x-amz-request-id
Q364DF584N1DET28
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
66
x-cache-hits
6083
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/quizprank-secretmme/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-36.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 06:42:11 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
74266
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
iXiTzCsRaDQXLjLgr-dxmxRyPoF22y1wACiUN0udiIFi0MPBfNQRYA==
77f65091cdb3b479c0aaefcc99c2d163.json
services.vlitag.com/cli/ 		46 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/cli/77f65091cdb3b479c0aaefcc99c2d163.json?hn=https://secretm.me
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8b1b53eb7044d960e01ceeb6c0eda7abdd478a8de9e7bc7bb17cbacf29a930

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
BYPASS
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://secretm.me
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
74cf2ec1da4b7151-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/quizprank-secretmme/trc/3/ 		23 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/quizprank-secretmme/trc/3/json?tim=03%3A19%3A56.458&lti=deflated&data=%7B%22id%22%3A797%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663522175197%2C%22vi%22%3A1663557596456%2C%22cv%22%3A%2220220918-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq%22%2C%22vpi%22%3A%22%2Fmessage.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1200%2C%22qs%22%3A%22%3Fid%3D19unixnq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a-homepage%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A471.1875%2C%22mw%22%3A932%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a-homepage%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6a58297955ed20ffb7b1b460619ecab8588898602eb997e3646431df2348a701

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
133
date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
server
nginx
x-timer
S1663557596.475524,VS0,VE133
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147710621-5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3264
date
Mon, 19 Sep 2022 02:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 04:25:32 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663557596511&ns_c=UTF-8&c7=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&c8=Send%20Secret%20Message...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663557596511&ns_c=UTF-8&c7=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&c8=Send%20Secret%20Messag...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663557596511&ns_c=UTF-8&c7=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&c8=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&c9=
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
13.224.214.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-36.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
DDRjzKjTW9FjLgTyVq1Ej09iDgzhniR8Rf4MU4CxIDwlDPCtDwrCUA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663557596511&ns_c=UTF-8&c7=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&c8=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&c9=
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
MQcdVR22WKpnMYAKuL9sEzabDOrnB3HqCaaKMdE8XmUZhZVfovFHbQ==
x-cache
Miss from cloudfront
vl.json
services.vlitag.com/vld/1663171543/ 		13 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/vld/1663171543/vl.json?page_url=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Sep 2022 17:45:22 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://secretm.me
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cf-ray
74cf2ec24ac27151-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13
77f65091cdb3b479c0aaefcc99c2d163.json
services.vlitag.com/obj/1663171543/ 		46 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/obj/1663171543/77f65091cdb3b479c0aaefcc99c2d163.json?cc=US&hn=https://secretm.me
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92c27ae503f74a3a258e5b9e611c8e69f5c0ef277b18bf79e01304b972121a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 16:05:52 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://secretm.me
cache-control
public, immutable, max-age=31536000
cf-ray
74cf2ec24ac47151-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1870830555&t=pageview&_s=1&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&ul=en-us&de=UTF-8&dt=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=288104209&gjid=24889633&cid=1058947189.1663557596&tid=UA-147710621-5&_gid=8619919.1663557597&_r=1&gtm=2ou9e0&z=661591946
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp.gif
secretm.me/detroitchicago/ 		43 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secretm.me/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Brooklyn%22%2C%22country%22%3A%22US%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A374922%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A501%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%220f4e2f52-1223-48d2-6d8d-0579ebcd6f17%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2211238%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A77213%2C%22response_time_orig%22%3A917%2C%22serverid%22%3A%2215.223.63.152%3A30875%22%2C%22state%22%3A%22NY%22%2C%22t_epoch%22%3A1663557595%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A123%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se9Cc5jjY0pYYnHX3AcMC8jfgbLc5rgFGoXKI7btdDglc6ltAo5GGaDQ6I7TDnbGvcCShDjavyPfFJfEDcjHaK49yWp1Nht%2B2x%2BN8mtnOyTkeercolXMtUIaKy46k5CsEeRcVApj%2B0hr"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
43
accept-ranges
bytes
cf-ray
74cf2ec28eaeece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=1,i=?0
expires
Sun, 18 Sep 2022 03:19:56 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 26 Sep 2022 03:19:56 GMT
cmbdv2.js
secretm.me/detroitchicago/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secretm.me/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y18-5&cmbcb=109&sj=x03x0cx18&abt=StickyMobileIntradivAds
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb2d1a841bdeff600cf741558a35c8e3e090af56e9354b446a69c4c1e3ce17a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOHk9lzJVolKJRwwIG%2BD%2BSgLWf9wcEiTr1ixuKhES4qjasVvH4h77ZP8UmOXgOAHxxhBUmAvGZYuDwP%2FzarTTvPhHOA9LWl2rq7Mp5YArQTVh7Vv6knboVe%2BWqXNfWsv917FMaV%2B7rnJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74cf2ec28eb1ece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
zone
yonhelioliskor.com/ 		709 B
992 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?pub=0&zone_id=4286329&is_mobile=false&domain=secretm.me&var=&ymid=&var_3=
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b80c5d8bfb3c92eecdd3338eea1ff651d3a49d896870556b456a7ba774fbeef9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-trace-id
8a444d358b42ce23bc6e9d1cf95cf893
date
Mon, 19 Sep 2022 03:19:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
709
universal.min.js
yonhelioliskor.com/pfe/current/ 		127 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.394
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2033d81c3af7b3d885bd3ab2b7e1b3a695bdf93361cca5b8811b1f581c3c70c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
last-modified
Fri, 16 Sep 2022 10:36:49 GMT
server
nginx
etag
W/"632451c1-1fafa"
content-type
application/javascript
access-control-allow-origin
https://secretm.me
cache-control
no-cache
access-control-allow-credentials
true
prebid-7.11.0.js
assets.vlitag.com/prebid/default/ 		526 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c8a6645bbd557b6f18a1250e649337822e02189e85bfd404320ba52b11c690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2138884
cf-polished
origSize=540102
cf-ray
74cf2ec30d86ecf6-YUL
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 22 Aug 2022 07:32:45 GMT
server
cloudflare
etag
W/"6303311d-83dc6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Thu, 25 Aug 2022 09:41:34 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288ea1d136e21f5da4b48a360f472ffae47ffab666602876dd6cf301de4c625f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27860
x-xss-protection
0
server
sffe
etag
"1338 / 383 of 1000 / last-modified: 1663366039"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 03:19:56 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90a1b56a6a1338b2615b9bdf2875b21dcbf0f5f16b03205c4452c9a2d67fc2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128594
x-xss-protection
0
expires
Mon, 19 Sep 2022 03:19:56 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2138884
cf-ray
74cf2ec30d87ecf6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Thu, 25 Aug 2022 09:41:34 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 02:40:14 GMT
via
1.1 dfbe3a6f5b354f9a5f95a5a6814ce14e.cloudfront.net (CloudFront), 1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
age
2383
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-P2, PHL50-C1
content-encoding
gzip
x-amz-cf-id
nYt6E0Kg26-Qacd-gd1BrT4zrH1quuDN3PEWiXakxxR2aSgxUutr0A==
tb
15.taboola.com/ 		39 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=quizprank-secretmme&unitType=244&tbloc=&pageType=home&pstn=Below%20Homepage%20Thumbnails&uuip=Feed%20-%20Below%20Homepage%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&encoded=1&uid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1663557596620&tagid=&cntry=CA&platform=1&sesid=35993b7c5b710f2d54ea5e50e3d07be2&itemid=/message.php?id=19unixnq&viewid=1663557596456&geolat=&geoing=&deviceifa=&appid=&sd=v2_35993b7c5b710f2d54ea5e50e3d07be2_1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c_1663557596_1663557596_CIi3jgYQkNpUGKjqiZ61MCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjepu6WpPzt-8sBcAE&ri=f93cc189ad1c946181156bffd0d8374b&appname=&cdb=&gdprApplies=false&rid=&sii=2626087937635998683&oee=true&tpubid=1387792&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=QC&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1387791&prcnt=&layer=&normp=1&gvv=8350
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1e7d6a95440cb0f19be037754ec9f1e706b2ee3d1f9101507d5d2916fa7d0e31

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
access-control-allow-origin
https://secretm.me
machineid
1178
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yul12824-YUL
pragma
no-cache
server
nginx
x-timer
S1663557597.662088,VS0,VE33
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220918-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220918-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/quizprank-secretmme/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06357f7fcb8410e4818fd5178e926b84d3c6c468d8f38b6ead99c2862ad62866

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
1yrXEzxgLc5XXQAl1Exqrw1irmJvOeam
content-encoding
gzip
etag
"08e3a56743576fc842901838455ca6c7"
age
68
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1263
x-amz-id-2
+0/EiwA9T3LWOip+DdC5vgN+BZOO7R6oRA1C8XJYbsBg4dlrhIvNVCr8ZbRSQCr0ZD26adK//9E=
x-served-by
cache-yul12824-YUL
last-modified
Sun, 18 Sep 2022 17:34:34 GMT
server
AmazonS3
x-timer
S1663557597.630292,VS0,VE0
date
Mon, 19 Sep 2022 03:19:56 GMT
vary
Accept-Encoding
x-amz-request-id
SVAP1FG5B46EPCP3
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
33
x-cache-hits
105
cta-component.20220918-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220918-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/quizprank-secretmme/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
981c7dec6bc6c8a0a4b1b3c90ede49a5da2606ba29991cea055145bca4b92002

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
2mLlzmUV6bcpEv0w_nPBGO9ldyeGkJJf
content-encoding
gzip
etag
"64792596a9eb510fa25859415bca6ae6"
age
116
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5108
x-amz-id-2
YxPB9eT/dulZgrO4z8g4p7gF+vNzljEzaUAnBtQV5y2f6PfEHG/X9NfP8ZkNZiuhBricNG0tON4=
x-served-by
cache-yul12824-YUL
last-modified
Sun, 18 Sep 2022 17:34:01 GMT
server
AmazonS3
x-timer
S1663557597.639155,VS0,VE0
date
Mon, 19 Sep 2022 03:19:56 GMT
vary
Accept-Encoding
x-amz-request-id
0W0AMS2M7C3B3PV9
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
33
x-cache-hits
132
userx.20220918-2-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220918-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/quizprank-secretmme/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00aadcee010a383a0c7cac66e12f03d71f60414e7e4830be19b5eb9bec06fadd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
JUvPKObuPs3pWh06AV7pIV7ichpTBLQz
content-encoding
gzip
etag
"0c1f1104897e4f1689128d2ef0e38da3"
age
60
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
nvRvaKwzdgMAo83OrIGwSBlFjMKrV/YwJKD5SjISZIp5BiScbVH+SRbLueqFNbZS0OZoGJji+bE=
x-served-by
cache-yul12824-YUL
last-modified
Sun, 18 Sep 2022 17:37:03 GMT
server
AmazonS3
x-timer
S1663557597.662054,VS0,VE0
date
Mon, 19 Sep 2022 03:19:56 GMT
vary
Accept-Encoding
x-amz-request-id
SVAP26B6ZEPJWT0F
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
33
x-cache-hits
24
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
118
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
mNc0QtgGEk5fjAEs86GntrS7BlEyDR/AohLDyBTk/uNsgQOkRrtnlEkJn1cYLIkWHL896HRkEbs=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1663557597.662017,VS0,VE0
date
Mon, 19 Sep 2022 03:19:56 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
3FDSYTBK3X1PQKQQ
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
33
x-cache-hits
127
d96d387ff3eb88778107729dad10f966.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d96d387ff3eb88778107729dad10f966.jpeg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0905e6a977ab0d3fdc28af41d88d73ba922c495f70bb58793cb2f34c2ce86bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 varnish, 1.1 varnish
age
4105117
edge-cache-tag
394784246865775392639787248531423339794,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
394784246865775392639787248531423339794,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
302
expiration
expiry-date="Tue, 16 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d96d387ff3eb88778107729dad10f966.jpeg
content-length
38894
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Sat, 16 Jul 2022 22:21:32 GMT
server
nginx
x-timer
S1663557597.665547,VS0,VE1
etag
"ac96979a2371ad73129ec22b61f20e56"
x-served-by
cache-iad-kiad7000033-IAD, cache-iad-kjyo7100116-IAD, cache-sna10721-LGB, cache-iad-kiad7000094-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1, 1
json
trc.taboola.com/quizprank-secretmme/trc/3/ 		31 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/quizprank-secretmme/trc/3/json?tim=03%3A19%3A56.657&route=US:US:V&tvi2=4948&lti=deflated&data=%7B%22id%22%3A351%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_35993b7c5b710f2d54ea5e50e3d07be2_1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c_1663557596_1663557596_CIi3jgYQkNpUGKjqiZ61MCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjepu6WpPzt-8sBcAE%22%2C%22ui%22%3A%221ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c%22%2C%22uifp%22%3A%221ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c%22%2C%22lbt%22%3A1663522175197%2C%22vi%22%3A1663557596456%2C%22cv%22%3A%2220220918-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq%22%2C%22vpi%22%3A%22%2Fmessage.php%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2860%2C%22qs%22%3A%22%3Fid%3D19unixnq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a-homepage%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A474.1875%2C%22mw%22%3A932%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10594394%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a-homepage%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffc88fb8731197188c817bbbfd98cad325a3bc0e9700e56702851cc10aefd48a

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
242
date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
server
nginx
x-timer
S1663557597.672165,VS0,VE242
x-served-by
cache-yul12824-YUL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
76425394d7e1f7e56330530222cb3ee3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/76425394d7e1f7e56330530222cb3ee3.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
70e5fe976cd34869b6e4ac6dd7aa347e53011372cfae89855a4d2d9dc2a8289f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 varnish, 1.1 varnish
age
1727987
edge-cache-tag
434330336898468222168000976922442918494,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
434330336898468222168000976922442918494,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
692
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/76425394d7e1f7e56330530222cb3ee3.jpg
content-length
46146
x-request-id
27e5654b06594112a5bcdcd9a495b090
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Mon, 29 Aug 2022 23:34:25 GMT
server
nginx
x-timer
S1663557597.671915,VS0,VE1
etag
"673ebada450a32f40e2e032eeced788e"
x-served-by
cache-iad-kiad7000127-IAD, cache-iad-kjyo7100055-IAD, cache-sna10732-LGB, cache-iad-kcgs7200121-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
2a4dd2bd31bc5f06af7cfa2b1251f10f.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a4dd2bd31bc5f06af7cfa2b1251f10f.jpeg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
903dd665b1ac170c3692c0e82472f8d9f1dd2a1b843c8bbfb48ffcbe072ef38b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 varnish, 1.1 varnish
age
2036689
edge-cache-tag
313472461442970676179410947767656299504,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
313472461442970676179410947767656299504,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
125
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2a4dd2bd31bc5f06af7cfa2b1251f10f.jpeg
content-length
13564
x-request-id
525ac5c2a4e58e566977371e64d921c2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 26 Aug 2022 13:35:07 GMT
server
nginx
x-timer
S1663557597.671898,VS0,VE1
etag
"51118382fc0d520e0b8e1c328e39fb35"
x-served-by
cache-iad-kcgs7200095-IAD, cache-iad-kcgs7200154-IAD, cache-lga21952-LGA, cache-iad-kjyo7100173-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
e09975be2622b0f82edfdbe7a7e061e8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e09975be2622b0f82edfdbe7a7e061e8.png
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87ce47932d480576732f33e343c747b022f23b4be2f1d04ac446a3e61709386a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 varnish, 1.1 varnish
age
1408465
edge-cache-tag
581495724944971966498324080985984160430,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
581495724944971966498324080985984160430,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
384
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e09975be2622b0f82edfdbe7a7e061e8.png
content-length
18658
x-request-id
1cf19d6bbe2c0fd46d5d3a25324cf4ac
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 24 Aug 2022 17:47:46 GMT
server
nginx
x-timer
S1663557597.671919,VS0,VE1
etag
"a6d23e6ad450149ab045508d339af919"
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100060-IAD, cache-sna10746-LGB, cache-iad-kcgs7200167-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
ad6c10bfcd347a221603b2343b6d85eb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad6c10bfcd347a221603b2343b6d85eb.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b0e38a0ecb45aa80f530219c68a051ada03d1c366987dbd370c4b9675624f79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 varnish, 1.1 varnish
age
4441643
edge-cache-tag
465856606265534918501008211895815509778,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
465856606265534918501008211895815509778,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
138
expiration
expiry-date="Fri, 19 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad6c10bfcd347a221603b2343b6d85eb.jpg
content-length
24842
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 19 Jul 2022 15:26:23 GMT
server
nginx
x-timer
S1663557597.671916,VS0,VE1
etag
"e8a8e199fa95c784875e4e6b41d86628"
x-served-by
cache-iad-kcgs7200119-IAD, cache-iad-kjyo7100117-IAD, cache-lga21972-LGA, cache-iad-kjyo7100141-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 1
en-mobile-vikings-meta-image-1200x630-facebook@1x-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//sentione.com/wp-content/uploads/2021/10/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//sentione.com/wp-content/uploads/2021/10/en-mobile-vikings-meta-image-1200x630-facebook@1x-1.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8fe0fa90b9d0e35496ead065e036f5f6c7e3c97be2f1dd1b5cefb0a39c3c17dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 varnish, 1.1 varnish
age
2547963
edge-cache-tag
616686851358791168649791234118774087878,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
616686851358791168649791234118774087878,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
5447
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//sentione.com/wp-content/uploads/2021/10/en-mobile-vikings-meta-image-1200x630-facebook@1x-1.jpg
content-length
15514
x-request-id
c8e3e2d597da394565a45662e1cacf6e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Thu, 11 Aug 2022 11:07:38 GMT
server
nginx
x-timer
S1663557597.763011,VS0,VE1
etag
"b1859c1a11ee8aba17efef6177cddaae"
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kjyo7100122-IAD, cache-sna10720-LGB, cache-iad-kjyo7100086-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.5/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 5da360f23ca6a5d9a9a5e95b0b553be0.cloudfront.net (CloudFront), 1.1 varnish
age
497671
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
30400
x-served-by
cache-yul12824-YUL
last-modified
Tue, 13 Sep 2022 09:04:05 GMT
server
AmazonS3
x-timer
S1663557597.762947,VS0,VE0
etag
"61c09a3e99bef5074941c5ea63321376"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
YUL62-C2
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
06iT85FXYVv5EZwz82s8k4JJsG24riv9D9fNTwegBwyoYjiBUnqnRw==
x-cache-hits
59950
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250825
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Sep 2023 05:39:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		63 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=secretm.me
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f211d82f1076d50be93029d00598ab0f863abd2fe93791ff997dc882e15715e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65
x-xss-protection
0
expires
Mon, 19 Sep 2022 03:19:56 GMT
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		209 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:11:31 GMT
via
1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
age
506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Sun, 28 Aug 2022 10:04:35 GMT
server
AmazonS3
etag
"2c2aa94f66b2314987910c0f30e6c098"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-amz-cf-id
vgkhwhtNH4WC8RIuQXoc1asaTLA9Qzn8h5lymwX5lkAMewCH6bYNOg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-length
6482
last-modified
Thu, 15 Sep 2022 13:35:39 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
oGiGhs4ZfjJg.LB2Yi6O9XMZXNC6Xrry
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jdGYWaMszKehRF5fJ-vMr7Q52E-Wn412J6DxKJZTiKUgbFo-iiS9FQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsecretm.me&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://secretm.me
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
bOdNgD_Gaa4xeSmXjB5BFGsam9Il8czZ7svczk5rSMnZwMQGA_QpFA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220919
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b7cbe24c113ea9ced0455d223812b0d19992b2734c98389d5faf44337684e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1138
x-jsd-version
1.0.1467
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA, cache-cdg20775-CDG
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-KAs66ongVjlHiLXckfTg9ZSlJnw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P8Rx2H2Y4EPwX1ecsltpm45JrZfi6xH8ej4WaD9yOhggpMTnY7AfApWxydP3coCUUCOQjlGnYCZLU5GWtGbURYg2J8EjtGMPD3CxCU4ETcGV%2FrtxjmeJZaLwVz0ub7ZnXAk3ZmSR8lbIr2cSdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74cf2ec5a8a57148-YUL
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://secretm.me
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 19 Sep 2022 03:19:56 GMT
localstore.js
script.4dex.io/ 		483 B
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
818309
x-amz-request-id
txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2
txaf6e2c1c2f9f41df87375-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zLFQvSnMStjrW%2BFXhgSi8vD6sqlSpRafU46qW3DvMl%2BdQVMGLq%2BOd9I7yEM%2BMlwMjydTR%2BqPZxsSWNi2YBWMKDtReLkXq53%2BfrVwGRGQzKHPgRWbBTvWW908IoHZLlMWCi9fvssopipPv6x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74cf2ec47b0dca57-YUL
prebid
mp.4dex.io/ 		1002 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f12be2ec47f2966e019036b7d89458e4ef1284bfdbff737c398f723c0c5d2ef

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
74cf2ec47b187156-YUL
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: vi_1842078065_1
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
x-err
Shapings: no adunits with size and seat and mapping
cdb
bidder.criteo.com/ 		18 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=60563847951&lsavail=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
header
hb.aralego.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A839D48B94D63CB93793E96DDEB8D&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=a66be1ad-0c66-4b07-901e-af4601a72955&u=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&host=secretm.me&xr=0&w=320&h=50
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://secretm.me
Date
Mon, 19 Sep 2022 03:19:55 GMT
Access-Control-Allow-Credentials
true
Connection
close
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secretm.me
date
Mon, 19 Sep 2022 03:19:57 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
prebid.media.net/rtb/ 		1 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
674f0c687128e92068d1e8e4a121f5c269d5f3a40a059fa6b5c282e55794c525

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pbjs
useast.quantumdex.io/auction/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secretm.me
date
Mon, 19 Sep 2022 03:19:56 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2ec4bedfecee-YUL
access-control-allow-methods
POST, GET
c
prebid.a-mo.net/a/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secretm.me
date
Mon, 19 Sep 2022 03:19:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7b33c6d519ba764f569f6f0e89002015d4e9809c4d4dd1f965f9fedf2d66ef83
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
170c3a90-01f5-4134-8570-fbf6daf25051
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://secretm.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://secretm.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.200 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
8171b04a77b7113569883159e2df5816ba92d553eafc710e28733e17f7787429

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://secretm.me
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
unruly_prebid
targeting.unrulymedia.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://secretm.me
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
ROS
pbjs.e-planning.net/hb/1/2c995/1/secretm.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/secretm.me/ROS?rnd=0.989216420431102&e=320x50_0%3A320x50%2C300x50%2C300x31&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=F...
  • https://pbjs.e-planning.net/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=320x50_0%3A320x50%2C300x50%2C300x31&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&...
480 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=320x50_0%3A320x50%2C300x50%2C300x31&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
da4f9297effcc6218310e35ffc9a7c4e22cd4335ffb466c7b804a6790f2682fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://secretm.me
expires
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
480
x-sid
IAD-1220

Redirect headers

date
Mon, 19 Sep 2022 03:19:56 GMT
server
openresty
access-control-allow-origin
https://secretm.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=320x50_0%3A320x50%2C300x50%2C300x31&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1220
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		156 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pid=eIRVFAF3FnH50&cb=0&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1842078065_1%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C15745%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
b5d41bd3f02761e9da0a9b4c1b84703adf33121a3a1a3df7feffbcc02b726e2d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
FX2JW4DZWWCJ2BJZ2EKP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
156
x-amz-cf-id
KtLJwFg285UWWE4m5z7cOt3etBYtAApiyonDdbVGfiX_jW5eA1teNw==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRmNKMAUZRzdNtyYTTYqy-ywtw-PTwr-atqe-eKYUMaaatKtARlmNBYAbZARdzNwqfftkRqxeNco_TMPYAKMAUZ_TRwkjNARkjmNBYAbZA,BAAbZA,BAAbBTRwlNqrquog,ekoztg,ekoztg,xeyxffts,kzwigxlt,dtroqftz,jxqfzxdrtb,qdb,qhhftbxl,gftzqu,ldqkzqrltkctk,xfkxsn,thsqffofuRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxihqdlrzsfUDpr8HkQtIL9uja55TbpYEyMwZQgfwhx9CFce5lQkWVk3EBILn3ufZWPaaUyfLhlIHI5O4RFV3rxwP2noX0DU88JAVX20DeiuKXG4hFmh1fEFzAaX17M4HK%2BsZdfWPglVl8w54MwkKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec4bad2ecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNBqUYeZtZ-yAAU-PYAr-wyBe-aAMYKtBYaUAwRdzNwqfftkRlmNBYAbZARwlNqdqmgfRkjmNBYAbZA,BAAbZARrdzNqdqmgfRwkjNTRmNKMAUZRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JT%2BNgiNvbK2tNVpON6kBLpMkWE%2BpzzR1F9FFnVpm28nr%2Bmj1dZoXRlJIZoGmLVxBtOW9IwBwQidmeTfFBSFKL0iOxK43M6T%2BKweoKcikrIEKjoTft2QcMyMeCAKswMaUH5DgSbbuwmXS7xs%2BZI%2BnFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec4bad6ecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://secretm.me
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 19 Sep 2022 03:19:56 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://secretm.me
access-control-max-age
600
age
0
content-length
0
date
Mon, 19 Sep 2022 03:19:56 GMT
server
ATS/9.1.10.25
header
hb.aralego.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-47BD4263A42973440E732448D23228D6&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=a66be1ad-0c66-4b07-901e-af4601a72955&u=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&host=secretm.me&xr=0&w=970&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://secretm.me
Date
Mon, 19 Sep 2022 03:19:55 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-AA7DB8264B63742B184D996D39988BB4&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=a66be1ad-0c66-4b07-901e-af4601a72955&u=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&host=secretm.me&xr=0&w=728&h=90
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://secretm.me
Date
Mon, 19 Sep 2022 03:19:57 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://secretm.me
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=34566707413&lsavail=0
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
useast.quantumdex.io/auction/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secretm.me
date
Mon, 19 Sep 2022 03:19:57 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2ec4bee0ecee-YUL
access-control-allow-methods
POST, GET
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secretm.me
date
Mon, 19 Sep 2022 03:19:57 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
unruly_prebid
targeting.unrulymedia.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://secretm.me
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://secretm.me
date
Mon, 19 Sep 2022 03:19:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2LD671
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
da30f668be357ae5bebf02dc4e7ce364d7c57dc828c96fff73cabdcd1e2545a7

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
mp.4dex.io/ 		1002 B
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d558dbb609dd1e46eb1678c093569becd93668ba990b377bfc41c0e88e3d054c

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
74cf2ec48b2a7156-YUL
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Shapings: no adunits with size and seat and mapping
ROS
pbjs.e-planning.net/hb/1/2c995/1/secretm.me/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/secretm.me/ROS?rnd=0.989216420431102&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs...
  • https://pbjs.e-planning.net/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11....
497 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
aa37929a7aa581cda81da9022843b9e983e12f7c0bf03619f1a063c47cfa5775

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://secretm.me
expires
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
497
x-sid
IAD-1220

Redirect headers

date
Mon, 19 Sep 2022 03:19:56 GMT
server
openresty
access-control-allow-origin
https://secretm.me
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/secretm.me/ROS?ct=1&r=pbjs&rnd=0.989216420431102&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pbv=7.11.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522secretm.me%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522aexretn_ne210035575.0099%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=a66be1ad-0c66-4b07-901e-af4601a72955
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1220
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6d066906448187c48d0f44e256f349cda0056beb89a4c878f89be37805526134

Request headers

Referer
https://secretm.me/
x-openrtb-version
2.5
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
content-length
66
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		156 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&pid=eIRVFAF3FnH50&cb=1&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1842078231_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_1842078231_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C15745%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
1e73f39730b7c5f68e73e19d9d9e0a88ab30dcc33a606d7ed25ae22dc4bd5645
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
98HYXQ85JS4KWK34EQ60
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
156
x-amz-cf-id
XNJWzXLZZS7TnB3ltkNMLgKhWsnb_FuNqp28D_AtbeBtM4-2FALdBA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRmNKMYBTRzdNaTtMBYMw-ZUPP-PeeK-Mrew-UMKTyUKyryBYRlmNaKAbaARdzNwqfftkRqxeNco_TMPYAKMYBT_KRwkjNARkjmNaKAbaARwlNxeyxffts,gftzqu,jxqfzxdrtb,kzwigxlt,xfkxsn,qdb,dtroqftz,qrquog,thsqffofuRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aqc3ES724HJs0rJp15peH7Sr%2Fj3Fg0KHAKhtLMTNfDnx1YKcmuE5Bp5tasbc6IzSjSucAFhZOzC1G6IrGc2MWCuXXigashtbZzyKcCg%2FrrRUjj%2BUms1rv3CpZ1z6l1%2FPwvIauTZQh79Q66njSiJtpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec4badcecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRmNKMYBTRzdNtKBUZKyy-rrUA-PZMP-MAKw-eqeKryMAwqZaRlmNKYMbaARdzNwqfftkRqxeNco_TMPYAKMYBT_MRwkjNARkjmNKYMbaARwlNxeyxffts,gftzqu,ekoztg,jxqfzxdrtb,kzwigxlt,xfkxsn,qdb,dtroqftz,qrquog,thsqffofu,nqiggllhRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=546%2FOK9XDdjjdS8sIF%2FZE1%2BE%2FUILo25vHeum%2FP%2BRGUW24VDh6T4iOWE2dJTtYTvbYcNongPksaqono5m4oI9tFBbdItQk14%2F%2BK7aLtKUtLPF3PbyeocRr7otE34JSJ3tDYUT1uDs7RvFLcakYXFzMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec4badeecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNPaUyUBea-wwUr-PPKZ-aZBM-ewryqMewyZwrRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNTRmNKMYBTRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrtP2YHDuYf7I33VFlzBgeI46R381URbvQkcBqug7BxybLUFgNCO6bMErReBRnm2K6kvPGrZDjZBAGu%2F9zq4dGm7uA2zI2yudt%2FGcXbapHlNtd%2Fqr3SNfvGgkDlyBu%2FnH54fobuCv%2BfaeDwsNmVVjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec4bad8ecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNBarMAYaA-eqta-PKPP-MtTw-PaTPMtMATPAaRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNTRmNKMYBTRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:56 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etVpIYGuVAeZRu7R4Gvnx6iYQjJkSZZrMQ6b8wHPev9njzJaNVWcCaYio47e4rTv1gfT0AFNZ%2FCjRUqtV9W0k8sZ0%2B7CeQ7PkQcY0tr1TPDeSYuJBaOe%2BNe8DtHKPSC%2Boz061gFULyidCH10u0A2NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec4badaecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2138883
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
x-robots-tag
noindex, nofollow
vary
Accept-Encoding
content-type
image/jpeg
expires
Thu, 25 Aug 2022 09:41:35 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
74cf2ec6baa7ecf6-YUL
cf-bgj
imgq:85,h2pri
videoplayback
r8---sn-quxapm-3c2s.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1663570954&ei=qr8nY4HoE-qBsfIP7MCn8AY&ip=184.164.141.146&id=o-AF9BsN6p8CV3y1WKBB3U6-40aVFKLe3d_Bu48YsNbzG8&itag=134&aitags=133%2C134%2C135%2C...
  • https://r8---sn-quxapm-3c2s.googlevideo.com/videoplayback?expire=1663570954&ei=qr8nY4HoE-qBsfIP7MCn8AY&ip=184.164.141.146&id=o-AF9BsN6p8CV3y1WKBB3U6-40aVFKLe3d_Bu48YsNbzG8&itag=134&aitags=133%2C134...
128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r8---sn-quxapm-3c2s.googlevideo.com/videoplayback?expire=1663570954&ei=qr8nY4HoE-qBsfIP7MCn8AY&ip=184.164.141.146&id=o-AF9BsN6p8CV3y1WKBB3U6-40aVFKLe3d_Bu48YsNbzG8&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=H6Yx7uCJee61uooFhvTVqTkI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=kE4kLLnLx4cSSu80&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgaLxfA18spFIr87yXzcwQ2LKlYBOgMihGl5EpsLO4njECIQCeeqR3R82aRZgznSWdXjRrk2d3fX3Tplyz_sHSsLnSlg%3D%3D&cms_redirect=yes&mh=3a&mip=2607:5300:60:7867::15&mm=31&mn=sn-quxapm-3c2s&ms=au&mt=1663557180&mv=m&mvi=8&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOoQMsiQ7NYmotecDpyYBNyIiuoatypxyw50lo1gzM7ACIQD_RJ4_b98fAxQuzPQRk7gpGI0i7OvcNuPyzvfevpYIHg%3D%3D
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Server
2a0f:f4c1:2::1b , Ukraine, ASN36040 (YOUTUBE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
x-restrict-formats-hint
None
last-modified
Mon, 21 Sep 2020 08:51:28 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-10427992/10427993
client-protocol
quic
cache-control
private, max-age=13057
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
10427993
x-content-type-options
nosniff
expires
Mon, 19 Sep 2022 03:19:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r8---sn-quxapm-3c2s.googlevideo.com/videoplayback?expire=1663570954&ei=qr8nY4HoE-qBsfIP7MCn8AY&ip=184.164.141.146&id=o-AF9BsN6p8CV3y1WKBB3U6-40aVFKLe3d_Bu48YsNbzG8&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=H6Yx7uCJee61uooFhvTVqTkI&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&rbqsm=fr&n=kE4kLLnLx4cSSu80&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgaLxfA18spFIr87yXzcwQ2LKlYBOgMihGl5EpsLO4njECIQCeeqR3R82aRZgznSWdXjRrk2d3fX3Tplyz_sHSsLnSlg%3D%3D&cms_redirect=yes&mh=3a&mip=2607:5300:60:7867::15&mm=31&mn=sn-quxapm-3c2s&ms=au&mt=1663557180&mv=m&mvi=8&pl=32&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOoQMsiQ7NYmotecDpyYBNyIiuoatypxyw50lo1gzM7ACIQD_RJ4_b98fAxQuzPQRk7gpGI0i7OvcNuPyzvfevpYIHg%3D%3D
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abtests
us-trc-events.taboola.com/quizprank-secretmme/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/quizprank-secretmme/log/3/abtests?route=US:US:V&tvi2=4948&lti=deflated&ri=02393dc92a9240cb40749f9d64cdec5d&sd=v2_35993b7c5b710f2d54ea5e50e3d07be2_1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c_1663557596_1663557596_CIi3jgYQkNpUGKjqiZ61MCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjepu6WpPzt-8sBcAE&ui=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&pi=/message.php%3Fid%3D19unixnq&wi=2626087937635998683&pt=home&vi=1663557596456&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1663557597028%7D&tim=03%3A19%3A57.028&id=7397&llvl=2&cv=20220918-2-RELEASE&
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
a363b297952d309cba65846230aae584.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a363b297952d309cba65846230aae584.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a551ae12bd3309f296829943826085ecb3e83ad9eca678fbea35a3ec75f49a16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
5716460
edge-cache-tag
343083108715712225616141970315789332637,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
343083108715712225616141970315789332637,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
236
expiration
expiry-date="Thu, 21 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a363b297952d309cba65846230aae584.jpg
content-length
24720
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 20 Jun 2022 00:34:41 GMT
server
nginx
x-timer
S1663557597.045646,VS0,VE0
etag
"b988e0574e896a8c73037467c506c053"
x-served-by
cache-iad-kiad7000145-IAD, cache-iad-kjyo7100069-IAD, cache-lga21952-LGA, cache-iad-kjyo7100093-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 467
eb596d606cba4bc2beadd560cf090a17.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb596d606cba4bc2beadd560cf090a17.jpeg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bae087734103d8fda020e7401dda2ae6a8c39fa385fa2af5878919e854ae192e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
1702876
edge-cache-tag
477991612361669069884538313299540037137,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
477991612361669069884538313299540037137,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
111
expiration
expiry-date="Wed, 21 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb596d606cba4bc2beadd560cf090a17.jpeg
content-length
9740
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 21 Aug 2022 23:44:08 GMT
server
nginx
x-timer
S1663557597.046135,VS0,VE2
etag
"729a943132de083c7d021299e921bc59"
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kcgs7200071-IAD, cache-chi-kigq8000069-CHI, cache-iad-kcgs7200029-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
69fbae8c3123f2c1ccfd23b6762ad49c.jpg
images.taboola.com/taboola/image/fetch/h_312,w_560,c_fill,g_xy_center,x_1397,y_1030/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_312,w_560,c_fill,g_xy_center,x_1397,y_1030/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69fbae8c3123f2c1ccfd23b6762ad49c.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1e8e5af94bb54ba3a8cf32cb250b789b6ecbec8fbe36fb02b968e8ef1211122

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
4113493
edge-cache-tag
328926036963737023272052706394568733421,627620495086229487869693830775089513568,29ecf9b93bbf306179626feeda1fab70
cache-tag
328926036963737023272052706394568733421,627620495086229487869693830775089513568,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
155
expiration
expiry-date="Thu, 25 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_312,w_560,c_fill,g_xy_center,x_1397,y_1030/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69fbae8c3123f2c1ccfd23b6762ad49c.jpg
content-length
35598
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 25 Jul 2022 01:26:28 GMT
server
nginx
x-timer
S1663557597.046363,VS0,VE2
etag
"b3bbc89655f4693f05362c994de59fa7"
x-served-by
cache-iad-kcgs7200131-IAD, cache-iad-kcgs7200052-IAD, cache-lga21928-LGA, cache-iad-kcgs7200032-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
6314e1719d52127ea61215cb9e9c4905.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6314e1719d52127ea61215cb9e9c4905.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a2a07c6fe16726123cdcd94946208233dd0a09beed285e4a7bbc3a0f9b9b248

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
28
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
2982963
edge-cache-tag
341606020651299092162406289750868512532,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
341606020651299092162406289750868512532,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
242
expiration
expiry-date="Wed, 17 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6314e1719d52127ea61215cb9e9c4905.jpg
content-length
34036
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Sun, 17 Jul 2022 05:33:40 GMT
server
nginx
x-timer
S1663557597.046347,VS0,VE28
etag
"a42583c2d16491a137de2bfed17f0f87"
x-served-by
cache-iad-kiad7000146-IAD, cache-iad-kiad7000106-IAD, cache-sna10732-LGB, cache-iad-kiad7000059-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
83e28c0435b0ba16862abcef2a8b22a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83e28c0435b0ba16862abcef2a8b22a9.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bbfc9dd31913af769c7313d94acc15abe7f3541038b6b93b6c60e4e4e36152dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
2249363
edge-cache-tag
547413199737796974631230609168487716856,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
547413199737796974631230609168487716856,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
3632
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83e28c0435b0ba16862abcef2a8b22a9.jpg
content-length
54430
x-request-id
4aa4bd094cc789833a508ba54e6a482b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Wed, 24 Aug 2022 02:07:01 GMT
server
nginx
x-timer
S1663557597.073342,VS0,VE18
etag
"d8d5c586239c7e1b1ac42c4be85cd8e1"
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kcgs7200035-IAD, cache-sna10748-LGB, cache-iad-kcgs7200042-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
76a08576761c8d375ad79f939b617285.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/76a08576761c8d375ad79f939b617285.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26083f4f074f0fd841a9e0041d6b4ee2db787d9b8f5b79feb0b57ecd321ebc39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
6084896
edge-cache-tag
306042019063587651113626673809407605223,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag
306042019063587651113626673809407605223,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
280
x-cache
HIT, HIT, MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/76a08576761c8d375ad79f939b617285.jpg
content-length
28868
x-request-id
df9a9c1e24dcf2622fd7a33423584ab5
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Fri, 17 Jun 2022 01:48:02 GMT
server
nginx
x-timer
S1663557597.073320,VS0,VE1
etag
"50f9920347d914718c223b89498a0efa"
x-served-by
cache-iad-kiad7000124-IAD, cache-iad-kiad7000063-IAD, cache-sna10726-LGB, cache-iad-kiad7000063-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 0, 1
cef5e212c5a570b3731fabb6c896a2fa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cef5e212c5a570b3731fabb6c896a2fa.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9ed05b07a8308ae64b9450d7da503c9db6ac6e993ae8c5f4b714386a74c4755

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
4046297
edge-cache-tag
611448580655469711807133823822687863789,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
611448580655469711807133823822687863789,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
339
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_560%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cef5e212c5a570b3731fabb6c896a2fa.jpg
content-length
21372
x-request-id
4fccc138e140769b3276de38760aad6d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 03 Aug 2022 07:21:39 GMT
server
nginx
x-timer
S1663557597.073324,VS0,VE1
etag
"ab4884c5a8a258fcd68f9dcc863bcc86"
x-served-by
cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200113-IAD, cache-lga21937-LGA, cache-iad-kiad7000050-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
57cb899a13346de5ee5e31704d7c5c9b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57cb899a13346de5ee5e31704d7c5c9b.png
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a910f1c34c1513f27488f4514d77047af0f25c0bf419e847e22ae15d7394e8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
467950
edge-cache-tag
418406418712718192758803133002821677179,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
cache-tag
418406418712718192758803133002821677179,383740250637731116519637151108708463160,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
942
x-cache
MISS, MISS, MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/57cb899a13346de5ee5e31704d7c5c9b.png
content-length
32634
x-request-id
e361ae1149b64c95b6bb87270ef71549
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Tue, 13 Sep 2022 14:41:54 GMT
server
nginx
x-timer
S1663557597.073741,VS0,VE1
etag
"ad044373c468607830be44e42bcf7fd1"
x-served-by
cache-iad-kcgs7200138-IAD, cache-iad-kjyo7100142-IAD, cache-bur-kbur8200069-BUR, cache-iad-kcgs7200143-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
181db8b533858a02c0e450811ae9a04d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/181db8b533858a02c0e450811ae9a04d.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8babdf4d1dfec40b71c8d2a972d1e6babf74b93863d6436d2cd86f5f7885c4c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
2132652
edge-cache-tag
403838962043368918837425420861878931944,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
cache-tag
403838962043368918837425420861878931944,392999036588466953423818532686938051171,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
688
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_312%2Cw_560%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/181db8b533858a02c0e450811ae9a04d.jpg
content-length
26836
x-request-id
10a54f3c34159822f9ef27033772b682
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Thu, 11 Aug 2022 02:04:59 GMT
server
nginx
x-timer
S1663557597.073727,VS0,VE1
etag
"83d3a31d2841964f03407b36cd344912"
x-served-by
cache-iad-kiad7000160-IAD, cache-iad-kjyo7100076-IAD, cache-bur-kbur8200178-BUR, cache-iad-kiad7000086-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 631
04747c031fdf35f03ce0d4f7d9d2e3a4.jpg
images.taboola.com/taboola/image/fetch/h_560,w_1120,c_fill,g_xy_center,x_480,y_308/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_560,w_1120,c_fill,g_xy_center,x_480,y_308/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04747c031fdf35f03ce0d4f7d9d2e3a4.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3832cc246a016bdd60ea37ca1dc41f38d0ec86e3afcf4701ef03797c2687c79e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
1773438
edge-cache-tag
303366984910549942642774978635689782867,397153142875052184002637044568445389616,29ecf9b93bbf306179626feeda1fab70
cache-tag
303366984910549942642774978635689782867,397153142875052184002637044568445389616,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
439
expiration
expiry-date="Thu, 01 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/h_560,w_1120,c_fill,g_xy_center,x_480,y_308/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04747c031fdf35f03ce0d4f7d9d2e3a4.jpg
content-length
104194
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Mon, 01 Aug 2022 19:53:07 GMT
server
nginx
x-timer
S1663557597.089827,VS0,VE1
etag
"4d74a8a1a02f8f1ce0f31783dc1f5076"
x-served-by
cache-iad-kcgs7200047-IAD, cache-iad-kcgs7200164-IAD, cache-sna10722-LGB, cache-iad-kcgs7200044-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
77361d4ec1c3d93c8a443975ee8b3891.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/77361d4ec1c3d93c8a443975ee8b3891.jpg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
43aa06e58fa0fbaab423ce5148650f27638ea0aac82553d3ee7eec999cb20f99

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
3861187
edge-cache-tag
474048968654403868908627359480789751126,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
474048968654403868908627359480789751126,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
387
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/77361d4ec1c3d93c8a443975ee8b3891.jpg
content-length
72778
x-request-id
09fcf7a023b9a4b7e312f5012936200b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 05 Aug 2022 08:30:06 GMT
server
nginx
x-timer
S1663557597.089988,VS0,VE1
etag
"18382dd511fd1295641868f38a981c5d"
x-served-by
cache-iad-kjyo7100160-IAD, cache-iad-kcgs7200159-IAD, cache-lga21972-LGA, cache-iad-kiad7000156-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 141
9bae3822fe0d3857a8a5c44cf355d032.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bae3822fe0d3857a8a5c44cf355d032.png
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
97ac7838d72baaab28b8dc2d98f418738470c34bcfe9aeb5ce59de3472abe4a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
2633446
edge-cache-tag
574335405976450037110052430316316441453,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
574335405976450037110052430316316441453,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
289
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bae3822fe0d3857a8a5c44cf355d032.png
content-length
17084
x-request-id
a4be468473bb0d17e290ab538079d270
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 19 Aug 2022 13:35:21 GMT
server
nginx
x-timer
S1663557597.089987,VS0,VE1
etag
"d82a331d2429af6305a150dd752e7bad"
x-served-by
cache-iad-kjyo7100129-IAD, cache-iad-kcgs7200072-IAD, cache-lga21955-LGA, cache-iad-kcgs7200058-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
63c6f132cb18abfe59befde08d542775.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/63c6f132cb18abfe59befde08d542775.jpeg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cca01367784cb4233823f7ed0728e7f6ee88a2f62176307e195183523a9cb927

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
7340728
edge-cache-tag
331659237126685769329874384466274202753,301711686366035017583999046044481626678,29ecf9b93bbf306179626feeda1fab70
cache-tag
331659237126685769329874384466274202753,301711686366035017583999046044481626678,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
150
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/63c6f132cb18abfe59befde08d542775.jpeg
content-length
66838
x-request-id
913bbcf7e2cedbd87be404b89d125f0c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 08 Jun 2022 21:51:33 GMT
server
nginx
x-timer
S1663557597.099602,VS0,VE0
etag
"2bf6127cc3b8cc46d980ca3c777ccf47"
x-served-by
cache-iad-kcgs7200152-IAD, cache-iad-kiad7000032-IAD, cache-chi-kigq8000068-CHI, cache-iad-kjyo7100143-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 169
2c0e3e1ea1439f7527bb9baa877db1e6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c0e3e1ea1439f7527bb9baa877db1e6.jpeg
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e46ac08c36c12473bfc148ab3fd280b05a6beb523db2408f989aa78a1b4b6a51

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
32
date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 varnish, 1.1 varnish
age
4086633
edge-cache-tag
500348670814963636455850811446370989211,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
500348670814963636455850811446370989211,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
428
expiration
expiry-date="Sun, 28 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_623%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2c0e3e1ea1439f7527bb9baa877db1e6.jpeg
content-length
143272
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 28 Jul 2022 20:56:39 GMT
server
nginx
x-timer
S1663557597.099597,VS0,VE32
etag
"92feb9a4582341373800b07244d3ac6d"
x-served-by
cache-iad-kiad7000115-IAD, cache-iad-kcgs7200115-IAD, cache-lga21925-LGA, cache-iad-kcgs7200153-IAD, cache-yul12824-YUL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
pixel
pxl.qccerttest.com/ 		35 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=468621289;fpan=1;fpa=P0-6039520-1663557597054;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=secretm.me;dst=0;et=1663557597054;tzo=0;url=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq;ogl=title.Send%20a%20secret%20message%20to%20me%20%F0%9F%91%80%2Csite_name.%F0%9F%94%92%20Secret%20Messages%202022%20%F0%9F%98%8D%20%7C%7C%20SecretM%252EMe%2Curl.https%3A%2F%2Fsecretm%252Eme%2Fmessage%2F19unixnq%2Cdescription.I%20will%20never%20know%20who%20messaged%20me!%2Ctype.website%2Cimage.https%3A%2F%2Fsecretm%252Eme%2Fsrc%2Fimg%2Flogo%252Epng
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:1e00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 06:12:54 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
76024
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-amz-cf-id
f-6OoAn4px2nFyQuL2saikab_O3yMaJ-EORHn69Uf2B3wDBARKiObQ==
pixel;r=2034128836;labels=Domain.secretm_me%2CDomainId.374922;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq;uht=2;fpan=0;fpa=P0-6039520-1663557597054;pbc=;ns=0;c...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2034128836;labels=Domain.secretm_me%2CDomainId.374922;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq;uht=2;fpan=0;fpa=P0-6039520-1663557597054;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=secretm.me;dst=0;et=1663557597057;tzo=0;ogl=title.Send%20a%20secret%20message%20to%20me%20%F0%9F%91%80%2Csite_name.%F0%9F%94%92%20Secret%20Messages%202022%20%F0%9F%98%8D%20%7C%7C%20SecretM%252EMe%2Curl.https%3A%2F%2Fsecretm%252Eme%2Fmessage%2F19unixnq%2Cdescription.I%20will%20never%20know%20who%20messaged%20me!%2Ctype.website%2Cimage.https%3A%2F%2Fsecretm%252Eme%2Fsrc%2Fimg%2Flogo%252Epng;ses=8fbb43ae-a526-418e-9450-1b993da86e60
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
st
imprnjmp.taboola.com/ Frame 0EC8 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66515585&crid=6351725&dast=V7xWQCFgMy6RZa7nDMiAQy6RZa7nDMiAUAAAAGBvQHJDkxGWe2iWctXFh8a9Fu4VpLPJ6NW7Ry2Rwjx3BkcViGQFLO4WTjmKzcwplntRatPIO1xGNZuGUjk8k5WniMo8lmCiDGcpkMaoGEZfb7DkK-22V4-FwGUdH1ttgdTrPnDSpoOh0-171e8_JYXqa3Xe3yq12ez8PnsguOhv_S5F4sV3en8e64AwAAAMADANh6G8QPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoCCYYAGgMmGQHTIgdB-u-nycpj9AQDw8AACACCAQQJwYPtWAtBC2X4CAAAAAAAAAMDy____HzNgLx8oM9Df8doD8OAD8EBEoFnECAAAAKASJ1P2aFInVBZVAAAE6VYAVwAAAYNTwnYFYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcgGACBNeBLFXu0XEABg7RcQAIBt3AAA3gLggi4AVhcQswMAAAC4-____9cDmdVyuZn4Nq6JbzGYWUau0crhWrkGK8_IsJu4LNvbxbsZ1w8eG-0TEZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADFYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEiZXNMLM5XG7VxGJaiyYrx1picTncIuPKtNzNPA6LZeMWvT6mh2UxW602XhQMaNmL4CKdKF5P6-HysHvdmpfH8jK93S6LWKI5WaQT2WXfWS2Xm4lv45r4FoOZZeQarRyulWuw8owMu4nLsm-sbIaZzeFyqyYW01o0WTnWEovL4RYZV6blbuZxWCwbt-j1MT0si9lqtfE3ZrPNarVbLWf7xmy2Wa12q-Vs32EyPVOfs9G1E149LtXxtNYWaw6DwmWweFeq00pbkBy02avI6dLMlEWdUfn8jrwGhefgUV2G121XOFRPb-HmwnGwKGKJ4HSRToR-t8silkieFulE5txsPI7hcmFybJyj2WK4WKxmE5vNZBgZN7vRxCKWKE0X6USvdnk-D5_LLjga_kuTe7Fc3Z3Gu-Oi_qNDjJZz1WyuWG3mit1wlQAAAAAAAAAAljBl3gQAAADgNKjBarRaLRegogVCF9gEAAAAAABglySuF-J5d2u7uPHjiXg9rYfLw-51a14ey8v0drusDFDR8sC82TNBrNVqWQMAAAhgAwAABHDr5i0QHZLbB8oCAAAAAADgJ8DNajA!&cmcv=&pix=undefined&cb=1663557597090&uv=3226&tms=1663557597090&abt=inc_all_video_vA!nrlc_vB!spa2_vA!t45!tvrReverse1_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=9bd8f6b3-8ab7-47a5-bc3c-4eef1d18dba2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
617a761876a4dbf3af1db9113e05d117f8fb46f4bb6e840ae91f571c850148ef

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 03:19:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1663557597.103360,VS0,VE21
sync
us-match.taboola.com/ Frame 5308 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V7xWQCFgMy6RZa7nDMiAQy6RZa7nDMiAUAAAAGBvQHJDkxGWe2iWctXFh8a9Fu4VpLPJ6NW7Ry2Rwjx3BkcViGQFLO4WTjmKzcwplntRatPIO1xGNZuGUjk8k5WniMo8lmCiDGcpkMaoGEZfb7DkK-22V4-FwGUdH1ttgdTrPnDSpoOh0-171e8_JYXqa3Xe3yq12ez8PnsguOhv_S5F4sV3en8e64AwAAAMADANh6G8QPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoCCYYAGgMmGQHTIgdB-u-nycpj9AQDw8AACACCAQQJwYPtWAtBC2X4CAAAAAAAAAMDy____HzNgLx8oM9Df8doD8OAD8EBEoFnECAAAAKASJ1P2aFInVBZVAAAE6VYAVwAAAYNTwnYFYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcgGACBNeBLFXu0XEABg7RcQAIBt3AAA3gLggi4AVhcQswMAAAC4-____9cDmdVyuZn4Nq6JbzGYWUau0crhWrkGK8_IsJu4LNvbxbsZ1w8eG-0TEZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADFYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEiZXNMLM5XG7VxGJaiyYrx1picTncIuPKtNzNPA6LZeMWvT6mh2UxW602XhQMaNmL4CKdKF5P6-HysHvdmpfH8jK93S6LWKI5WaQT2WXfWS2Xm4lv45r4FoOZZeQarRyulWuw8owMu4nLsm-sbIaZzeFyqyYW01o0WTnWEovL4RYZV6blbuZxWCwbt-j1MT0si9lqtfE3ZrPNarVbLWf7xmy2Wa12q-Vs32EyPVOfs9G1E149LtXxtNYWaw6DwmWweFeq00pbkBy02avI6dLMlEWdUfn8jrwGhefgUV2G121XOFRPb-HmwnGwKGKJ4HSRToR-t8silkieFulE5txsPI7hcmFybJyj2WK4WKxmE5vNZBgZN7vRxCKWKE0X6USvdnk-D5_LLjga_kuTe7Fc3Z3Gu-Oi_qNDjJZz1WyuWG3mit1wlQAAAAAAAAAAljBl3gQAAADgNKjBarRaLRegogVCF9gEAAAAAABglySuF-J5d2u7uPHjiXg9rYfLw-51a14ey8v0drusDFDR8sC82TNBrNVqWQMAAAhgAwAABHDr5i0QHZLbB8oCAAAAAADgJ8DNajA!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6179ab8a0a6f07773ec5abe5b18cc727cf32f0f9a93961646bf4e44c319f378e

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 19 Sep 2022 03:19:57 GMT
machineid
3106
server
nginx
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66515585&crid=6351725&dast=V7xWQCFgMy6RZa7nDMiAQy6RZa7nDMiAUAAAAGBvQHJDkxGWe2iWctXFh8a9Fu4VpLPJ6NW7Ry2Rwjx3BkcViGQFLO4WTjmKzcwplntRatPIO1xGNZuGUjk8k5WniMo8lmCiDGcpkMaoGEZfb7DkK-22V4-FwGUdH1ttgdTrPnDSpoOh0-171e8_JYXqa3Xe3yq12ez8PnsguOhv_S5F4sV3en8e64AwAAAMADANh6G8QPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoCCYYAGgMmGQHTIgdB-u-nycpj9AQDw8AACACCAQQJwYPtWAtBC2X4CAAAAAAAAAMDy____HzNgLx8oM9Df8doD8OAD8EBEoFnECAAAAKASJ1P2aFInVBZVAAAE6VYAVwAAAYNTwnYFYQAAAAFjC_Sw-P1mh13jd7sMAAAAAAAAAMDs_-wfTcgGACBNeBLFXu0XEABg7RcQAIBt3AAA3gLggi4AVhcQswMAAAC4-____9cDmdVyuZn4Nq6JbzGYWUau0crhWrkGK8_IsJu4LNvbxbsZ1w8eG-0TEZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02t9ADFYDnIjBcjmZLCa71Wg12gx3o9lggQIxmCBFiwaT1Wg0WUyGq9FkNVsudrsNUrRqNRttBsPVbDLb7VbDwXA5GuGELUaryWSzHM6Wi8lgOBqORkOEiZXNMLM5XG7VxGJaiyYrx1picTncIuPKtNzNPA6LZeMWvT6mh2UxW602XhQMaNmL4CKdKF5P6-HysHvdmpfH8jK93S6LWKI5WaQT2WXfWS2Xm4lv45r4FoOZZeQarRyulWuw8owMu4nLsm-sbIaZzeFyqyYW01o0WTnWEovL4RYZV6blbuZxWCwbt-j1MT0si9lqtfE3ZrPNarVbLWf7xmy2Wa12q-Vs32EyPVOfs9G1E149LtXxtNYWaw6DwmWweFeq00pbkBy02avI6dLMlEWdUfn8jrwGhefgUV2G121XOFRPb-HmwnGwKGKJ4HSRToR-t8silkieFulE5txsPI7hcmFybJyj2WK4WKxmE5vNZBgZN7vRxCKWKE0X6USvdnk-D5_LLjga_kuTe7Fc3Z3Gu-Oi_qNDjJZz1WyuWG3mit1wlQAAAAAAAAAAljBl3gQAAADgNKjBarRaLRegogVCF9gEAAAAAABglySuF-J5d2u7uPHjiXg9rYfLw-51a14ey8v0drusDFDR8sC82TNBrNVqWQMAAAhgAwAABHDr5i0QHZLbB8oCAAAAAADgJ8DNajA!&cmcv=&pix=31589837&cb=1663557597090&uv=3226&tms=1663557597090&abt=inc_all_video_vA!nrlc_vB!spa2_vA!t45!tvrReverse1_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1663557595070.3!ts:1663557597090&mntl=1
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-length
0
server
nginx
xrulqdpwwplgylkvkpbm.mp4
cdn.taboola.com/libtrc/static/video/v1662762353/ 		429 KB
429 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1662762353/xrulqdpwwplgylkvkpbm.mp4
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0be054c80fff473b66c193ce10c724802ccb19f5fe064a49390134bbacc684fa

Request headers

Referer
https://secretm.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
EQDiDtciLZm_P73it4d8Wa5tOPbEVk6H
via
1.1 varnish
etag
"c479947d71da72b87f21e060db9ae457"
age
7
x-cache
HIT
Content-Range
bytes 0-438876/438877
x-amz-replication-status
COMPLETED
Content-Length
438877
x-amz-id-2
QN7Bc83RPsJekIaPeqKm3XFsXrJOIpb6vlqvJjxV8kbq53M6aPArlfLKvr9kYu+0sa5a+Qz59kw=
x-served-by
cache-yul12824-YUL
last-modified
Fri, 09 Sep 2022 22:25:59 GMT
server
AmazonS3
x-timer
S1663557597.107963,VS0,VE1
date
Mon, 19 Sep 2022 03:19:57 GMT
x-amz-request-id
BPCX7JPA7HETNVWT
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
33
x-cache-hits
0
iza98penwbnmmzaetpyl.mp4
cdn.taboola.com/libtrc/static/video/v1636739453/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1636739453/iza98penwbnmmzaetpyl.mp4
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ecebfeaa388bd417382b3cd77c13763bc681c2ced205f3e942b7c1318df80fd

Request headers

Referer
https://secretm.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
hoSKy4D8seh.Hl9ythds2d8LTyzmromp
via
1.1 varnish
etag
"ca106a0f85a8a0a6456abc981f7de42e"
age
98
x-cache
HIT
Content-Range
bytes 0-1080817/1080818
x-amz-replication-status
COMPLETED
Content-Length
1080818
x-amz-id-2
+HE4RC1tkEPgbCMauL/7GpTQsvGyGSP6ZYrdBNnluoa8EKqjxuZMGVp3Yi9tEFZQF59yp8wM9l8=
x-served-by
cache-yul12824-YUL
last-modified
Fri, 12 Nov 2021 17:51:01 GMT
server
AmazonS3
x-timer
S1663557597.126015,VS0,VE0
date
Mon, 19 Sep 2022 03:19:57 GMT
x-amz-request-id
5RHMR63GJF4TA6AG
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
33
x-cache-hits
3
szflpmk1lxmahfigojdm.mp4
cdn.taboola.com/libtrc/static/video/v1660916163/ 		542 KB
542 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1660916163/szflpmk1lxmahfigojdm.mp4
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6a6ba713ca9eb1360da608ce45ada604b66d4088b83453cc478d4d992e60ac6

Request headers

Referer
https://secretm.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
33ELYrwulq30fEL.ooEEi4z2SRi3blY7
via
1.1 varnish
etag
"292bef54861ba2edd7401362940b8285"
age
18
x-cache
HIT
Content-Range
bytes 0-554639/554640
x-amz-replication-status
COMPLETED
Content-Length
554640
x-amz-id-2
YJl/Wy13Ay+6aXK60gZIPV95HIXcfmEPDlwp8COwzTov8ld+Edh27FfhmnXWxuTpnG55wQGgX/c=
x-served-by
cache-yul12824-YUL
last-modified
Fri, 19 Aug 2022 13:36:09 GMT
server
AmazonS3
x-timer
S1663557597.126004,VS0,VE1
date
Mon, 19 Sep 2022 03:19:57 GMT
x-amz-request-id
CG105CG790288HEV
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
33
x-cache-hits
0
xrulqdpwwplgylkvkpbm.mp4
cdn.taboola.com/libtrc/static/video/v1662762353/ 		15 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1662762353/xrulqdpwwplgylkvkpbm.mp4
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://secretm.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
EQDiDtciLZm_P73it4d8Wa5tOPbEVk6H
via
1.1 varnish
etag
"c479947d71da72b87f21e060db9ae457"
age
7
x-cache
HIT
Content-Range
bytes 0-438876/438877
x-amz-replication-status
COMPLETED
Content-Length
438877
x-amz-id-2
QN7Bc83RPsJekIaPeqKm3XFsXrJOIpb6vlqvJjxV8kbq53M6aPArlfLKvr9kYu+0sa5a+Qz59kw=
x-served-by
cache-yul12824-YUL
last-modified
Fri, 09 Sep 2022 22:25:59 GMT
server
AmazonS3
x-timer
S1663557597.125992,VS0,VE1
date
Mon, 19 Sep 2022 03:19:57 GMT
x-amz-request-id
BPCX7JPA7HETNVWT
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
33
x-cache-hits
0
iza98penwbnmmzaetpyl.mp4
cdn.taboola.com/libtrc/static/video/v1636739453/ 		143 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1636739453/iza98penwbnmmzaetpyl.mp4
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://secretm.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
hoSKy4D8seh.Hl9ythds2d8LTyzmromp
via
1.1 varnish
etag
"ca106a0f85a8a0a6456abc981f7de42e"
age
98
x-cache
HIT
Content-Range
bytes 0-1080817/1080818
x-amz-replication-status
COMPLETED
Content-Length
1080818
x-amz-id-2
+HE4RC1tkEPgbCMauL/7GpTQsvGyGSP6ZYrdBNnluoa8EKqjxuZMGVp3Yi9tEFZQF59yp8wM9l8=
x-served-by
cache-yul12824-YUL
last-modified
Fri, 12 Nov 2021 17:51:01 GMT
server
AmazonS3
x-timer
S1663557597.126002,VS0,VE0
date
Mon, 19 Sep 2022 03:19:57 GMT
x-amz-request-id
5RHMR63GJF4TA6AG
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
33
x-cache-hits
4
szflpmk1lxmahfigojdm.mp4
cdn.taboola.com/libtrc/static/video/v1660916163/ 		4 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1660916163/szflpmk1lxmahfigojdm.mp4
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://secretm.me/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
33ELYrwulq30fEL.ooEEi4z2SRi3blY7
via
1.1 varnish
etag
"292bef54861ba2edd7401362940b8285"
age
18
x-cache
HIT
Content-Range
bytes 0-554639/554640
x-amz-replication-status
COMPLETED
Content-Length
554640
x-amz-id-2
YJl/Wy13Ay+6aXK60gZIPV95HIXcfmEPDlwp8COwzTov8ld+Edh27FfhmnXWxuTpnG55wQGgX/c=
x-served-by
cache-yul12824-YUL
last-modified
Fri, 19 Aug 2022 13:36:09 GMT
server
AmazonS3
x-timer
S1663557597.129883,VS0,VE1
date
Mon, 19 Sep 2022 03:19:57 GMT
x-amz-request-id
CG105CG790288HEV
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
33
x-cache-hits
0
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50989
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx378aff439092441c91a16-0063217989
x-amz-id-2
tx378aff439092441c91a16-0063217989
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SB7E%2FhUzbg25tyq4%2Bd5bN%2F%2FGvWGLhHGA5OHg%2F4hxJx968iexI70p5Dhikh%2FIKrm5DtGSPS0UZJB9gW3zz0HMOLZg9NO9cM6ueGKrliNsDOJqfxwkfnYgoSyxmQ%2FIkWg9iefsUoWPwe%2Br5OR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74cf2ec64fd0ca4f-YUL
access-control-allow-headers
Authorization
iu3
s.amazon-adsystem.com/ Frame 051D
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
326 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
331cd35bd18e2aea4890680f6c1bec8ccdb17d47c7a4ef19ef2e11db2a85e9a9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
326
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
X2E510AQHYQ0F12RHD22

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JKFMB36YZ7A27YRT8JNS
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 06A8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103095
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:19:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BBBE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103095
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:19:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
custom
yonhelioliskor.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://secretm.me
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
server
nginx
custom
yonhelioliskor.com/ 		39 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/custom
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
e5b982cc7503ce618f25866738a99e0b
date
Mon, 19 Sep 2022 03:19:57 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
prop.js
secretm.me/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secretm.me/prop.js
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11332e9c41e74cbb6635f2fbda1224919d26c432c9f3123e5fbb470b359c1920

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Wed, 14 Sep 2022 15:50:10 GMT
server
cloudflare
etag
W/"137c-5cf14c67cee61-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNJZBgpF9Aq010s8K03OTECJ5LwgQi4usCTptGvW%2FPKeMsUf%2FH3W8CiLq3zdnuatIK54QTrw0%2FBMMqmNmx3FnAdj0UKEqWXVw82u7Ry7HNx3r1TTemnx68EFlUJ1LaNgAuGVrJ9ic59M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
74cf2ec6fa3eece6-YUL
priority
u=1,i=?0
/
services.vlitag.com/passback/ Frame 8ABA 		171 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/passback/?t=1663171543&d=18420&z=78065&divID=vi_1842078065_1&w=320&h=50&geo=US&hn=secretm.me
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=77f65091cdb3b479c0aaefcc99c2d163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c47f20d1b1d4989640ee6e4c7a0d1f7b457e98944c6ee4dcb0e8b95e3cecfdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 16:10:48 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, immutable, max-age=31536000
cf-ray
74cf2ec7d8437156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
PugMaster
image6.pubmatic.com/AdServer/ Frame 06A8 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78676467&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
537e599f696664f02a76a66bdc763d12d960888b42f462968f4136d37429826f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pr
s.amazon-adsystem.com/v3/ Frame 7134 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bbb5be8d400a6105d6d66f4d03a7b8b8414a98e394157b4031edee97722350b9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1639
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EB6HMSVCB0HPV8J7X9WR
cc.jpeg
px.vliplatform.com/br-v4/ 		0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNyaayUZYP-AytA-PPMK-qTqY-TZKrTBKTTaBYRlmNaKAbaARdzNwqfftkRqxeNco_TMPYAKMYBT_KRysggkNAGATRwkNdtroqftz|AGATY|aKAbaA|wqfftk|BKZ|RmNKMYBTRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:57 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10JEUqHkUwH%2FHTR7FhdP%2FRXXRaJOJSpvBERJDY1%2F%2F4%2F4Fg%2B9Y47bNv2uNoWH3bFubZvExyDRUxrxt2oke1wMQtDR%2FwBCucX%2BJXo7%2FDRAtVDa%2BHAWs85gBk%2BMMxVzt26V3A7mHBD77A5FLsJ3CYOxqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec9afcfecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cc.jpeg
px.vliplatform.com/br-v4/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNBrqwrMrU-PtrY-PtKU-qATA-KeqBteKArtyBRlmNKYMbaARdzNwqfftkRqxeNco_TMPYAKMYBT_MRysggkNAGATRwkNdtroqftz|AGATB|KYMbaA|wqfftk|BKU|RmNKMYBTRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:57 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LOlW3lptkECN6mqSdtxygMYobbpyU78ZDQJ%2FIjXdDuYvDN1ZjGftPBa0dOCT0K9c2gCaYOzst79A47b%2BoacVFkDWT8a%2FZnKcytEPQyTA%2BsQcG9cjjpfuRPy8CYTdkaYtbp%2FiJfyRWy2D03qxS6iWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec9e809ecf2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
ad-rotator
cdn.jsdelivr.net/npm/ Frame 8ABA 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ad-rotator
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/passback/?t=1663171543&d=18420&z=78065&divID=vi_1842078065_1&w=320&h=50&geo=US&hn=secretm.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab1fa887a1041ad989bb804ce9f53ad2d54b654c3d1faa463f2f07b91f44b819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
5.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19162-FRA, cache-scl2220025-SCL
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1653-ZSbe3uWstMrrZIzMI8iF5Ks8erg"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0fI9j6gglr%2B0kCkB1Uxwlhywek%2FKO5DiG8cN%2BSY1AZKPYVlHdH2GiQubU4A5K%2BaiYIajqMdIep2XSNHoO8HzU2xxYb6PyBRHXnbt%2Fp0ThgvPM29LzIBVAbd12ATe2CX7y0VwAXsOVT3BOEcsnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74cf2ec859b74bca-YUL
access-control-expose-headers
*
rotator.js
secretm.me/ads/ Frame 8ABA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secretm.me/ads/rotator.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/passback/?t=1663171543&d=18420&z=78065&divID=vi_1842078065_1&w=320&h=50&geo=US&hn=secretm.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f62c5dc6e846f50e55ba01e77515aad7df77bd3cbd615a945d7b76de3cf0ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50988
cf-polished
origSize=1954
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
display
staticcontent_sol
response
200
last-modified
Wed, 14 Sep 2022 15:50:10 GMT
server
cloudflare
etag
W/"7a2-5df38655586f0-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myltf9llIP6jGTP2pcbrnJHUBrgBdcEr8%2FN8%2FyQKJcQtsghfsTjhRBZFHctByX7S%2BVyNFb0Hz9gl5rT1DtiZxXyEvhKDGw5DE2naYHrEzt4rh1IeDZnGSLhDH9AgzzQWIEVOTV%2BNcT7x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
74cf2ec84ba6ece6-YUL
priority
u=1,i=?0
cf-bgj
minify
cc.jpeg
px.vliplatform.com/bw-v4/ 		0
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNtTZtUTZt-BZUt-PKZy-MPtT-YYaqAMyZwYUTRqxeNco_TMPYAKMYBT_MRwNdtroqftzRhNAGATBRlmNKYMbaARdzNwqfftkRmNKMYBTRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:57 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeX12l46h4gxPGVJEkIZ%2BIO%2BRqm222YOhI%2BcO1PRh0UEJNZLEl794FsLvQ8Mt12ceJZJidiOd7wiuMiRMyC2xL8zOQCnzbndabW9IhcbQb0wz7OSDmURN97JHhSqUmiBKvulzNuLQF5OJg6t6%2FYeGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ec9c941715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ Frame 8ABA 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Requested by
Host: secretm.me
URL: https://secretm.me/ads/rotator.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd267e2bbeec9925f2bfea9f979e9e1a79a05638c6e4ce604b7cfbe4fb61a519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75706
x-xss-protection
0
expires
Mon, 19 Sep 2022 03:19:57 GMT
Top%205%20friends%20challenge.gif
secretm.me/ads_image/ Frame 8ABA 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secretm.me/ads_image/Top%205%20friends%20challenge.gif
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccac7a195b445234a61477779b473f3707220af92f812c736890c7ea619fb706

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27246
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
display
staticcontent_sol
response
200
last-modified
Wed, 14 Sep 2022 15:50:10 GMT
server
cloudflare
etag
W/"dc00-5ce5447348ee5-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU0YHpV%2BlIslXUIG7aywkGlkhMgSqW2zegqg8ineKDfEbgcJPNa1pPQp7FMLnIDiT4ngxsxG53F3iUeVpretA31fvuk%2FUSwOqcocs7M5y20M%2BjvJ%2B5uXAqnt1mqwvDnmlE37Hl9uFt6J"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
cf-ray
74cf2ec91c38ece6-YUL
priority
u=3,i=?0
ecm3
s.amazon-adsystem.com/ Frame 7134
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3a2778e
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3a2778e
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
0GX55TK8Z3PWAB2ZX8TA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 03:19:57 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=c3a2778e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
FXp6jtZ2FUHv5LJ8YvRix1_KN9il5iJFyugM6PY9XTf6HSlNlNE3mg==
ecm3
s.amazon-adsystem.com/ Frame 7134
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
573ZFJMTEEXTKZKCJBJW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
Date
Mon, 19 Sep 2022 03:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 7134
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=7EAD9857E4014D778875661041256C5A&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=7EAD9857E4014D778875661041256C5A&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
B2MV3GDC4D4ZK2BSWNEQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 03:19:57 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=7EAD9857E4014D778875661041256C5A&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 03:19:57 GMT
/
match.sharethrough.com/jwumXNuB/v1/ Frame 1F12 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.233.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-233-8.compute-1.amazonaws.com
Software
/
Resource Hash
a92486c205933e5bee304a3f16f89bb87f237e4533154c7d93572aa56b26f1c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 19 Sep 2022 03:19:57 GMT
usync.html
eus.rubiconproject.com/ Frame 80C8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:19:57 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 29F9
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=1d90291b63b81604&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABy761qQyDPANdoV4_AAAAAAA&expiration=1663643997&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABy761qQyDPANdoV4_AAAAAAA&expiration=1663643997&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 03:19:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
485KZNXHZQTFM4RSSJ4J

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 19 Sep 2022 03:19:57 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABy761qQyDPANdoV4_AAAAAAA&expiration=1663643997&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 3552
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=662737811153841467575
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=662737811153841467575
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-simpli.fi_rbd_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H12A3YMWSSFXNW9A6Q39

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 19 Sep 2022 03:19:57 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=662737811153841467575
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bulk
trc.taboola.com/quizprank-secretmme/log/3/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/quizprank-secretmme/log/3/bulk?tvi2=4948&route=US%3AUS%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
59
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557598.982778,VS0,VE59
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://secretm.me
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/quizprank-secretmme/log/3/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/quizprank-secretmme/log/3/visible?tvi2=4948&route=US%3AUS%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
21
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557598.994593,VS0,VE21
x-served-by
cache-yul12824-YUL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://secretm.me
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
js
www.googletagmanager.com/gtag/ Frame 8ABA 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147710621-5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53a8f70b927c67cbe0895da2b96cd81f2848190e7990e6682ab1ec08cb5837a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42333
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 03:19:57 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
14302
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12824-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663557598.021526,VS0,VE0
date
Mon, 19 Sep 2022 03:19:58 GMT
x-amz-request-id
JFXX7NJ7M2FJYZ6M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
33
x-cache-hits
5587
match
c1.adform.net/serving/cookie/ Frame C595
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 19 Sep 2022 03:19:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 19 Sep 2022 03:19:57 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame A1DA 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 19 Sep 2022 03:19:57 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12826-YUL
x-timer
S1663557598.767200,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame 75B0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGV0EwN0dUOEFBQUEtUGd5U2h5dw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGV0EwN0dUOEFBQUEtUGd5U2h5dw&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFWA07GT8AAAA-PgyShyw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5164764702849156945
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFWA07GT8AAAA-PgyShyw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5164764702849156945%26bee_sync_partners%3Dsyn%252Cpm%26...
  • https://match.prod.bidr.io/cookie-sync?userid=5164764702849156945&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFWA07GT8AAAA-PgyShyw&pid=55...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAFWA07GT8AAAA-PgyShyw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5164764702849156945%26bee_sync_partners%3Dpm%26bee_sy...
  • https://match.prod.bidr.io/cookie-sync?userid=5164764702849156945&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFWA07GT8AAAA-PgyShyw
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFWA07GT8AAAA-PgyShyw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 03:19:59 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFWA07GT8AAAA-PgyShyw
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7E13
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Mon, 19 Sep 2022 03:19:56 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master ord-pixel-x34 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 21FE
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f04b31c0-37c9-11ed-bc06-b199e15137b5
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f04b31c0-37c9-11ed-bc06-b199e15137b5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f04b31c0-37c9-11ed-bc06-b199e15137b5
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-3
server
Cowboy
141
match.deepintent.com/usersync/ Frame FAC5 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
usersync.aspx
dis.criteo.com/dis/ Frame 5DC3 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:19:57 GMT
expires
Mon, 19 Sep 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
296434
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame E5FE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f9zbI5dQSTFuOOM6frOHY5U4mbI
42 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f9zbI5dQSTFuOOM6frOHY5U4mbI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 03:19:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f9zbI5dQSTFuOOM6frOHY5U4mbI
Pug
simage2.pubmatic.com/AdServer/ Frame D77F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1663557597847
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4123285604
  • https://sync.1rx.io/usersync/tradedesk/8c547213-44f5-41c0-9f3e-f4df6d624005
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
42 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 19 Sep 2022 03:19:58 GMT
ETag
RXad006d295932421faa6d8a406243cead005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 6C73
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:REpD1VrU1OA7ka5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:REpD1VrU1OA7ka5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 03:19:57 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:REpD1VrU1OA7ka5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0165a6f2e79f02a99@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 60B1
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693869928991
42 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693869928991
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=693869928991
i.match
s.tribalfusion.com/z/ Frame F33D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
74cf2ecacc6f7144-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
74cf2eca1ba17144-YUL
content-type
text/html
date
Mon, 19 Sep 2022 03:19:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2357
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 19E2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c6129cc4-c2ec-4f3e-b106-f49d27416ea8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.36.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-36-54.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 19 Sep 2022 03:19:57 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 19 Sep 2022 03:19:57 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 39F7
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74cf2eca1b8c713f-YUL
content-length
0
date
Mon, 19 Sep 2022 03:19:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
Pug
simage2.pubmatic.com/AdServer/ Frame 3506
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F7ziqx4ap
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F7ziqx4ap
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:19:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F7ziqx4ap
vary
Origin
via
1.1 google
setuid
u.4dex.io/ Frame AB2B 		0
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 19 Sep 2022 03:19:58 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 06A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ChT1TeZSLO5QaW7TmMXfA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3ChT1TeZSLO5QaW7TmMXfA%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=103094
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 20 Sep 2022 07:58:12 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 06A8
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=DC2853D5-3799-48B3-B941-A5BB4E63177C
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJERDMjg1M0Q1LTM3OTktNDhCMy1COTQxLUE1QkI0RTYzMTc3QxAAGg0I3b-fmQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=bc85de15baac2a90eedd2787b905fc7f92a94754b06fb1569e3fa5dc0be28e4e791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYzg1ZGUxNWJhYWMyYTkwZWVkZDI3ODdiOTA1ZmM3ZjkyYTk0NzU0YjA2ZmIxNTY5ZTNmYTVkYzBiZTI4ZTRlNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYzg1ZGUxNWJhYWMyYTkwZWVkZDI3ODdiOTA1ZmM3ZjkyYTk0NzU0YjA2ZmIxNTY5ZTNmYTVkYzBiZTI4ZTRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI3b-fmQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=7b38c69b-1201-49c8-a3de-b1c07c175a9b
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=7b38c69b-1201-49c8-a3de-b1c07c175a9b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=7b38c69b-1201-49c8-a3de-b1c07c175a9b
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e206327-dfde-4d00-ab76-f159d6d1793a
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e206327-dfde-4d00-ab76-f159d6d1793a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 19 Sep 2022 03:19:57 GMT
Server
MT3 4505 5b23575 master ord-pixel-x57 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e206327-dfde-4d00-ab76-f159d6d1793a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 03:19:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMyODUzRDUtMzc5OS00OEIzLUI5NDEtQTVCQjRFNjMxNzdD&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMyODUzRDUtMzc5OS00OEIzLUI5NDEtQTVCQjRFNjMxNzdD&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKBQWMderpazD698mKN2lY8&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKBQWMderpazD698mKN2lY8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKBQWMderpazD698mKN2lY8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 19 Sep 2022 03:19:57 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 03:19:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3232777307143540978&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3232777307143540978&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3232777307143540978&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c547213-44f5-41c0-9f3e-f4df6d624005
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c547213-44f5-41c0-9f3e-f4df6d624005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8c547213-44f5-41c0-9f3e-f4df6d624005
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
DC2853D5-3799-48B3-B941-A5BB4E63177C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 06A8 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/DC2853D5-3799-48B3-B941-A5BB4E63177C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC2853D5-3799-48B3-B941-A5BB4E63177C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PlEVa2hE2uWrgqvUdi4sSkDYLhxfbFw-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PlEVa2hE2uWrgqvUdi4sSkDYLhxfbFw-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-PlEVa2hE2uWrgqvUdi4sSkDYLhxfbFw-~A&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 03:19:57 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5ad9f333-1342-47cc-9601-9b4fede0b79b&gdpr=0&gdpr_consent=
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5ad9f333-1342-47cc-9601-9b4fede0b79b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5ad9f333-1342-47cc-9601-9b4fede0b79b&gdpr=0&gdpr_consent=
Date
Mon, 19 Sep 2022 03:19:57 GMT
X-CI-RTID
4d4871c5-43a3-4efc-91d9-f5c4dbe7776c
Connection
keep-alive
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=177430568407624767&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=177430568407624767&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9890da37-81a4-4914-8a42-9abf1ab62d48
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=177430568407624767&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=560685b1b2e919fa&is_secure=true&networkId=17100&version=1&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJOpQSY_SOMwMU3-OIAAAAAAA&expiration=1663643998&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&...
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJOpQSY_SOMwMU3-OIAAAAAAA&expiration=1663643998&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJOpQSY_SOMwMU3-OIAAAAAAA&expiration=1663643998&nuid=DC2853D5-3799-48B3-B941-A5BB4E63177C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341&gdpr=0&gdpr_consent=
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 06A8 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.85.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-85-80.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw
42 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=4e491354-ff89-46c3-8ad4-a5c2e193b131&ssp=pubmatic&expires=30&user_group=5&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 03:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 06A8
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_F66F0406_99F868BD&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
4.78.226.233 Fort Worth, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-346544398; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-346544398; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 06A8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1426208387086089782
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1426208387086089782
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1426208387086089782
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
analytics.js
www.google-analytics.com/ Frame 8ABA 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147710621-5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3265
date
Mon, 19 Sep 2022 02:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 04:25:32 GMT
usync.js
eus.rubiconproject.com/ Frame 80C8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:19:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29869
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
ecm3
s.amazon-adsystem.com/ Frame 1F12 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
37BAKEY3JC0PBS2GXCGD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 1F12
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.221.233.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-233-8.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 1F12
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.221.233.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-233-8.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
76f2c2a4-9ff4-4400-9a67-0c29ab19c557
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 1F12
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.221.233.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-233-8.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f976794c-3553-4940-a399-a8b8b62463b3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 1F12
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
3.221.233.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-233-8.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
64d902f3-623d-4297-a96f-d87fca223f0d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 80C8 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Content-Type
image/jpg
collect
www.google-analytics.com/ Frame 8ABA 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=666937816&t=pageview&_s=1&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=320x50&je=0&_u=QACAAUAB~&jid=&gjid=&cid=1058947189.1663557596&tid=UA-147710621-5&_gid=8619919.1663557597&gtm=2ou9e0&z=1219898523
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 14:17:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46938
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:19:57 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 03:19:58 GMT
ecm3
s.amazon-adsystem.com/ Frame 80C8
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L8878POX-1U-8LKK
  • https://s.amazon-adsystem.com/ecm3?id=L8878POX-1U-8LKK&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L8878POX-1U-8LKK&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
XJKJB74B3A78BT26K9N0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L8878POX-1U-8LKK&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
custom
yonhelioliskor.com/ 		39 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/custom
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
a3379b55d684be82ac5821fb09f166c5
date
Mon, 19 Sep 2022 03:19:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
yonhelioliskor.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://secretm.me
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 19 Sep 2022 03:19:58 GMT
server
nginx
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=bb666497ce124fe88fb50c530dd4fd71&zoneId=4286329&checkDuplicate=true&ymid=&var=
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a45cf3df8027e39ea0d302ca3248553ba749ed800ff297d8543e0ff75b2087ff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
setuid
px.ads.linkedin.com/ Frame 80C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8878POX-1U-8LKK
0
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8878POX-1U-8LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 037E17C97A824D3D9D1373906E4616DC Ref B: YTO01EDGE0820 Ref C: 2022-09-19T03:19:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXo/y+1g/be7m/DplZLFw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8878POX-1U-8LKK
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 80C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEzmsydzIQYYzttpXCIr1I0&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEzmsydzIQYYzttpXCIr1I0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEzmsydzIQYYzttpXCIr1I0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 80C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4NzhQT1gtMVUtOExLSw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4NzhQT1gtMVUtOExLSw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg4NzhQT1gtMVUtOExLSw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 80C8 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
HQT6A6V2E4FYK716B0XX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 80C8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8c547213-44f5-41c0-9f3e-f4df6d624005&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 80C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQxYjQ0NTZlNTczMjAyZmI2ZjEwNzEzYjIyYjA1YzZkN2NjNzAxNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQxYjQ0NTZlNTczMjAyZmI2ZjEwNzEzYjIyYjA1YzZkN2NjNzAxNQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGQxYjQ0NTZlNTczMjAyZmI2ZjEwNzEzYjIyYjA1YzZkN2NjNzAxNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 80C8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sPN29gix4Wsh9QNGXHJO7Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7138489281021023736
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7138489281021023736
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Content-Type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 03:19:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7138489281021023736
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 80C8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Z1mWo123ShWMSGx2FEbYFw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Z1mWo123ShWMSGx2FEbYFw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Z1mWo123ShWMSGx2FEbYFw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:58 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
M3WGM7SBYEXFRQJS07CB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Z1mWo123ShWMSGx2FEbYFw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
eus.rubiconproject.com/ Frame 1CB5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:19:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:19:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 12C8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:19:58 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:19:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 1CB5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29868
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
usync.js
eus.rubiconproject.com/ Frame 12C8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:19:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29868
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
setuid
u.4dex.io/ Frame 1CB5
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L8878POX-1U-8LKK
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L8878POX-1U-8LKK
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=L8878POX-1U-8LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=L8878POX-1U-8LKK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
collect
www.google-analytics.com/ Frame 8ABA 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=666937816&t=event&_s=2&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=320x50&je=0&ec=banner_ad&ea=impression&el=mixal.xyz&_u=SACAAUAB~&jid=&gjid=&cid=1058947189.1663557596&tid=UA-147710621-5&_gid=8619919.1663557597&gtm=2ou9e0&z=535180364
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 14:17:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46939
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 5BA3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8878POX-1U-8LKK
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8878POX-1U-8LKK
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557599.660117,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-yul12824-YUL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8878POX-1U-8LKK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 5BA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIOTbRfKX1Gmch2IOXkVVoU&google_cver=1
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIOTbRfKX1Gmch2IOXkVVoU&google_cver=1
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557599.675779,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIOTbRfKX1Gmch2IOXkVVoU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5BA3 		42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c:$UID
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 5BA3
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
date
Mon, 19 Sep 2022 03:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20747
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5BA3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c547213-44f5-41c0-9f3e-f4df6d624005
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c547213-44f5-41c0-9f3e-f4df6d624005
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557599.664957,VS0,VE19
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8c547213-44f5-41c0-9f3e-f4df6d624005
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 5BA3
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
HTTP/1.1
Server
63.251.114.137 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 5BA3 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-xz4t9
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 5BA3 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 5BA3 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.209.207.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-207-157.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
content-length
43
x-nosync
emp
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5BA3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a3af821a-70cb-4061-8c35-0aa0709d3884
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a3af821a-70cb-4061-8c35-0aa0709d3884
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20747

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a3af821a-70cb-4061-8c35-0aa0709d3884
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4208634
content-length
0
expires
Mon, 19 Sep 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 5BA3
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=177430568407624767&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=4e206327-dfde-4d00-ab76-f159d6d1793a&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=8c547213-44f5-41c0-9f3e-f4df6d624005&ttl=%%TTL%%
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F3%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/3/5.gif?puid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/2/6.gif?puid=bdd621ad-373c-48e7-8fa2-f15f07807f54&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F1%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/1/7.gif?puid=2649b0e0-6bba-422c-a092-22b21a9541f8&gdpr=0&gdpr_consent=
  • https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F136%2F0%2F8.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yyff4AAAISIPfgAE
  • https://id5-sync.com/c/464/136/0/8.gif?puid=Yyff4AAAISIPfgAE&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21935

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
date
Mon, 19 Sep 2022 03:20:00 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 5BA3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=693869928991&expires=30&user_group=1&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24130

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
Date
Mon, 19 Sep 2022 03:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 5BA3
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5f217df4-4aa3-4f7b-b84b-73b42d4f6649
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D5f217df4-4aa3-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D5f217df4-4aa3-4f7b-b84b-73b42d4f6649&isDirect=0
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557599.975449,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D5f217df4-4aa3-4f7b-b84b-73b42d4f6649&isDirect=0
date
Mon, 19 Sep 2022 03:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22561
sd
u.openx.net/w/1.0/ Frame 5BA3
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame 5BA3 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&dongle=tbla
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 5BA3 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:58 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
8
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame 5BA3 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 5BA3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=f9zbI5dQSTFuOOM6frOHY5U4mbI
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=f9zbI5dQSTFuOOM6frOHY5U4mbI
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25008

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=f9zbI5dQSTFuOOM6frOHY5U4mbI
Date
Mon, 19 Sep 2022 03:19:58 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 5BA3
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 03:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 5BA3 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 5BA3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d8c44a94-1b8c-40f8-967d-1ee5f308131c
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d8c44a94-1b8c-40f8-967d-1ee5f308131c
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23292

Redirect headers

date
Mon, 19 Sep 2022 03:19:58 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d8c44a94-1b8c-40f8-967d-1ee5f308131c
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220918-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
1100
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
E043v4cAlJxnnSXL9R3tp+CFTXw996vLrBDS3tyutnboFiGdeMV2jjChDnaXkTKEN54QsI6IDoo=
x-served-by
cache-yul12824-YUL
last-modified
Thu, 15 Sep 2022 14:11:45 GMT
server
AmazonS3
x-timer
S1663557599.638984,VS0,VE0
date
Mon, 19 Sep 2022 03:19:58 GMT
vary
Accept-Encoding
x-amz-request-id
158FYBNJ3HNDCNTT
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
33
x-cache-hits
3717
/
pips.taboola.com/ 		64 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12832-YUL
access-control-allow-methods
GET
access-control-allow-origin
https://secretm.me
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&uad=d072346c8db79fd6f2ceecdb0d73cb8a94262461c336c967531048a4d7ce0f27
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 03:19:58 GMT
cache-control
no-store
server
nginx
cc.jpeg
px.vliplatform.com/iv-v4/ 		0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNoc-UBAtBYUy-TZAr-Pwet-ayeT-PZtqYePMwMteRqxeNco_TMPYAKMYBT_MRwNdtroqftzRlmNKYMbaARdzNwqfftkRrdzNRmNKMYBTRleNpl
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:19:58 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIgLN%2BhSxdMehVTDPpt5ergoysUydEl%2BlQWiLadOF8z2K6yCzNH7m%2FfrBo5tDus9dtD0o8tx1oPPfl6Ei%2FtO4Vslr5PbZyLduoXBm30kFSSvopd3RIxXLj4qk8oROIc6YGPLL8TMYGuyn%2FPUTbuvLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ecffa47715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfD0Ixhhaa70QKwuagJ%2BkBnGxheZx6GVlu1T5Mub%2B7VOdw2aw3Oip2WdH%2F5qcoGj6i22PI7mPeBEUzfMmd1OYTyPp0y5QzecUc1fgkZBr5XW0ejHpaGMZCFU%2FKdrILxd8ZznBgborzCVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://u.4dex.io/setuid?bidder=indexexchange&uid=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
cache-control
no-cache
cf-ray
74cf2ed6085ba204-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
vpp.gif
secretm.me/detroitchicago/ 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secretm.me/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq%22%2C%22pageview_id%22%3A%220f4e2f52-1223-48d2-6d8d-0579ebcd6f17%22%2C%22template_id%22%3A120%2C%22player_name%22%3A%22unknown%22%2C%22domain_id%22%3A374922%2C%22media_src%22%3A%22https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1662762353%2Fxrulqdpwwplgylkvkpbm.mp4%22%7D%5D
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DRH5ZM81HX5B1DZcZj%2B4u6rGyEhOIwTbC2bixIXkOetKke5tXt0VeQOs4a9lvQBRbDrNhJ6V%2BJ2KmvGDVNTRZDYr%2F8gMLjzCKsmLYsRfzrv927oAacInOs4ufSoPx4o9OpePrX7Hy3Z"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
43
accept-ranges
bytes
cf-ray
74cf2ed54f4fece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
expires
Sun, 18 Sep 2022 03:19:59 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 06A8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
custom
yonhelioliskor.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://secretm.me
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 19 Sep 2022 03:19:59 GMT
server
nginx
custom
yonhelioliskor.com/ 		39 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/custom
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
ca0cd6aebe48a9f402472972853eec1f
date
Mon, 19 Sep 2022 03:19:59 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
syncframe
gum.criteo.com/ Frame 7762 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=secretm.me
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Kestrel
server-processing-duration-in-ticks
2372312
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rum
secretm.me/cdn-cgi/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secretm.me/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secretm.me/message.php?id=19unixnq
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://secretm.me
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
74cf2ed708f2ece6-YUL
vary
Origin
r.html
assets.vlitag.com/plugins/safeframe/src/html/ Frame 0CF2 		856 B
583 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2138750
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=16070400
cf-cache-status
HIT
cf-ray
74cf2ed76f137156-YUL
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:19:59 GMT
expires
Thu, 25 Aug 2022 09:41:34 GMT
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
sf_ext.min.js
assets.vlitag.com/plugins/safeframe/src/js/ Frame 0CF2 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/plugins/safeframe/src/html/r.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2138749
cf-ray
74cf2ed78f617156-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-5aed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Thu, 25 Aug 2022 09:41:35 GMT
nmedianet.js
contextual.media.net/ Frame 60CA 		191 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUP40XRI
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e12d294b5f7a904c03712d091bcd6bb8bf4e4d4d9af61e84a5c92aa28c90f2c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"1e4698a6ef662afe46704d22ea92a5cb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 19 Sep 2022 03:20:00 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-10
expires
Mon, 19 Sep 2022 03:25:00 GMT
log
qsearch-a.akamaihd.net/ Frame 60CA 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=prod&bdr_typ=1&ss_d1=1600&ogerpm=0.0400&ss_d2=1200&stid=vi_1842078231_8&other_prv=294&jar_err=&current_day=1.0&adtyp=0&req_id=c9599f2f-adb5-47ca-b6ed-05fc0332da64&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&predicted_wr=20.5687&exp=&fdbk_id=&second_bidder=*&search_res=68&floor_bucket=0.00&gpid_format=&seat=BID_API&size=728x90&url_l1=message.php&f_seg=&prdp=0.0128&ogcbdp=0.0400&dfpbd=0.0128&server=1&ogerpm_wd_bkt=0-1&model_version=202209171114_generic_prebid_1-cid_3&viewability=-0.0100&dmm_r=0.0000&cut=68&dmm_l=0.0000&as_cache=1&tcyerpm=&sc=QC&send_erpm=true&dmm_m9=0.0000&sd=-1&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.05&ugd_ver=&requrl=secretm.me%2Fmessage.php%2F&bidrestime=1663557597216&cc=CA&strg=harmony&ss=1600x1200&current_hour=2&time_stamp=2022-09-19+03%3A19%3A57&model_key=generic_prebid_1-cid_3&rvshhon=&mul_ratio=0.0000&bdp=0.0400&ct=montreal&akey=&mnckfl=0&bdp_bucket=0.05&algo=&dc=east_sc&splid=vi_1842078231_8&dn=secretm.me&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=c34ecd0785774a668bea48ac69dbaa49&infl=&o_ver=NT+10.0&br_ver=105.0.5195.125&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=4&visibility=0&totalTime=4781449&dmm_m1=2022-09-19+03%3A19%3A57.218983063&e_rpm=0.0000&dmm_m22=0.0400&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU2LD671&bcrid=S0300080813018100728009099999900&rawbid=0.0400&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-7d9b58d7cd-f4vgq.SC&dfp_bucket=0.0&adblk=&itype=prebid&pvid_seat=294_BID_API&cliIP=2503514546&advurl=related.icananswerthat.com%2F&level_base=0&crid=946648751&sat=0&br_id=265&cut_bkt=70&gpid=&iwb=1&second_bid=0.000000&sc_pvid=294&capd=0&other_bids=0.04
Requested by
Host: secretm.me
URL: https://secretm.me/message.php?id=19unixnq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.34.59.152 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 03:20:00 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 0CF2 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Mon, 19 Sep 2022 03:20:00 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=9371
access-control-allow-credentials
true
content-length
62892
expires
Mon, 19 Sep 2022 05:56:11 GMT
cc.jpeg
px.vliplatform.com/imp-v4/ Frame 0CF2 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTMPYARrtNrtl0zghRzdNUBAtBYUy-TZAr-Pwet-ayeT-PZtqYePMwMteRqxeNco_TMPYAKMYBT_MRwNdtroqftzRhNAGATBRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNKMYBTRleNpl
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_ext.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 03:20:00 GMT
server
cloudflare
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GMW8gFiVmxD0IlwpoW5EBU1US50a%2B9DZpSV3BUC4thXVL8TnwFbnEHnVLqbwUWCKHdh%2Bg7qAk8fB2fUpqEcESpFwZNBJVSPc8%2BkVrL%2Fat1PAovbYbALxSRSWWMRbPdi2DePPcHzbLpb%2F9%2BoyxXDUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74cf2ed7ce24715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
log
hblg.media.net/ Frame 0CF2 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=CA&ctr=-1.0&viewability=-1&cbdp=0.013&slotVisibility=0&dn=secretm.me&acid=c34ecd0785774a668bea48ac69dbaa49&ugd=4&size=728x90&pvid=294&csip=rtb-common-7d9b58d7cd-f4vgq.SC&ogbdp=0.04&prvReqId=42727045005663_1232799359_94664875112941&itype=PREBID&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&scrid=S0300080813018100728009099999900&mang=1&bidrestime=1663557597216&cid=8CU2LD671&rme=adm&cpr=0.8645595007332894
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 03:20:00 GMT
clog
hblg.media.net/ Frame 0CF2 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4421&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&ifst=0&vid=c9599f2f-adb5-47ca-b6ed-05fc0332da64&s_city=Chicago&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.040&v_mkey=gen-vblt_prebid_test_2_1&screeninfo=1600x1200&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=350&commit_id=5a197c05&scrid=S0300080813018100728009099999900&itypeid=3&mx_SPRIG=2&viewability=-1&renderer=0&be=0&rtime=23.0&adj0=0.0&adj2=0.0&adj1=0.0&feedback_id=cd863f87-3cd7-46e2-a587-df3c1c08dabb&adtypes=0&mx_aabpc=0&reqid=c9599f2f-adb5-47ca-b6ed-05fc0332da64&sc=QC&sd=-1&mowxReqId=c34ecd0785774a668bea48ac69dbaa49_1&ifdp=0&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&bidrestime=1663557597216&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CUP40XRI-765284172-39-19&pbasrc=0&coppa_enf=true&bdp=0.040&ct=montreal&spIsReq=3&s=1&abs=0%7C0%7Cnxblock%3D-1%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUP40XRI&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.icananswerthat.com&dn=secretm.me&dt=O&acid=c34ecd0785774a668bea48ac69dbaa49&actltime=299&act=headerBid&iframingState=0&bdata=sd2%3Dnull%7Eiurl_l%3D20%7Eogerpm%3D0.04%7Evis_sd%3D452%7Edc2%3D1%7Escd%3Dqc%7Ev_asn%3D16276%7Evl2r_sd%3D2022091820%7Eiurl_b%3D2456.76%7Eurl_tkc%3D0%7Estd%3Dvi_1842078231_8%7Elast%3D%7Evis_url_b%3D0.53%7Eip%3D2JquuS%7Efbb%3D0%7Evis_url_l%3D10%7Eriipua%3D2%2C2%7Eet%3D22%7Erc%3D1%7Erps_sd%3D2022091820%7Evis_b%3D754.56%7Eurl_b%3D0.41%7Eurl_tvi%3D0%7Eurl_l%3D20%7Egcat%3D-1%7Ebb%3D196%7Evv%3D0%7El2r_b%3D1000%7Eerpm%3D0.04%7Ebm%3D1%7Esid%3D765284172%7Esd%3D-1%7Euid%3D1IhceNHJDQsU3gxY8%7Ebtd%3D242836417910356880702429605106480239240697852339001858348169195287617957315896414208%7Ed2p_l%3D30%7E3pcf%3D1000%7Euim%3D0%7Edmm_strg%3Dharmony%7Ed2p_b%3D0.95%7Eogd2p_b%3D0.95%7Evurl_b%3D0.93%7Ess%3D1600x1200%7Euiw%3D-1%7Ece%3D0%7Erps_b%3D33.78%7Evurl_l%3D20%7ECI%3D2739%7Ents%3D1%7EMP2%3D.*message.*%7Etb%3D-1%7Ect%3Dmontreal%7Ebasis2%3D196%7Ebasis1%3D196%7EisRef%3D0%7Eivurl_b%3D1.08%7Eisif%3D0%7Elc%3D1%7Ebid%3D0.04%7Edc%3D7%7Evl2r_b%3D1.54%7Eivurl_l%3D20%7Esupply_tag_id%3Dvi_1842078231_8%7Ecbdp%3D0.040%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.040%7Eitype_id%3D3%7Eseller_tag_id%3Dvi_1842078231_8%7EcarrierId%3D0%7Edcut%3D70%7Edogb%3D0-1%7Eibc%3D1%7Eddt%3D-1%7Ensz%3D1%7Etgs%3D728x90%7Ebsb%3D0%7Ebsp%3D0%7Etmx%3D292&mx_lr_seg_deal=1&dfpBd=0.013&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&bfs=103&rfc=1&prvApiId=8CUP40XRI&epcexp=false&pubid=pub-8CU2LD671&mx_bsProfile=0&cid=8CU2LD671&bcrid=S0300080813018100728009099999900&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=PREBID&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU2LD671&tgtval=pub-8CU2LD671&v_mver=202209171832_gen-vblt_prebid_test_2&__expireat=1663558197473&v_alg=gen-vblt_prebid_all&gsi=0&reftype=0&prvAccId=765284172&ckfl=0&lper=1&mx_tgs=728x90&dummy_vsid=false&cbdp=0.013&pvdTmax=292&ltime=297.0&epc=765284172&prvReqId=42727045005663_1232799359_94664875112941&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=PREBID-8CU2LD671&ybnca_erpm=0.04&brsrclk=0&mx_g_uid_cvrg%3C%3E=pubcid&sbdrid=196&mx_bsBucketRa=0&rtttime=313&apTags%3C%3E=75&mx_PC=1&wsip=mowx-749d6df85c-7p7n4&currsrc_date=2022-09-16+00%3A00%3A00&viewability_mnet=91&mx_divid=vi_1842078231_8&geoll=false&omid=0&debug_ts=2022-09-19+03%3A19%3A57&mx_ssProfile=0&mx_SC=0&reftime=15000&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=vi_1842078231_8&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.010&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PRW23HG5&spTo=3&pvid=294&mx_mrpp_key=bidapi-gcp-sc&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-7d9b58d7cd-f4vgq.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=vi_1842078231_8&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.04&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=946648751&geo_source=2&sat=0&mnet_ckfl=0&mp_seg%3C%3E=66833&dfpDiv=vi_1842078231_8&opbidflr=0.010&impId=48b05ed7f1e5d01&rme=adm&utime=2723&sf=1&cpr=0.6703743349892408
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
max-age=3600
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Mon, 19 Sep 2022 09:20:00 GMT
sid
mug.criteo.com/ Frame 7762
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=secretm.me&sn=ChromeSyncframe&so=0&topUrl=secretm.me&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5dfVoHwwUVFuTTF5dGpnWUh6NDBLaXU4MWlUbUIwbE9NeXp0d3lueTVBRlRCdDVHUlhKZGR2U2gwejdpTUxGVWJIWUxtazN6LzF3Sk1JamViRk5HMTY4U0hiT3hlOTdmQ2V4bjVJbzNGQXA0MDQyZGdrem14bTh5ZUlWek...
417 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5dfVoHwwUVFuTTF5dGpnWUh6NDBLaXU4MWlUbUIwbE9NeXp0d3lueTVBRlRCdDVHUlhKZGR2U2gwejdpTUxGVWJIWUxtazN6LzF3Sk1JamViRk5HMTY4U0hiT3hlOTdmQ2V4bjVJbzNGQXA0MDQyZGdrem14bTh5ZUlWekRQaVEreS92OU5Ua29KSG1TMnRqdWxtMHFvdGtJVjJtZDVnbXpNVUV3Si9zcXBlRFJJRUxhMmdMZXJOWjNTbTYrT3RGVzZhdGV6VWExMHlNLzArKysvNk5CYjFUODZ0OUhmVHVPZmhoNVF2RTcwSVpSMW1hNjUwMnBSd3dRWlZOZjdmclBuL1lJMzlkTEN2WGU0dkZHWDZZQ0MrNjFwQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2da6717eea67439758209686c381069a4b6c66c68e1b5a0db351596a2dc18716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1631641
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=5dfVoHwwUVFuTTF5dGpnWUh6NDBLaXU4MWlUbUIwbE9NeXp0d3lueTVBRlRCdDVHUlhKZGR2U2gwejdpTUxGVWJIWUxtazN6LzF3Sk1JamViRk5HMTY4U0hiT3hlOTdmQ2V4bjVJbzNGQXA0MDQyZGdrem14bTh5ZUlWekRQaVEreS92OU5Ua29KSG1TMnRqdWxtMHFvdGtJVjJtZDVnbXpNVUV3Si9zcXBlRFJJRUxhMmdMZXJOWjNTbTYrT3RGVzZhdGV6VWExMHlNLzArKysvNk5CYjFUODZ0OUhmVHVPZmhoNVF2RTcwSVpSMW1hNjUwMnBSd3dRWlZOZjdmclBuL1lJMzlkTEN2WGU0dkZHWDZZQ0MrNjFwQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
312285
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecretm.me%2F&domain=secretm.me&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://secretm.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
293400
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		105 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://secretm.me/message.php?id=19unixnq&v=7.11.0&vg=vlipb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:29fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7baef5f4450fc7e502cb134cc4121186759c9750f2888a336d804427ba7893d

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuUt9sVl9IzvH6ARRDbSlW90FcK017zl%2BOANUPhi8aGAoqEZX8%2FBdOU5EXtwT6C6ME0A2uOzqCEkrhZOS%2Bme9ASfepmITVvyaoIUqsqljf55VLcTXTGfz3jRVbRSRM7vxch5cv2kGJdIKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
74cf2eda7bf34bd1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsecretm.me%2F&domain=secretm.me&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=zGT_onxuRC9Sa2ptZFpRbCthZnQ4UDd3aEROUzI5bjhMQnkzbG04OTdTKzhtd2JQV1ZmL2FiTE5XSHRMYTI1RUZ3Rm1neTNlT0V3Rk4xMEFWSDRhZHFhMUs1VENDb1BjVE8xVVN0NnZuT3VLbEtPeDZkdVJKY1FOV3Z0NX...
426 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zGT_onxuRC9Sa2ptZFpRbCthZnQ4UDd3aEROUzI5bjhMQnkzbG04OTdTKzhtd2JQV1ZmL2FiTE5XSHRMYTI1RUZ3Rm1neTNlT0V3Rk4xMEFWSDRhZHFhMUs1VENDb1BjVE8xVVN0NnZuT3VLbEtPeDZkdVJKY1FOV3Z0NXRxUlVZZDk3WnEvY3ZPRVNNT1Z1dks4VUdUNzlXbGdXQ2x2cDBhanFVN28zOWV3TjdlY2k2UnM2azFxaWgxZ3Zmc2MvZ1BVL1BUbERTQXNXRkJ2a1hxM1hSRHRLZ2VJZHVUeVJ4QlJxSXFpYlA2eHhQZmxlSWtaQ2JzNm1WYkZzYS9aV1F3RHFrQW1FbmxPb2tUbU9JazcxNEhUOUV6UT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
059099c547e58a064a95c1b43667521b7893c2b3685fda88d942ecce178130f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
904679
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=zGT_onxuRC9Sa2ptZFpRbCthZnQ4UDd3aEROUzI5bjhMQnkzbG04OTdTKzhtd2JQV1ZmL2FiTE5XSHRMYTI1RUZ3Rm1neTNlT0V3Rk4xMEFWSDRhZHFhMUs1VENDb1BjVE8xVVN0NnZuT3VLbEtPeDZkdVJKY1FOV3Z0NXRxUlVZZDk3WnEvY3ZPRVNNT1Z1dks4VUdUNzlXbGdXQ2x2cDBhanFVN28zOWV3TjdlY2k2UnM2azFxaWgxZ3Zmc2MvZ1BVL1BUbERTQXNXRkJ2a1hxM1hSRHRLZ2VJZHVUeVJ4QlJxSXFpYlA2eHhQZmxlSWtaQ2JzNm1WYkZzYS9aV1F3RHFrQW1FbmxPb2tUbU9JazcxNEhUOUV6UT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
683253
content-length
0
expires
0
696.json
id5-sync.com/g/v2/ 		451 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
6925c4f4113b350be5a2fa6c9e0ca15d46b9947eff92a5d1ed848c3d0d203995
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://secretm.me
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
/
onetag-sys.com/usync/ Frame C0E3 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663557597014
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame F6C8 		627 B
544 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.241 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 19 Sep 2022 03:19:59 GMT
etag
W/"62ec189b-273"
expires
Sat, 18 Sep 2027 03:19:59 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sync.html
cdn.aralego.net/ucfad/cookie/ Frame AA23 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5669
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74cf2eda9ba5ece6-YUL
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z47oMUfxLe49ZoVVrkFUpl53O6LzDTOLxAxwdGZlI%2B%2BhU4w4DLsW6DVcMQFEz3pogiHG9GETVpU15zVVERZL4%2BcniVdQDvas%2BBZR4jY67guy9NMbw5r8LeK8MhknCnRwgJ%2BDbvbZwG%2F%2FYN%2F7Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F5A4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
67577
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 19 Sep 2022 03:20:00 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 393346
X-Served-By
cache-lga21963-LGA, cache-yul12834-YUL
X-Timer
S1663557600.418870,VS0,VE0
pbjs
sync.quantumdex.io/usersync/ Frame 89DE 		4 KB
954 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49942d1f0c6d50ea82891ebcd441a591cf8797a95cb360efcc88206d886356d2

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74cf2eda7ca2ecee-YUL
content-encoding
gzip
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
server
cloudflare
/
onetag-sys.com/usync/ Frame A705 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1663557597015
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 40CA 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1f1116ae6d6af77d7228a5bca8ef6f7303a2f0e4b35a64b0e6927c2983abd2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11818
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Wed, 21 Sep 2022 03:20:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 5945 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1f1116ae6d6af77d7228a5bca8ef6f7303a2f0e4b35a64b0e6927c2983abd2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11818
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Wed, 21 Sep 2022 03:20:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
spl.zeotap.com/ Frame F509 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9563291c83c583f8d0cd325cac7352974f21319cf874ad9dd02cbeab1e36c33b

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://secretm.me
cf-cache-status
DYNAMIC
cf-ray
74cf2edaa96a4bb8-YUL
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
server
cloudflare
vary
Origin
via
1.1 google
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 2639 		2 KB
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5669
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74cf2eda9ba6ece6-YUL
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJeo801b6oYUPL9GcOnFCzrMlWY7da0oLfZW553ezbaBlIfTcYks3H1MRgjIroKe%2B9IgxrKd%2Fi9sVwSW0aAPNjuOX3rybkM3By3nfUljsXwjRCVkRycCU%2F73oo%2FRx0W0kVG73xmr7WrQemPy6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
spl.zeotap.com/ Frame 5A17 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2df4a0cecdf766a94acf79c51174956b07c092ae70542bce76fa8554651d1b

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://secretm.me
cf-cache-status
DYNAMIC
cf-ray
74cf2edaa96d4bb8-YUL
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
server
cloudflare
vary
Origin
via
1.1 google
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame CB71 		627 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.241 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 19 Sep 2022 03:19:59 GMT
etag
W/"62ec189b-273"
expires
Sat, 18 Sep 2027 03:19:59 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
pbjs
sync.quantumdex.io/usersync/ Frame C59C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42711ed69228298e54582dafd86e794e2a0bc299da2df81b9439a8dfd8e0abbd

Request headers

Referer
https://secretm.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74cf2eda7ca4ecee-YUL
content-encoding
gzip
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
server
cloudflare
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5164764702849156945&gdpr=0&gdpr_consent=
68 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5164764702849156945&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.221.233.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-233-8.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5164764702849156945&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=4a773e4f-604f-4ec3-a341-a15f74666c6e
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=4a773e4f-604f-4ec3-a341-a15f74666c6e
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=4a773e4f-604f-4ec3-a341-a15f74666c6e
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tOhP7I8LYrXohCrQPr6-
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tOhP7I8LYrXohCrQPr6-
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tOhP7I8LYrXohCrQPr6-
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3232777307143540978&gdpr=0&gdpr_consent=
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3232777307143540978&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:19:59 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3232777307143540978&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1426208387086089782&gdpr=0&gdpr_consent=
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1426208387086089782&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
nginx
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1426208387086089782&gdpr=0&gdpr_consent=
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
smtr
contextual.media.net/ Frame C977 		75 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=765284172&size=728x90&cc=CA&chnm=HARMONY&pid=8PO2H3S30&tpid=T2MH1C5&https=1&vif=2&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&kwrf=https%3A%2F%2Fsecretm.me&nse=5&vi=1663557600227145839&ugd=4&adt1=8CU2LD671&adt2=946648751&bae=B44/zzqBax&bcpf=B44%2F8fOnRrolnfOur8zzqBax&bdrId=294&bid=328214&ntv=0&matchstring=hr%3D0&pgid=p0861350161t202209190320&goent=1&htmlsrc=1&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUP40XRI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52ef8c30a5c035d7d03880353aa6d3d0ba29bc3c1d6cdc1a69cc921418d432dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31395
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Mon, 19 Sep 2022 03:20:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-2j8t
x-sc-w
21-w3x2
bping.php
lg3.media.net/ Frame 60CA 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=592&&vgd_cdv=797&gdpr=0&prid=8PRVCXX19&cid=8CUP40XRI&crid=765284172&vi=1663557600227145839&ugd=4&lf=6&kwrf=https%3A%2F%2Fsecretm.me&cc=CA&sc=QC&lper=100&wsip=2886781041&r=1663557600405&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&vgd_bid=328214&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1663557600143789811&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU2LD671&vgd_hb_audit_2=946648751&vgd_pgid=p0861350161t202209190320&vgd_pgids=1&vgd_uspa=0&hvsid=00001663557600402025035145465297&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=35195
content-length
15
checksync.php
contextual.media.net/ Frame 510F 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/safeframe/src/html/r.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8106a4853e01d8b466df5bcb8b2bd60b665cb61e0bb643fbe71d7df90320e88e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://assets.vlitag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11818
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Wed, 21 Sep 2022 03:20:00 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
PugMaster
image6.pubmatic.com/AdServer/ Frame BBBE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52075398&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ea20cdfa40c7ee80c4c1079164cfc03ad815ab378cf665fb2db7191c9eca11b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:58 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame F5A4 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fdaee284-f1b9-48a1-a03b-ee4530611a77
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edbee32ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
0BmiJyx-NKWAEHt6Nyj8wyotQJFlydf0xH_VzFLRSKc7s8NwBbmfPQ==
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edbfe3fecee-YUL
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
edd6fa7f-bc4d-440d-bf67-c953604ea98b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd3f8fecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd7fdbecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc6eb7ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
date
Mon, 19 Sep 2022 03:20:00 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc9ee5ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 19 Sep 2022 03:20:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edcdf23ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
date
Mon, 19 Sep 2022 03:20:00 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc8ed9ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT
setuid
sync.quantumdex.io/ Frame C59C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc8ed7ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
date
Mon, 19 Sep 2022 03:20:00 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1x1.png
cdn.aralego.net/img/ Frame AA23
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MDBjYjE5ZTMtNDEyOS0zMmFjLTg5MDMtNGRmNTg0ODc1MmVm&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
743
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMqVVA5eBZ3thRNwQQ%2F4%2BBpRPPBeJfICJGsVuuMs2Pf%2BjhCG3oPNO52Av8DCSpbBBrv3zakuWnxObUyXX9b1nH7WxenaeKetEE%2Fcn1O%2B3Cf5rc0vGEcTk6H9VpU7zjGBB3Bh%2Fd6BeVatmkT8qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74cf2edd0bb94bbf-YUL
cf-bgj
imgq:85,h2pri

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc5eb2ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3065592001454640000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edda809ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc6ebaecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-HucJczFE2uHqWKFw9zKL7hB4oB5WrZkr.M2CH1U-~A
date
Mon, 19 Sep 2022 03:20:00 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc6eb6ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=c3a2778e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
sSpbcyidW45VD4712X7ZuORNthFPf80zKcLsBAzmTgxT5VMDO07ZYw==
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc5eb3ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0c8b6ec-7a11-4c93-b35b-478a85359b70
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd3f8eecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc9ee6ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 19 Sep 2022 03:20:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FVxHeQZHUkWDWtrdT_66iDou
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd6fc0ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOOfyZEgZAg2F11cLtgdiTePKe8ZIbwnpqzJAoaA
date
Mon, 19 Sep 2022 03:20:00 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 89DE
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edc6eb9ecee-YUL
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
date
Mon, 19 Sep 2022 03:20:00 GMT
content-length
0
sync
gum.criteo.com/ Frame 40CA 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b7d6542c4488ea4e36cc1d6fb19bd92775f9c4a45c60eee7e4ade3d97f2cc459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1834980
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame C688
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:20:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 1B11
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Drkt%26refUrl%3D%26vid%3D355760054230655920014546400...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005423065592001454640000V10&ovsid=979321827729254669
219 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005423065592001454640000V10&ovsid=979321827729254669
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 03:20:00 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005423065592001454640000V10&ovsid=979321827729254669
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3628 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103092
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 40CA
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005423065592001454640000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005423065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005423065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-23
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005423065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame 40CA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005423065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005423065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005423065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
RX-ad006d29-5932-421f-aa6d-8a406243cead-005
sync.targeting.unrulymedia.com/csync/ Frame 40CA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576005423065592001...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ad006d29-5932-421f-aa6d-8a406243cead-005&rndcb=3458563358
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b20538f5-2838-4e82-8157-07747f2caacd&user_group=1&ssp=adconductor&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://sync.1rx.io/usersync/bidswitch/5047f2b9-b6f8-4817-8b9f-f5305f524dc8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cksync
cs.media.net/ Frame 40CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NTU5MjAwMTQ1NDY0MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
45 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 40CA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Ddxu%26refUrl%3D%26vid%3D35576005423065592001454...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005423065592001454640000V10&ovsid=REpD1VrU1OA7ka5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005423065592001454640000V10&ovsid=REpD1VrU1OA7ka5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-00800fd222fac43b7@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005423065592001454640000V10&ovsid=REpD1VrU1OA7ka5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 40CA 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
307926
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 40CA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D5047f2b9-b6f8-4817-8b9f-f5305f524d...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4e206327-dfde-4d00-ab76-f159d6d1793a&expires=30&ssp=medianet&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 03:20:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 40CA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dzem%26refUrl%3D%26vid%3D35576005423065592001454640...
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDM...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005423065592001454640000V10&vsid=3065592001454640000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005423065592001454640000V10&vsid=3065592001454640000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005423065592001454640000V10&vsid=3065592001454640000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 40CA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3065592001454640000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 40CA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
gum.criteo.com/ Frame 5945 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
21818bbe9ee338bce523ee10ee192b55d18f03cd6d208ae7dd3ba7202a4828cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2223226
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame 633A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:20:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync
cs.media.net/ Frame 5945
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NTU5MjAwMTQ1NDY0MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
45 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIp2lK4hf8p5Ygi2u5ll_O8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 3597
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Drkt%26refUrl%3D%26vid%3D355760056630655920014546400...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005663065592001454640000V10&ovsid=968907260740163974
219 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005663065592001454640000V10&ovsid=968907260740163974
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 03:20:00 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=rkt&refUrl=&vid=35576005663065592001454640000V10&ovsid=968907260740163974
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
usersync.aspx
dis.criteo.com/dis/ Frame 5945 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
137376
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 5945
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&google_hm=NTA0N2YyYjktYjZmOC00ODE3LThiOWYtZjUzMDVmNTI0ZGM4
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMMRihsdTx7DEqemQ7Gp1ns&google_cver=1&ssp=medianet&bsw_param=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 03:20:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 5945
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3065592001454640000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=5f217df4-4aa3-4f7b-b84b-73b42d4f6649&cs=1
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync
cs.media.net/ Frame 5945
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8c547213-44f5-41c0-9f3e-f4df6d624005
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6753 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103092
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 5945
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005663065592001454640000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005663065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005663065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-23
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=son&refUrl=&vid=35576005663065592001454640000V10&ovsid=bdd621ad-373c-48e7-8fa2-f15f07807f54
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame 5945
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3065592001454640...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005663065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005663065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3065592001454640000V10&type=opx&refUrl=&vid=35576005663065592001454640000V10&ovsid=97d2c028-5a8d-4b4f-879c-610de09a2574
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 5945
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576005663065592001...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ad006d29-5932-421f-aa6d-8a406243cead-005&rndcb=4889081436
  • https://t.pswec.com/bsw_sync?ssp=adconductor&bsw_user_id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=adconductor&bsw_user_id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=c0909991-d209-419c-84c0-5908597ca204&expires=3&user_group=1&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/5047f2b9-b6f8-4817-8b9f-f5305f524dc8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=9&vsid=3065592001454680000V10&type=r1&refUrl=&vid=35576009243065592001454680000V10&ovsid=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3065592001454680000V10&type=r1&refUrl=&vid=35576009243065592001454680000V10&ovsid=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
Tengine
ETag
RXad006d295932421faa6d8a406243cead005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://contextual.media.net/cksync.php?cs=9&vsid=3065592001454680000V10&type=r1&refUrl=&vid=35576009243065592001454680000V10&ovsid=RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Connection
keep-alive
Content-Type
text/html
cksync.php
contextual.media.net/ Frame 5945
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Ddxu%26refUrl%3D%26vid%3D35576005663065592001454...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005663065592001454640000V10&ovsid=REpD1VrU1OA7ka5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005663065592001454640000V10&ovsid=REpD1VrU1OA7ka5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0165a6f2e79f02a99@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=dxu&refUrl=&vid=35576005663065592001454640000V10&ovsid=REpD1VrU1OA7ka5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 5945
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dzem%26refUrl%3D%26vid%3D35576005663065592001454640...
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDM...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005663065592001454640000V10&vsid=3065592001454640000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005663065592001454640000V10&vsid=3065592001454640000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576005663065592001454640000V10&vsid=3065592001454640000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
1x1.png
cdn.aralego.net/img/ Frame 2639
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MDBjYjE5ZTMtNDEyOS0zMmFjLTg5MDMtNGRmNTg0ODc1MmVm&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
743
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5s0DFZRhd40MFJpSRhPZ5AS2XAH6JiyAMNMWL5zq0y9X0QVetvuRmCdKYo4%2FNNkMn9JRnE3abFn58icR8Q90%2F5RMMpVwYtAb5bFNONR9%2FzYTXVUWA1r9DhZxhDtP621bE%2FMaLos0y1ufypCTQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
74cf2edd3c014bbf-YUL
cf-bgj
imgq:85,h2pri

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9EC2
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7168440001839935516&uid=Q716844000183993...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168440001839935516
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168440001839935516
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:19:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=64185
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 19 Sep 2022 03:20:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7168440001839935516
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame EBB5
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DiH1KxaUDZWqGRO_4d8nYw
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DiH1KxaUDZWqGRO_4d8nYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:20:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DiH1KxaUDZWqGRO_4d8nYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame C8FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 3724
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
64 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1663557601.637797,VS0,VE18

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12824-YUL
x-timer
S1663557601.594267,VS0,VE21
x-vcl-time-ms
21
cookiesync
core.iprom.net/ Frame 477D 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 03:20:01 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-08db4250f8dd@version_1.525v2
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame C53C
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f1dd804e-2ca0-4541-9b2c-a87e73744a65
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f1dd804e-2ca0-4541-9b2c-a87e73744a65
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:20:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=f1dd804e-2ca0-4541-9b2c-a87e73744a65
strict-transport-security
max-age=15724800; includeSubDomains
epx
um.simpli.fi/ Frame 680B
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://um.simpli.fi/epx
43 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um.simpli.fi/epx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.133.71.175 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.71.133.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
content-type
image/gif
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
pragma
no-cache

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Sun, 18 Sep 2022 03:20:00 GMT
location
https://um.simpli.fi/epx
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame F696
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:19:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
Sun, 18 Sep 2022 03:20:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CD33A3D1D3B34AC797A55A73FE039E0A
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
u.4dex.io/ Frame D3B0 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
33141
tags.bluekai.com/site/ Frame BBBE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=DC2853D5-3799-48B3-B941-A5BB4E63177C
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f535d2551393d2124221b2f934f96722&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=8c547213-44f5-41c0-9f3e-f4df6d624005&icm&gdpr=0&gdpr_consent=&cver
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-coRlxYxE2pTSgUy.Z7BSffLoET31QFP1wA--~A&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=dbf239721e13e9fb
62 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=dbf239721e13e9fb
Protocol
H2
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=dbf239721e13e9fb
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame BBBE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DC2853D5-3799-48B3-B941-A5BB4E63177C&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DC2853D5-3799-48B3-B941-A5BB4E63177C&addseg=10,33,39
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=DC2853D5-3799-48B3-B941-A5BB4E63177C&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame BBBE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=DC2853D5-3799-48B3-B941-A5BB4E63177C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DC2853D5-3799-48B3-B941-A5BB4E63177C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=DC2853D5-3799-48B3-B941-A5BB4E63177C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Frontend-ID
3
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Frontend-ID
7
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=DC2853D5-3799-48B3-B941-A5BB4E63177C&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame BBBE 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-125.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
VsNK_B67E8DRQHUljQdksxbXHm2qoZ7UT8Xbg3KcPPcjd_MvS3Gbxw==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame BBBE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=177430568407624767
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=177430568407624767
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:19:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c64678de-09d7-4b58-87da-9b84577d74c5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BBBE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a43f58da-b153-4708-ab41-60a29c16d19b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a43f58da-b153-4708-ab41-60a29c16d19b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a43f58da-b153-4708-ab41-60a29c16d19b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
d1ba4609
rtb.gumgum.com/getuid/ Frame BBBE 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.183.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-183-209.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame AFE7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d02acbb8a8b8f543d31c35e392b53f17e26c49560b3a3920f02f09ebf1d33b3d

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74cf2edbeaf13ffd-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0TKoETWQpWXPvWHHzE7tIZ0iqhoYFzb55Ruj7FfxjUFwrNwHdyGXxE3SBn8g4KpH5ZJO9xYpAXVS%2F80EotumX03pqdE%2FL%2BFVcyYf9FtthbqiM0cyIjZvdx%2FcMpiyRqcNw325mdajkUqwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D72D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:20:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 47B3 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 8F68 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
Tengine
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DAD0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103092
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0044 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame B878 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
Tengine
usermatch
ssum-sec.casalemedia.com/ Frame EB58 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d4eabf653097e46726bf36f631f4c0f36e26ff79dca0ade8e6403a0731f1d9

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74cf2edbeaf43ffd-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyTNJl6TzEH%2BrSPFrd5vodl9M%2FKZCL9pgIyyOLFd7slDWmmTq9HY%2B5GTokv8hCSXaI%2BS%2BYmlbUAG3fL3Kk0Qk3ffzqhuBpQo3MbjAQ7qhfYoIyM4v2GbN3it%2B8hOBILGbvLpHffd%2FZt9KA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FEF7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103092
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EF15
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:20:00 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame F6C8 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 18 Sep 2022 08:13:53 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
68768
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
ef4GNLFKTfbV9ATwyH3yG-WtWJskXOpDgjdMLCST7D45VyJSYSxTjQ==
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame CB71 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 18 Sep 2022 08:13:53 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
68768
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
XX2ODagyv1krwrwBuANR8vI9PzRJ4vOI10syQEWw2eynk4Xehpww4g==
getuid
ib.adnxs.com/ Frame 5A17 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 5A17 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%252Chttps%253A%252F%252Fmwzeom.zeotap.com%252Fmw%253Fcid%253D2649b0e0-6bba-422c-a092...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c547213-44f5-41c0-9f3e-f4df6d624005&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%2Chttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw...
  • https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede0d7a4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 5A17 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd...
  • https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd1c564bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 5A17 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557601.730353,VS0,VE21
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL
u
dmp.v.fwmrm.net/ad/ Frame 5A17 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d94072...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd4c984bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
date
Mon, 19 Sep 2022 03:19:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=6a7ae9dc-c707-4164-bcb4-ef8e3dc4e160&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6a7ae9dc-c707-4164-bcb4-ef8e3dc4e160&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2f0d4e924bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=6a7ae9dc-c707-4164-bcb4-ef8e3dc4e160&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:08 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edf4f584bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-usw2-2-v037-08084a0db.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rrJ2ERV3T7Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7144925487027583115&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7144925487027583115&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede8e604bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7144925487027583115&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edf9fcf4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
last-modified
Mon, 19 Sep 2022 03:20:01 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e600562...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede4dcb4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
date
Mon, 19 Sep 2022 03:20:00 GMT
content-length
0
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-21...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede0d7d4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
cache-control
no-cache
x-server
10.40.39.165
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd3c834bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
http/1.1 spdc0109.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CAN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=Mo3gO3Spc75gxqcK3%2F%2FE0w0kYEZuqfJq%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=Mo3gO3Spc75gxqcK3%2F%2FE0w0kYEZuqfJq%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd1c534bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=Mo3gO3Spc75gxqcK3%2F%2FE0w0kYEZuqfJq%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
Lv-tZXUt5MRZ-1wTiK6yfVYkf_R3vCOZqKfRP4pye5UvJZ1xlTsT7A==
expires
0
mw
mwzeom.zeotap.com/ Frame 5A17
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d9407...
  • https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10606540073709234445&zdid=1361&reqId=d940724f-2126-43f6-5e52-95e6005624d8&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&g...
95 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10606540073709234445&zdid=1361&reqId=d940724f-2126-43f6-5e52-95e6005624d8&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd6cb24bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10606540073709234445&zdid=1361&reqId=d940724f-2126-43f6-5e52-95e6005624d8&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5A17 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1663557600
x-served-by
beacon-n010-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 5A17 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663557601.730893,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12826-YUL
usermatch.gif
beacon.krxd.net/ Frame 5A17
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e60056...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1663557600
x-served-by
beacon-n017-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
date
Mon, 19 Sep 2022 03:20:00 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
dcm
s.amazon-adsystem.com/ Frame 5A17
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc...
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9W11PD507KFF8Y5FX58Y
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
VWYRCP5BVNHD1TC4KXSQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 5A17 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
getuid
ib.adnxs.com/ Frame F509 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F509 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%252Chttps%253A%252F%252Fmwzeom.zeotap.com%252Fmw%253Fcid%253D2649b0e0-6bba-422c-a092...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c547213-44f5-41c0-9f3e-f4df6d624005&ttd_puid=2649b0e0-6bba-422c-a092-22b21a9541f8%2Chttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw...
  • https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede0d7e4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2649b0e0-6bba-422c-a092-22b21a9541f8&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame F509 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3...
  • https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd1c554bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=8c547213-44f5-41c0-9f3e-f4df6d624005&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame F509 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1663557601.730305,VS0,VE18
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12824-YUL
u
dmp.v.fwmrm.net/ad/ Frame F509 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd4c994bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=DC2853D5-3799-48B3-B941-A5BB4E63177C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
date
Mon, 19 Sep 2022 03:19:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame F509 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1c96:4102:a960:6792:1f2e:dfa -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edf4f624bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-usw2-2-v037-0ffbbbf34.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
tf8M1m4nTNA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=04391427402192166912549765893084360539&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7144925491308918923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7144925491308918923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edf1f1f4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7144925491308918923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edf9fce4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
last-modified
Mon, 19 Sep 2022 03:20:01 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=4MUfLBHrOyFHIo/PvaTyPu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061b...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede4dcd4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=5164764702849156945&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
date
Mon, 19 Sep 2022 03:20:00 GMT
content-length
0
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d3...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede0d7f4bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=94073d30c6a6c33e434c937c64bf25b1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
cache-control
no-cache
x-server
10.40.39.216
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd3c844bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
http/1.1 spdc0109.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-VCs37iZE2oqdj53buUQh2BUkwme1LOzwNA--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CAN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=%2FcUdZwckx4lgxqcK3%2F%2FE00YuKnjHENsR%2BS41iYitP1U%3D
95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=%2FcUdZwckx4lgxqcK3%2F%2FE00YuKnjHENsR%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd1c524bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=%2FcUdZwckx4lgxqcK3%2F%2FE00YuKnjHENsR%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
PI0Oub5ynTPmNr3xFvCutGLbmJSMUYoD4GDpbu2c9A8tJSH4VVWRXA==
expires
0
mw
mwzeom.zeotap.com/ Frame F509
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3...
  • https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10610902935401796924&zdid=1361&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&g...
95 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10610902935401796924&zdid=1361&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2edd6cb54bb8-YUL
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10610902935401796924&zdid=1361&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame F509 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1663557600
x-served-by
beacon-n013-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame F509 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663557601.730867,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-yul12826-YUL
usermatch.gif
beacon.krxd.net/ Frame F509
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PFmngjtl&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1663557601
x-served-by
beacon-n023-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74cf2ede1d984bb8-YUL
access-control-allow-headers
*
dcm
s.amazon-adsystem.com/ Frame F509
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c...
  • https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
7YQSB3K86WPPMD71PR99
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
C4GCE86A9S5NKBVE3CWT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=39af290e-e48a-466a-ba7d-77872fa636b5&id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame F509 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
usync.js
eus.rubiconproject.com/ Frame C688 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29866
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
usync.js
eus.rubiconproject.com/ Frame 633A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29866
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpkOZTQSEueQCuO8mqxVRI&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpkOZTQSEueQCuO8mqxVRI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2edd5c493ffd-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hx2Mbuh4x2NDgU9s4tBmDnFdcVyD4gSX5R%2FEMDZOzKGoHYKBv4qjSg3d8NoC0Hhc6r0p06iPEW%2BddgigKA0dAIFr3xbgf6ulis5nNWzJ8JInSls%2BX7RtkjzNqG4XTf5P17qs09ejFDZVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpkOZTQSEueQCuO8mqxVRI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yyff356zThWaqrsQ-11EXQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjzjAvdoHPTPUCQXw0kv58&google_cver=1
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjzjAvdoHPTPUCQXw0kv58&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2edffef03fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BkaoeULlEnocz2P%2FfCGYNvTlnjI7gfjbMZuUj6t69XK8OP3EnhgD7137c9DyUChZ%2FhlAgBN9yil5lZ3xiZQm2qWrCZogwPkDEWJdeqOrA59T%2BOkKNkfhZZteMTiWtvX79et7gLDderNQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFjzjAvdoHPTPUCQXw0kv58&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&expiration=1666149601&gdpr=0&gdpr_consent=
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&expiration=1666149601&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2edd9cd53fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDPNF7IzuLVB0YvGOu7%2FAbxFTrMlap6JWDpzqKPc6ssnc7liFJg3aIeYttuv%2Fg8ccda%2F184VcyhH79FdwvOMjDu8TwrywIoDv3Pwtv0KkyPGvxnciwzCzTJ0%2B%2BSkkfOElFnvHmZAdtX1Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8c547213-44f5-41c0-9f3e-f4df6d624005&expiration=1666149601&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame EB58 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
TT6KDPKM2Z5A1MP8RE2D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679196000&external_user_id=28c02b3f-aa87-49d4-b41e-4fda73e4054a
43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679196000&external_user_id=28c02b3f-aa87-49d4-b41e-4fda73e4054a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2edffeef3fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biKGe4Fn73bsFzig5XU2PsDjpW2X6UURK3VSIbnd%2F%2F%2BGG1hKOKQXQDAniZW4ibQJVVZoB3WC6WS%2FTfkA%2BNwI98NAaf0sx6aibNJ9hXhBaF2HNIXVxTZ40Iikc37ay9tUIwEMMHVS1qogbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679196000&external_user_id=28c02b3f-aa87-49d4-b41e-4fda73e4054a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2eddace93fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bg26HRn2tXXIk4oeFe5HLLXZP0Mx3vF4ctdAKPanFbaONCd8Uoc37q2apskzJq%2FyIQQAQ2aoEftxp80N%2FK1owAG20B4BmQoubaBydjBXm23Q9auOY5SCZsTMYF4kMoSOKAnblK8oYx9lkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 03:20:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168440001428602739&uid=Q7168440001428602739&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168440001428602739
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168440001428602739
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2ee008e8a252-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vF4gw21wUfrZUdnwsvk2BH8KRG0fZcAUDbAIWYWUE1ePH2T%2B1HilFPAwPP%2F60kFf8JuGlgcLPpmWgImm9cNYjGoopHQKWJ6CL%2FStehqacwn%2B3weilcAzmAsrmcI%2B4CDzuYDcojeVRwxa5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 03:20:00 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168440001428602739
Cache-Control
max-age=64186
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame EB58
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_6327dfe0e0261&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6327dfe0e0261
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6327dfe0e0261
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2ee008e9a252-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BFQlgkP95IjyBsFnzGMsue4QRcHjNNm0oXX%2BxltWHZ6kPzGCtFuYIB%2F%2FgNgrhsRDdUf97UmfzftWjiggQQBfYDIaPtRULr5QeA0QIQSVGLG3vx3oNW5zR%2FnXtBYkwhU4ZDyoIxHN0%2F0Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6327dfe0e0261
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
setuid
sync.quantumdex.io/ Frame EB58 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd3f87ecee-YUL
content-length
43
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame EF15 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29865
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
crum
dsum-sec.casalemedia.com/ Frame AFE7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=177430568407624767
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=177430568407624767
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2edd7cae3fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmspGUaGeT8LaB5c4ZNLk%2BkS2VYj4dO9yU4QryabomNWC5zWoQNFrtnuGA5cehLC0cHNuI%2FLH0EG1r20nS1P%2FKZZKkVj89hYXI0ZLYsMGKTKVW2fmCamqXkPHZERyOSVNBVqQshf97%2FI2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:00 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
66560177-2944-45ba-ac30-f36af990aa8a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=177430568407624767
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AFE7 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame AFE7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yyff4AAAISIPfgAE
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yyff4AAAISIPfgAE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2edd7cbd3fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgPmbP47YWrjs3M8MDrLLklnzbzDpYVJL3iiGuZjorE%2FECL5g2V5zLl4%2ByIwFOWNtf5%2FXuM7ifnZj1xcb0Ok3ANxt3lTd7ckvFp3%2FWCIojEOIR0nY9PBGTaAxJPAlXIRra3Qky5jCBsnUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663557601.836149,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yyff4AAAISIPfgAE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame AFE7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3232777307143540978
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3232777307143540978
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2eddacec3fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9dKrjq954cgydpMmT%2BVgD19BzzanaoXXO894ST7E2DybZKnGf8X51sHBaURPny4sz8WnEEYfWQhQDuQ2SQvbDOzZTiO8GD1a1pH4%2Fu2CSVHzkz%2B3VnyMLReCBvh4FJEKAMJ2gULqK%2FM%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3232777307143540978
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame AFE7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2eddaceb3fdf-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpsiVEuU5NeBsLGBf3QEpYqNXf4QoiardC9AYxMya2wEsbXH2wlY5KR%2BCb20N%2Bkt4oJLW7dmBnjUzS5D6wAAqlqdxzeprwxjPYK2RYpNzrtCuovAXGB6%2Bp5dJbuQz7F5c4xOjm%2Bw7trvdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=CD33A3D1D3B34AC797A55A73FE039E0A
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 18 Sep 2022 03:20:00 GMT
396846.gif
idsync.rlcdn.com/ Frame AFE7
Redirect Chain
  • https://idsync.rlcdn.com/461886.gif?partner_uid=Yyff356zThWaqrsQ-11EXQAA%26158&&gdpr_consent=&gdpr=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0a38d6d1-3cca-47cf-bbaa-9f906beed670
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0a38d6d1-3cca-47cf-bbaa-9f906beed670
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 03:20:00 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 19 Sep 2022 03:20:00 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=0a38d6d1-3cca-47cf-bbaa-9f906beed670
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
rum
dsum-sec.casalemedia.com/ Frame AFE7
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69738a86-aeb4-4988-9ad8-dc4c1211f807&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69738a86-aeb4-4988-9ad8-dc4c1211f807&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2ee0393ba252-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jcb3jrb5kKz0moODDm0yRvoAyIxZu2cNJOHpcqpnRartQAjrakQubkNypubwWwJJIsoRrhYSGRRnIWlboPU6EWq8SD%2FK5h%2BEDTezlLPiq7AlUejUx2xDWzWfIskd2JNctJD%2FNzLNS7BeQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=69738a86-aeb4-4988-9ad8-dc4c1211f807&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd4de57136-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
setuid
sync.quantumdex.io/ Frame AFE7 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=Yyff356zThWaqrsQ_11EXQAAAJ4AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2edd3f8becee-YUL
content-length
43
content-type
image/gif
log
c21lg-d.media.net/ Frame 40CA 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=k-q7LBOp3FhMoo2SIoAG2Z-uvQHXWs4o&cs=15&vsid=3065592001454617000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 19 Sep 2022 03:20:00 GMT
content-length
35
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame D72D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29866
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
cksync.php
contextual.media.net/ Frame C688
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8878POX-1U-8LKK
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8878POX-1U-8LKK
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8878POX-1U-8LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L8878POX-1U-8LKK
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
log
c21lg-d.media.net/ Frame 5945 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=WarGWPWc02vbeX9_jtj-T_t_-NJ-xSd-&cs=15&vsid=3065592001454617000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 03:20:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 4479
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.72.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-72-34.compute-1.amazonaws.com
Software
/
Resource Hash
5c0ed795c5fb35cb71439d1f66c838861274a19c0193b965aea52e272bfe06b3

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:20:01 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 19 Sep 2022 03:20:01 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 03:20:01 GMT
location
/um/cs&eq_cc=1
setuid
ss-pbs.quantumdex.io/ Frame D72D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression&khaos=L8878POX-1U-8LKK
  • https://sync.quantumdex.io/setuid?bidder=rubicon&uid=L8878POX-1U-8LKK
  • https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L8878POX-1U-8LKK
86 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L8878POX-1U-8LKK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
74cf2ede3891ecee-YUL
expires
0

Redirect headers

location
https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L8878POX-1U-8LKK
date
Mon, 19 Sep 2022 03:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74cf2eddb81becee-YUL
content-length
43
content-type
image/gif
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame F6C8 		155 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 18 Sep 2022 04:42:55 GMT
via
1.1 55d59f6fe20d812e375923d2e18ac7fc.cloudfront.net (CloudFront)
age
81426
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-amz-cf-id
U53V2c0GcxEw5wDHn8ch2b03BzPWUmpxROwdgXNxZAeoqpxI5-Bymg==
bql.php
lg3.media.net/ Frame C977 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=4562&&&vgd_l2type=sca&fp=GqaAE-q09guD5UPBPzwpJ38kfargAtcbD5jsrE58goxydYY0l2x0MWENIIllAW4t-QOQO7VqqeELovy0XGKjtkTy9_P8g8VAc5Gwr5CJpqVDlNHQiuHYHXHra4bFPntFd3CSuhBesMk%3D&cme=yhzg4Gb0VHjyptj_Ftn2UAP8aHrjTrRruuoYlpYiTNbouFuCfdvLfB0SpzTrwRlCH7DOlrzPnS47Q_TB3HGLA3j7ayGktv7TuoUoXoqAixm3sNdZ2kOpBvByy9I8XM54BlcD_TgpC-CBi27VtHkdidIeJ7qQgsDXWhDhahyFyqXSAMA96psn5pXeuYlEwIbeic7SpteWi6IHnUWhhgVyN51ow4gE4GRE%7C%7CmQr6zRh0rXtUWoyHYxdXcHT8l8UFnE6K%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7mxqPZcR047BVqrKqLwQY9NPcZ8nSyxSfOcBp91DkaeJz-nCZXuwqhtD6TKuWo6f8%3D%7Cxrl5Md8q4-_Hr1kvC0xGgvwz3RCdScWraTw1m8hY_lk%3D%7CY-pvtgAimTYTp6QfRViI0A0INrpFJQUyNIERwnxml94xA6bGVu9nU5OZmJ6ItkM2-keu83vDsWajdTcp0mOn1nVR-bwpZe9CNfPD6en4mrLdTxwQJcEm6ZFBkXgpAQAT_YnpK6XRT4bDg-9HhmzfphQkBxnz7dI-JpP06vfaJNYi0mXfeogC8t_PSIV40QzKNuTkExQfC6pnfRK0pc-tDe2U2_4-tF4g3N1a_rEuEp4%3D%7Cu8A6SM53vAeKpGCWDR7uu-LaeBDu2sli%7C&v=1&geo=45.5%7C-73.58&dlper=20&lper=100&lpid=&tsid=4&q=&prv=&type=&ps=&hint=&td=&cc=CA&wsip=170721663&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_fm_lang=EN&vgd_dnquo=00_XX&ksu=224&fdkt=375&vgde_kbbh=fuoyxQBuG&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=375&kbc[]=61854&kwp[]=1&kid[]=299487099&kbc2[]=%23c%3A3002257%7C1%3D1.63%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D4.48%7Cps%3D0.891%7C3%3D0.58%7C4%3D4.44&ktd[]=4503874538832128&ktrkt[]=Bank+Owned+Cars+for+Sale&kwd[]=Free+Project+Plan+Template&kwt[]=375&kbc[]=76780&kwp[]=2&kid[]=11640498&kbc2[]=%23c%3A3002257%7C1%3D0.75%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D4.00%7Cps%3D0.891%7C3%3D0.52%7C4%3D3.55&ktd[]=274894684416&ktrkt[]=Free+Project+Plan+Template&kwd[]=Best+High+Return+Investments&kwt[]=375&kbc[]=39029&kwp[]=3&kid[]=326649050&kbc2[]=%23c%3A3002257%7C1%3D0.45%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D6.50%7Cps%3D0.891%7C3%3D0.51%7C4%3D4.10&ktd[]=274894684416&ktrkt[]=Best+High+Return+Investments&kwd[]=Top+3+Stocks+to+Buy&kwt[]=375&kbc[]=32871&kwp[]=4&kid[]=321206339&kbc2[]=%23c%3A3002257%7C1%3D0.77%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C2%3D3.43%7Cps%3D0.891%7C3%3D0.42%7C4%3D3.55&ktd[]=274911461632&ktrkt[]=Top+3+Stocks+to+Buy&cid=8CUP40XRI&vwid=1663557600227145839&vi=1663557600227145839&tdAdd[]=ib%3D0&vsid=3065592001454617&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=797&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU2LD671&vgd_hb_audit_2=946648751&vgd_refdomain=secretm.me&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721663&vgd_nrrv=13273&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_go_pid=8PO2H3S30&vgd_go_bid=328214&vgd_go_abtid=89158&&vgd_ifrmode=14&vgd_l1rakh=1663557600143789811&sttm=1663557600402&upk=1663557600.24228&hvsid=00001663557600402025035145465297&verid=3111299&vgd_matchstr=hr%3D0&sbdrId=196&vgd_ecrid=S0300080813018100728009099999900&vgd_isiolc=1&vgd_fcm_enc_mis=1&&kbbq=%26asn%3D16276&&vgd_vstrid=3065592001454617&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9H~e8QMQOvHXf~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9ff9iuWf9~8xLjMGvfHXF.hF~xLjM7UNv9~Q7Ove8MuWHf9hWfAuMW~j1Q7v~e8QMxLjMGv9.XA~8Evf6%20xxb~kGGv9~e8QMxLjMjvu9~L88Ex1vf%2Cf~J7vff~LNvu~LEQMQOvf9ff9iuWf9~e8QMGvhXH.XF~xLjMGv9.Hu~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9H~GYvu~Q8OvhFXfWHuhf~QOvou~x8OvuVwNJIq6rgQPAy-3W~G7OvfHfWAFHuhiu9AXFWW9h9fHfiF9Xu9FHW9fAifH9FihWXfAAi99uWXWAHWuFiuiXfWhFuhiXhAuXWiFHuHf9W~OfEMjvA9~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iX~myOfEMGv9.iX~exLjMGv9.iA~QQvuF99-uf99~x8Bvou~NJv9~LEQMGvAA.hW~exLjMjvf9~%3DVvfhAi~z7Qvu~c0fv.*YJQQ1yJ.*~7Gvou~N7vYmz7LJ1j~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvu.9W~8Q8kv9~jNvu~G8Ov9.9H~ONvh~ejfLMGvu.XH~8exLjMjvf9~QxEEj5M71yM8Ove8MuWHf9hWfAuMW~NGOEv9.9H9~OYYvw1LYmz5~QOvou~O7NvJ1Q7MQN~LJkMNz7vu~O1jyv~w7Yjvu~QmGEv~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9H9~875EJM8OvA~QJjjJLM71yM8Ove8MuWHf9hWfAuMW~N1LL8JLVOv9~ONx7vh9~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfif&vgd_optout=0&vgd_cfud=220907&vgd_scsver=315&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D&&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001663557600402025035145465297&subBdr=196&bdrid=294&rc=0&rand=1663557600868&acid=c34ecd0785774a668bea48ac69dbaa49&matm=1663557600868&vgd_ltimesrc=1&vgd_ltime=919&vgd_rtime=917&vgd_etm=4&vgd_l1hcsd=A12%7C6208&vgd_l1ch=1&vgd_lhl=2458&vgd_pgid=p0861350161t202209190320&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_csip=rtb-common-7d9b58d7cd-f4vgq.SC&vgd_sbSup=1&vgd_nrrs=13273&vgd_cntrdt=SL%7CDIV-rc_48b05ed7f1e5d01%7CDIV-sf_align&vgd_crefurl=https%3A%2F%2Fsecretm.me%2F&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUP40XRI&cpcd=Ttcg_OTxKwVqtgOb1xhcBg%3D%3D&crid=765284172&size=728x90&cc=CA&chnm=HARMONY&pid=8PO2H3S30&tpid=T2MH1C5&https=1&vif=2&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&kwrf=https%3A%2F%2Fsecretm.me&nse=5&vi=1663557600227145839&ugd=4&adt1=8CU2LD671&adt2=946648751&bae=B44/zzqBax&bcpf=B44%2F8fOnRrolnfOur8zzqBax&bdrId=294&bid=328214&ntv=0&matchstring=hr%3D0&pgid=p0861350161t202209190320&goent=1&htmlsrc=1&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 03:20:00 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=27487
content-length
15
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame CB71 		155 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 18 Sep 2022 04:42:55 GMT
via
1.1 55d59f6fe20d812e375923d2e18ac7fc.cloudfront.net (CloudFront)
age
81426
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-amz-cf-id
QXK6CP5VZnzo6kGNLMgp_8oI36cprCRk9JCHrXsZhFZBzSbS_xJZqg==
usync.html
eus.rubiconproject.com/ Frame 2676
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 03:20:01 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 19 Sep 2022 03:20:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame D551
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Drkt%26refUrl%3D%26vid%3D355760092430655920014546800...
  • https://contextual.media.net/cksync.html?cs=9&vsid=3065592001454680000V10&type=rkt&refUrl=&vid=35576009243065592001454680000V10&ovsid=968907260740163974
219 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=9&vsid=3065592001454680000V10&type=rkt&refUrl=&vid=35576009243065592001454680000V10&ovsid=968907260740163974
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 03:20:01 GMT
expires
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 03:20:00 GMT
Location
https://contextual.media.net/cksync.html?cs=9&vsid=3065592001454680000V10&type=rkt&refUrl=&vid=35576009243065592001454680000V10&ovsid=968907260740163974
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
usersync.aspx
dis.criteo.com/dis/ Frame 510F 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
222873
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 510F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171119738&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5047f2b9-b6f8-4817-8b9f-f5305f524dc8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 03:20:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E61 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=103091
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 03:20:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 20 Sep 2022 07:58:12 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
RX-ad006d29-5932-421f-aa6d-8a406243cead-005
sync.targeting.unrulymedia.com/csync/ Frame 510F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dr1%26refUrl%3D%26vid%3D35576009243065592001...
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ad006d29-5932-421f-aa6d-8a406243cead-005&rndcb=7284432612
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968907260740163974&expires=30&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/5047f2b9-b6f8-4817-8b9f-f5305f524dc8?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-ad006d29-5932-421f-aa6d-8a406243cead-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cksync.php
contextual.media.net/ Frame 510F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dzem%26refUrl%3D%26vid%3D35576009243065592001454680...
  • https://stags.bluekai.com/site/23178?id=tOhP7I8LYrXohCrQPr6-&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUJ5UFAN2JHBGFS4SYN5UEG4SRKBZDM...
  • https://contextual.media.net/cksync.php?cs=9&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576009243065592001454680000V10&vsid=3065592001454680000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=9&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576009243065592001454680000V10&vsid=3065592001454680000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU2LD671&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C2047%2C336%2C3014%2C337%2C338%2C77%2C38%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 03:20:01 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=9&ovsid=tOhP7I8LYrXohCrQPr6-&refUrl=&type=zem&vid=35576009243065592001454680000V10&vsid=3065592001454680000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
data
bcp.crwdcntrl.net/6/ Frame F6C8 		255 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
49760772dcf18f2f555cdd8f9b2a94282a60ca4143c4adc2db81b12d4063f396

Request headers

Referer
https://s.e-planning.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
cache-control
no-cache
x-server
10.40.14.55
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
255
expires
0
data
bcp.crwdcntrl.net/6/ Frame CB71 		253 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f0bf98437a8bb108a516e2660f5a7cf6ed3d851dfdbbccf1cb5e9243f1526c77

Request headers

Referer
https://s.e-planning.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
cache-control
no-cache
x-server
10.40.41.130
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
253
expires
0
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 2170 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://s.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
10265
cache-control
max-age: 86400
content-length
2240
content-type
text/html
date
Mon, 19 Sep 2022 00:28:57 GMT
etag
"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-id
jsCdtndS0V9B8JiKli_zzt2mh1EpWStA14hd_JIACiDItYT1-zANDQ==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 8746 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-92.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://s.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
10265
cache-control
max-age: 86400
content-length
2240
content-type
text/html
date
Mon, 19 Sep 2022 00:28:57 GMT
etag
"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-id
QXG7k7giGm5u1yKmPMFqJdte0GeMKLWNoZw-bzaQbMxbq7lvYK0bdw==
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 4B24 		789 B
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1d8c63b6aeed8d52ef2d95b8611eb72e82cecc509f325f0bcf165b6a269fcca8

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
789
content-type
text/html
date
Mon, 19 Sep 2022 03:20:01 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.37.230
pixels
bcp.crwdcntrl.net/ Frame A042 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c510407055f17452924aaa05baaf0755899fed05f8d6a8dd7f3322819844d23b

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-length
1202
content-type
text/html
date
Mon, 19 Sep 2022 03:20:01 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.41.91
pixel
cm.g.doubleclick.net/ Frame 4B24 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTQwNzNkMzBjNmE2YzMzZTQzNGM5MzdjNjRiZjI1YjE&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4B24
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-T2ILLRlE2pzJwLlAxeQTC4B8HnT9QrXLuiY-~A&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-T2ILLRlE2pzJwLlAxeQTC4B8HnT9QrXLuiY-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.47.151
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Mon, 19 Sep 2022 03:20:01 GMT
via
http/1.1 spdc0109.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-T2ILLRlE2pzJwLlAxeQTC4B8HnT9QrXLuiY-~A&gdpr=0
content-length
0
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 4B24 		0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.111.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
x-content-type-options
nosniff
to-dmp-sync
s2a-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
no-store
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
74cf2edfbad2a1e4-YYZ
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
expires
0
usermatch.gif
beacon.krxd.net/ Frame 4B24 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=94073d30c6a6c33e434c937c64bf25b1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.59.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-59-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1663557601
x-served-by
beacon-n038-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
5907
tags.bluekai.com/site/ Frame 4B24 		62 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=5a3fc338028ae2d15ff2dad21f8b610a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c547213-44f5-41c0-9f3e-f4df6d624005/gdpr=0/ Frame 4B24
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c547213-44f5-41c0-9f3e-f4df6d624005/gdpr=0/gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c547213-44f5-41c0-9f3e-f4df6d624005/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=22%2C41%2C104%2C80%2C12%2C116&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.107
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c547213-44f5-41c0-9f3e-f4df6d624005/gdpr=0/gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
qmap
sync.crwdcntrl.net/ Frame A042
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4e206327-dfde-4d00-ab76-f159d6d1793a&src=lot&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4e206327-dfde-4d00-ab76-f159d6d1793a&src=lot&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.216
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 03:20:01 GMT
Server
MT3 4505 5b23575 master ord-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=4e206327-dfde-4d00-ab76-f159d6d1793a&src=lot&gdpr=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 03:20:00 GMT
tpid=2649b0e0-6bba-422c-a092-22b21a9541f8
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame A042
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=94073d30c6a6c33e434c937c64bf25b1&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D2649b0e0-6bba-422c-a092-22b21a9541f8%252Chttps%253A...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=177430568407624767&pt=2649b0e0-6bba-422c-a092-22b21a9541f8%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2649b0e0-6bba-422c-a092-22b21a9541f8
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2649b0e0-6bba-422c-a092-22b21a9541f8
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.35.4
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=2649b0e0-6bba-422c-a092-22b21a9541f8
date
Mon, 19 Sep 2022 03:20:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341/ Frame A042
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.62
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
loadus.exelator.com/load/ Frame A042 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=94073d30c6a6c33e434c937c64bf25b1&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3232777307143540978/ Frame A042
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/94073d30c6a6c33e434c937c64bf25b1/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3232777307143540978/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3232777307143540978/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.0.238
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3232777307143540978/gdpr=0
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=894798916
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=177430568407624767/gdpr=0/ Frame A042
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=894798916
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=177430568407624767/gdpr=0/rand=894798916
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=177430568407624767/gdpr=0/rand=894798916
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=38%2C106%2C33%2C100%2C3%2C2&c=15238
Protocol
H2
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.43.95
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e7a1784d-30fe-4de1-9521-02825c1e5c67
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=177430568407624767/gdpr=0/rand=894798916
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2676 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29865
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Mon, 19 Sep 2022 11:37:46 GMT
crum
dsum-sec.casalemedia.com/ Frame 4479 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=09cfd016-151b-4df8-acac-6b35d84c3e53&expiration=1671420001
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74cf2ee02918a252-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lYFLuDiTGN9s1cXcyx2oePcWdZ5ur6Mxx7TUZr3i6WChhDtc0bMlNnycZuvJj20Cccqf%2B8CMUYI5Jo3GFu6%2FRQqMSJeN859g20JxOOc2noLklf6GT1uKqaBcHqWrs3GnRbkjL344NL1DA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zGT_onxuRC9Sa2ptZFpRbCthZnQ4UDd3aEROUzI5bjhMQnkzbG04OTdTKzhtd2JQV1ZmL2FiTE5XSHRMYTI1RUZ3Rm1neTNlT0V3Rk4xMEFWSDRhZHFhMUs1VENDb1BjVE8xVVN0NnZuT3VLbEtPeDZkdVJKY1FOV3Z0NXRxUlVZZDk3WnEvY3ZPRVNNT1Z1dks4VUdUNzlXbGdXQ2x2cDBhanFVN28zOWV3TjdlY2k2UnM2azFxaWgxZ3Zmc2MvZ1BVL1BUbERTQXNXRkJ2a1hxM1hSRHRLZ2VJZHVUeVJ4QlJxSXFpYlA2eHhQZmxlSWtaQ2JzNm1WYkZzYS9aV1F3RHFrQW1FbmxPb2tUbU9JazcxNEhUOUV6UT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 03:20:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
392345
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-94XQDK4SL9&gtm=2oe9e0&_p=1870830555&cid=1058947189.1663557596&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1663557596&sct=1&seg=0&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&dt=Send%20Secret%20Message%20to%20your%20friend%20on%20SecretM.Me&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F5A4 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 03:20:01 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1fae198b-1983-4a62-96f4-f4c37b1a4eab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame C977 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C977 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C977 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
SPug
simage4.pubmatic.com/AdServer/ Frame BBBE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/g/ Frame 8ABA 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-94XQDK4SL9&gtm=2oe9e0&_p=666937816&cid=1058947189.1663557596&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1663557596&sct=1&seg=1&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&dr=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&dt=&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94XQDK4SL9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secretm.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secretm.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame 0CF2 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&ifst=0&vid=c9599f2f-adb5-47ca-b6ed-05fc0332da64&s_city=Chicago&ugd=4&exp=ssProfile%3D0%7Csfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D2%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=-1.0&mx_TAF=2&ae=false&mx_UCC=5&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.040&v_mkey=gen-vblt_prebid_test_2_1&screeninfo=1600x1200&size=728x90&mx_TAS=1&mx_gpid_sent=false&xtmax=350&commit_id=5a197c05&scrid=S0300080813018100728009099999900&itypeid=3&mx_SPRIG=2&viewability=-1&renderer=0&be=0&rtime=23.0&adj0=0.0&adj2=0.0&adj1=0.0&feedback_id=cd863f87-3cd7-46e2-a587-df3c1c08dabb&adtypes=0&mx_aabpc=0&reqid=c9599f2f-adb5-47ca-b6ed-05fc0332da64&sc=QC&sd=-1&mowxReqId=c34ecd0785774a668bea48ac69dbaa49_1&ifdp=0&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&bidrestime=1663557597216&pv_adtype=0&cc=CA&strg=HARMONY&pcrid=8CUP40XRI-765284172-39-19&pbasrc=0&coppa_enf=true&bdp=0.040&ct=montreal&spIsReq=3&s=1&abs=0%7C0%7Cnxblock%3D-1%7CHARMONY%7Cbrr%3D1&mx_epbc=8CUP40XRI&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&fleet=common&mx_isLossNtf=false&advUrl=https%3A%2F%2Frelated.icananswerthat.com&dn=secretm.me&dt=O&acid=c34ecd0785774a668bea48ac69dbaa49&actltime=299&act=headerBid&iframingState=0&bdata=sd2%3Dnull%7Eiurl_l%3D20%7Eogerpm%3D0.04%7Evis_sd%3D452%7Edc2%3D1%7Escd%3Dqc%7Ev_asn%3D16276%7Evl2r_sd%3D2022091820%7Eiurl_b%3D2456.76%7Eurl_tkc%3D0%7Estd%3Dvi_1842078231_8%7Elast%3D%7Evis_url_b%3D0.53%7Eip%3D2JquuS%7Efbb%3D0%7Evis_url_l%3D10%7Eriipua%3D2%2C2%7Eet%3D22%7Erc%3D1%7Erps_sd%3D2022091820%7Evis_b%3D754.56%7Eurl_b%3D0.41%7Eurl_tvi%3D0%7Eurl_l%3D20%7Egcat%3D-1%7Ebb%3D196%7Evv%3D0%7El2r_b%3D1000%7Eerpm%3D0.04%7Ebm%3D1%7Esid%3D765284172%7Esd%3D-1%7Euid%3D1IhceNHJDQsU3gxY8%7Ebtd%3D242836417910356880702429605106480239240697852339001858348169195287617957315896414208%7Ed2p_l%3D30%7E3pcf%3D1000%7Euim%3D0%7Edmm_strg%3Dharmony%7Ed2p_b%3D0.95%7Eogd2p_b%3D0.95%7Evurl_b%3D0.93%7Ess%3D1600x1200%7Euiw%3D-1%7Ece%3D0%7Erps_b%3D33.78%7Evurl_l%3D20%7ECI%3D2739%7Ents%3D1%7EMP2%3D.*message.*%7Etb%3D-1%7Ect%3Dmontreal%7Ebasis2%3D196%7Ebasis1%3D196%7EisRef%3D0%7Eivurl_b%3D1.08%7Eisif%3D0%7Elc%3D1%7Ebid%3D0.04%7Edc%3D7%7Evl2r_b%3D1.54%7Eivurl_l%3D20%7Esupply_tag_id%3Dvi_1842078231_8%7Ecbdp%3D0.040%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.040%7Eitype_id%3D3%7Eseller_tag_id%3Dvi_1842078231_8%7EcarrierId%3D0%7Edcut%3D70%7Edogb%3D0-1%7Eibc%3D1%7Eddt%3D-1%7Ensz%3D1%7Etgs%3D728x90%7Ebsb%3D0%7Ebsp%3D0%7Etmx%3D292&mx_lr_seg_deal=1&dfpBd=0.013&sckfl=0&dmm_erpm=true&mx_lr=0&coppa_applied=N&mview=1&bfs=103&rfc=1&prvApiId=8CUP40XRI&epcexp=false&pubid=pub-8CU2LD671&mx_bsProfile=0&cid=8CU2LD671&bcrid=S0300080813018100728009099999900&omul=1.0&res_mtype=0&apPrfs%3C%3E=13%23%2361&chnl=HARMONY&pst=0&reqsize=728x90&adpos=0&itype=PREBID&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU2LD671&tgtval=pub-8CU2LD671&v_mver=202209171832_gen-vblt_prebid_test_2&__expireat=1663558197473&v_alg=gen-vblt_prebid_all&gsi=0&reftype=0&prvAccId=765284172&ckfl=0&lper=1&mx_tgs=728x90&dummy_vsid=false&cbdp=0.013&pvdTmax=292&ltime=297.0&epc=765284172&prvReqId=42727045005663_1232799359_94664875112941&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=PREBID-8CU2LD671&ybnca_erpm=0.04&brsrclk=0&mx_g_uid_cvrg%3C%3E=pubcid&sbdrid=196&mx_bsBucketRa=0&rtttime=313&apTags%3C%3E=75&mx_PC=1&wsip=mowx-749d6df85c-7p7n4&currsrc_date=2022-09-16+00%3A00%3A00&viewability_mnet=91&mx_divid=vi_1842078231_8&geoll=false&omid=0&debug_ts=2022-09-19+03%3A19%3A57&mx_ssProfile=0&mx_SC=0&reftime=15000&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=true&ocurr=USD&stagid=vi_1842078231_8&snm=SUCCESS&mx_IAB2=2&usp_enf=1&bidflr=0.010&coppa_status=N&incentive_type=0&skadidfl=0&pid=8PRW23HG5&spTo=3&pvid=294&mx_mrpp_key=bidapi-gcp-sc&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&dmm_ogerpm=false&csip=rtb-common-7d9b58d7cd-f4vgq.SC&mx_bsBucket=0&mx_aurt=0&spIvt=3&dsid=vi_1842078231_8&ptype=23&media=0&acsn=1&dtc=east_sc&mx_aqcpl_crid=4&ogbdp=0.04&tpbTkn=false&fpuReq=1&vcmplrt=-1.0&crid=946648751&geo_source=2&sat=0&mnet_ckfl=0&mp_seg%3C%3E=66833&dfpDiv=vi_1842078231_8&opbidflr=0.010&impId=48b05ed7f1e5d01&rme=adm&utime=2723&sf=1&cpr=0.6703743349892408&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:02 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 03:20:02 GMT
bqi.php
lg3.media.net/ Frame 60CA 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2127&lf=3&&vgd_hb_audit_1=8CU2LD671&vgd_hb_audit_2=946648751&vgd_l2type=sca&vgd_bid=328214&gdpr=0&prid=8PRVCXX19&cid=8CUP40XRI&crid=765284172&requrl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&vi=1663557600227145839&ugd=4&cc=CA&sc=QC&bdrid=294&subBdr=196&vgd_kwrf=https%3A%2F%2Fsecretm.me&startTime=1663557600394&vgd_l1rakh=1663557600143789811&l1ch=1&cref=https%3A%2F%2Fsecretm.me%2F&buid=328214&sttm=1663557600402&upk=1663557600.24228&hvsid=00001663557600402025035145465297&acid=c34ecd0785774a668bea48ac69dbaa49&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.04~vis_sd%3D452~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2022091820~iurl_b%3D2456.76~url_tkc%3D0~std%3Dvi_1842078231_8~last%3D~vis_url_b%3D0.53~ip%3D2JquuS~fbb%3D0~vis_url_l%3D10~riipua%3D2%2C2~et%3D22~rc%3D1~rps_sd%3D2022091820~vis_b%3D754.56~url_b%3D0.41~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.04~bm%3D1~sid%3D765284172~sd%3D-1~uid%3D1IhceNHJDQsU3gxY8~btd%3D242836417910356880702429605106480239240697852339001858348169195287617957315896414208~d2p_l%3D30~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D0.95~ogd2p_b%3D0.95~vurl_b%3D0.93~ss%3D1600x1200~uiw%3D-1~ce%3D0~rps_b%3D33.78~vurl_l%3D20~CI%3D2739~nts%3D1~MP2%3D.*message.*~tb%3D-1~ct%3Dmontreal~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D1.08~isif%3D0~lc%3D1~bid%3D0.04~dc%3D7~vl2r_b%3D1.54~ivurl_l%3D20~supply_tag_id%3Dvi_1842078231_8%7Ecbdp%3D0.040%7Edmm%3Dharmony%7Esd%3D-1%7Edtc%3Deast_sc%7Eref_cnt%3D1%7Edalg%3D%7Ehtml%3D1%7Esobp%3D%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.040%7Eitype_id%3D3%7Eseller_tag_id%3Dvi_1842078231_8%7EcarrierId%3D0%7Edcut%3D70%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D292&matchstring=hr%3D0&vgd_matchstr=hr%3D0&vgd_sc=QC&infr=1&twna=1&stime=1663557599956&vgd_ecrid=S0300080813018100728009099999900&l1hcsd=l1!A12|6208&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22east_sc%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&vgd_pgid=p0861350161t202209190320&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.216.29 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-216-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.vlitag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Mon, 19 Sep 2022 03:20:02 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=36519
content-length
15
PugMaster
image6.pubmatic.com/AdServer/ Frame 3628 		457 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31945842&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
76e2d4d2de2ab26a68683b281ffaef796dbed2263917d081cb315a56b36120d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
457
content-type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame FD6B 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=pba&refUrl=&vid=35576005423065592001454640000V10&ovsid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005423065592001454640000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Mon, 19 Sep 2022 03:20:03 GMT
expires
Mon, 19 Sep 2022 03:20:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
/
io.narrative.io/ Frame 3628
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:DC2853D5-3799-48B3-B941-A5BB4E63177C
  • https://io.narrative.io/?io.narrative.guid.v2=f3e8d531-37c9-11ed-bcb0-0ad5a2cbd9d9&companyId=673&id=pubmatic_id:DC2853D5-3799-48B3-B941-A5BB4E63177C
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=f3e8d531-37c9-11ed-bcb0-0ad5a2cbd9d9&companyId=673&id=pubmatic_id:DC2853D5-3799-48B3-B941-A5BB4E63177C
Protocol
HTTP/1.1
Server
54.83.49.252 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 03:20:03 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=f3e8d531-37c9-11ed-bcb0-0ad5a2cbd9d9&companyId=673&id=pubmatic_id:DC2853D5-3799-48B3-B941-A5BB4E63177C
Date
Mon, 19 Sep 2022 03:20:03 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 3628 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=DC2853D5-3799-48B3-B941-A5BB4E63177C&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.10.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-10-93.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 03:20:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.200
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 3628
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=DC2853D5-3799-48B3-B941-A5BB4E63177C
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=2649b0e0-6bba-422c-a092-22b21a9541f8&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04391427402192166912549765893084360539&pt=2649b0e0-6bba-422c-a092-22b21a9541f8%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04391427402192166912549765893084360539&pt=2649b0e0-6bba-422c-a092-22b21a9541f8%2C
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:03 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

DCS
dcs-prod-usw2-1-v037-0ee21ce6f.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
W7qK33FYQ8M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04391427402192166912549765893084360539&pt=2649b0e0-6bba-422c-a092-22b21a9541f8%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cksync.php
contextual.media.net/ Frame 0C40 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3065592001454640000V10&type=pba&refUrl=&vid=35576005663065592001454640000V10&ovsid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3065592001454640000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576005663065592001454640000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Mon, 19 Sep 2022 03:20:03 GMT
expires
Mon, 19 Sep 2022 03:20:03 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
setuid
sync.quantumdex.io/ Frame 3FF9 		43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74cf2eefda6cecee-YUL
content-length
43
content-type
image/gif
date
Mon, 19 Sep 2022 03:20:03 GMT
server
cloudflare
setuid
sync.quantumdex.io/ Frame CF36 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
74cf2eefea79ecee-YUL
content-length
43
content-type
image/gif
date
Mon, 19 Sep 2022 03:20:03 GMT
server
cloudflare
cksync.php
contextual.media.net/ Frame FE91 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=9&vsid=3065592001454680000V10&type=pba&refUrl=&vid=35576009243065592001454680000V10&ovsid=DC2853D5-3799-48B3-B941-A5BB4E63177C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D9%26vsid%3D3065592001454680000V10%26type%3Dpba%26refUrl%3D%26vid%3D35576009243065592001454680000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Mon, 19 Sep 2022 03:20:04 GMT
expires
Mon, 19 Sep 2022 03:20:04 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
greenoaks.gif
secretm.me/detroitchicago/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secretm.me/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZjRlMmY1Mi0xMjIzLTQ4ZDItNmQ4ZC0wNTc5ZWJjZDZmMTciLCJkb21haW5faWQiOiIzNzQ5MjIiLCJ0X2Vwb2NoIjoxNjYzNTU3NTk1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGY0ZTJmNTItMTIyMy00OGQyLTZkOGQtMDU3OWViY2Q2ZjE3IiwiZG9tYWluX2lkIjoiMzc0OTIyIiwidF9lcG9jaCI6MTY2MzU1NzU5NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDktMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjBmNGUyZjUyLTEyMjMtNDhkMi02ZDhkLTA1NzllYmNkNmYxNyIsImRvbWFpbl9pZCI6IjM3NDkyMiIsInRfZXBvY2giOjE2NjM1NTc1OTUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjBmNGUyZjUyLTEyMjMtNDhkMi02ZDhkLTA1NzllYmNkNmYxNyIsImRvbWFpbl9pZCI6IjM3NDkyMiIsInRfZXBvY2giOjE2NjM1NTc1OTUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGY0ZTJmNTItMTIyMy00OGQyLTZkOGQtMDU3OWViY2Q2ZjE3IiwiZG9tYWluX2lkIjoiMzc0OTIyIiwidF9lcG9jaCI6MTY2MzU1NzU5NSwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:04 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtXdkDHMPPuhRfvleu2B3PmmEpsc%2BTJtAfvORINsS39j03OcRuFqnV0NXpY4CT1nZ4KRZvW%2F3SmVQgsqMNUeJjtsBNypxHwadTTP1UxkoTDmx1xhaoiD5M%2FN%2F9WiXW0LTQLDMo13nPiR"}],"group":"cf-nel","max_age":604800}
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
74cf2ef25a9fece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=1,i=?0
expires
Sun, 18 Sep 2022 03:20:04 GMT
greenoaks.gif
secretm.me/detroitchicago/ 		0
540 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://secretm.me/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZjRlMmY1Mi0xMjIzLTQ4ZDItNmQ4ZC0wNTc5ZWJjZDZmMTciLCJkb21haW5faWQiOiIzNzQ5MjIiLCJ0X2Vwb2NoIjoxNjYzNTU3NTk1LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI1NCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTA3OCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiODYifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiOTQifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxMDgifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMzU5MiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjBmNGUyZjUyLTEyMjMtNDhkMi02ZDhkLTA1NzllYmNkNmYxNyIsImRvbWFpbl9pZCI6IjM3NDkyMiIsInRfZXBvY2giOjE2NjM1NTc1OTUsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjEyMTcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZjRlMmY1Mi0xMjIzLTQ4ZDItNmQ4ZC0wNTc5ZWJjZDZmMTciLCJkb21haW5faWQiOiIzNzQ5MjIiLCJ0X2Vwb2NoIjoxNjYzNTU3NTk1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjEyMTcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZjRlMmY1Mi0xMjIzLTQ4ZDItNmQ4ZC0wNTc5ZWJjZDZmMTciLCJkb21haW5faWQiOiIzNzQ5MjIiLCJ0X2Vwb2NoIjoxNjYzNTU3NTk1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGY0ZTJmNTItMTIyMy00OGQyLTZkOGQtMDU3OWViY2Q2ZjE3IiwiZG9tYWluX2lkIjoiMzc0OTIyIiwidF9lcG9jaCI6MTY2MzU1NzU5NSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiI5LjYifV19XQ==
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjxXAuDeY7aCRcb04EeiY%2BkYHN9HxAYtrtr2F762c3P%2FrSO4EPUwl9%2Fund%2BzwQBr1yzPIDWOyHp4xOovZdFI6%2FkUHTEb968jcEp51MKzyjypu21rx9jKD8m0P3t7aHLbt7t%2FlfkTl44r"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://secretm.me
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
74cf2ef27ab3ece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i=?0
expires
Sun, 18 Sep 2022 03:20:03 GMT
greenoaks.gif
secretm.me/detroitchicago/ 		0
535 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://secretm.me/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiIwZjRlMmY1Mi0xMjIzLTQ4ZDItNmQ4ZC0wNTc5ZWJjZDZmMTciLCJkb21haW5faWQiOiIzNzQ5MjIiLCJ0X2Vwb2NoIjoxNjYzNTU3NTk1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiMGY0ZTJmNTItMTIyMy00OGQyLTZkOGQtMDU3OWViY2Q2ZjE3IiwiZG9tYWluX2lkIjoiMzc0OTIyIiwidF9lcG9jaCI6MTY2MzU1NzU5NSwiZGF0YSI6W3sibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiI2MjQ0NDAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjUzNDY4ODQifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMTIifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMTEwODMyMDAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiNjkyNyJ9XX1d
Requested by
Host: secretm.me
URL: https://secretm.me/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y19-7y0b-6y0d-21y13-4y17-5y1c-4y21-3y2f-4y57-2&cmbcb=109&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2fx57&abt=StickyMobileIntradivAds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syLgYclL%2B1jEGNCV180X5uT92Jm5R5qvE8DV1gm4jcB4N0j%2Ffw5NevYz4A4xziNGcw%2F3IOAwKG5wGwgnJdaEuw0qSgm73n3bvmMUe6Wc65xPzISPoUHhA2VJ2FquMdQz7M3wi08tqdnk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://secretm.me
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
74cf2ef25aa0ece6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i=?0
expires
Sun, 18 Sep 2022 03:20:03 GMT
deardost%20friendship%20dare%20-%207%20truths%20about%20you.gif
secretm.me/ads_image/ Frame 8ABA 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secretm.me/ads_image/deardost%20friendship%20dare%20-%207%20truths%20about%20you.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:9ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b80b54c8c1b5911e39791f4b7745f3dd1d5ef6a6ee57081f0b6f7059c7a6ab7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/message.php?id=19unixnq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 03:20:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50996
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
display
staticcontent_sol
response
200
last-modified
Wed, 14 Sep 2022 15:50:10 GMT
server
cloudflare
etag
W/"f9b5-5ce5447349e85-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glGbZbd26Q%2BJ%2Fdtsd%2F1slXtfvbEG7k6n9jybv5VID1Q%2BMBO0RwNKWZQ7cQjW5bZUiFD0KM5QErCgY7Ex2ViPpBaUavRjXwxsJNk9ErSkzG4DfirgcpSNnp1Ovfm0C9NQZezKTfnu1O8x"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
cf-ray
74cf2f01fa79ece6-YUL
priority
u=3,i=?0
collect
www.google-analytics.com/ Frame 8ABA 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=666937816&t=event&_s=3&dl=https%3A%2F%2Fsecretm.me%2Fmessage.php%3Fid%3D19unixnq&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=320x50&je=0&ec=banner_ad&ea=impression&el=deardost.com&_u=SACAAUAB~&jid=&gjid=&cid=1058947189.1663557596&tid=UA-147710621-5&_gid=8619919.1663557597&gtm=2ou9e0&z=1448918217
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secretm.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Sep 2022 14:17:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46948
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __ez function| $ function| jQuery object| bootstrap object| _taboola object| vitag function| getCookie string| x string| id string| c string| currentPath string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable object| _ezaq string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did object| urlParam undefined| error undefined| signup undefined| new_element undefined| text function| gtag object| dataLayer string| k object| _rd1ukivudsf object| li3m1pjqtb object| zfgformats function| setImmediate function| clearImmediate function| _izdwtn function| _utgnoq object| __cfBeacon object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| TRC object| _tblConsole undefined| msg object| _comscore object| regeneratorRuntime object| _PBCFG string| tagApi object| viAPItag function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id string| GoogleAnalyticsObject function| ga object| COMSCORE function| udm_ object| ns_p object| gaplugins object| gaData function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux object| metricNameMap function| ezlogVital function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey object| webVitals object| _qevents number| indexKey function| getEidsByVLI object| placementData object| $sf object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ct object| vlipbChunk object| vlipb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| googletag object| ggeac object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| cmTag boolean| apstagLOADED object| apstag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| observeElementInViewport object| Criteo string| nam undefined| google_measure_js_timing object| _cm_wfCounters object| sdk object| sas object| apntag object| _ADAGIO boolean| installOnFly object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| perf_vals

242 Cookies

Domain/Path Name / Value
.taboola.com/quizprank-secretmme/ Name: taboola_session_id
Value: v2_35993b7c5b710f2d54ea5e50e3d07be2_1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c_1663557596_1663557596_CIi3jgYQkNpUGKjqiZ61MCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjepu6WpPzt-8sBcAE
.mrtnsvr.com/sync Name: userId
Value: F7ziqx4ap
.secretm.me/ Name: ezoadgid_374922
Value: -2
.secretm.me/ Name: ezoref_374922
Value:
.secretm.me/ Name: ezosuibasgeneris-1
Value: 87208620-bb90-4223-6d32-075e7dadccf1
.secretm.me/ Name: ezoab_374922
Value: mod16
.secretm.me/ Name: lp_374922
Value: https://secretm.me/message.php?id=19unixnq
.secretm.me/ Name: ezovuuid_374922
Value: c82404dc-811f-4ef7-4c43-74023525beb4
cdn.taboola.com/ Name: abLdr
Value: 31
.secretm.me/ Name: _gid
Value: GA1.2.8619919.1663557597
.secretm.me/ Name: _gat_gtag_UA_147710621_5
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1166acdfb2204db62a425901663557596
secretm.me/ Name: __ppIdCC
Value: aexretn_ne210035575.0099
.taboola.com/ Name: t_gid
Value: 1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
secretm.me/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
secretm.me/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
pbjs.e-planning.net/ Name: CT
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1663557596_1663557596
.a-mo.net/ Name: amuid2
Value: f33e245b-551e-4044-b49e-63f1143003aa
.prebid.a-mo.net/ Name: sd_amuid2
Value: f33e245b-551e-4044-b49e-63f1143003aa
.quantumdex.io/ Name: uid
Value: e2aa1a58-a627-47d2-a42f-deecb71fb68e
.e-planning.net/ Name: E
Value: AF9T0Bp-fqu5H8Xx
secretm.me/ Name: qcSxc
Value: 1663557597058
.secretm.me/ Name: ezovuuidtime_374922
Value: 1663557597
.secretm.me/ Name: ezopvc_374922
Value: 2
.quantserve.com/ Name: mc
Value: 6327dfdd-16312-cb4e4-e3d7b
.secretm.me/ Name: __qca
Value: P0-6039520-1663557597054
.adnxs.com/ Name: icu
Value: ChgI5MBsEAoYASABKAEw3b-fmQY4AUABSAEQ3b-fmQYYAA..
.adnxs.com/ Name: uuid2
Value: 177430568407624767
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 533169=5109319
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 5164764702849156945
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=637991543972464928&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.amazon-adsystem.com/ Name: ad-id
Value: A2LSQhwg2kLohiQZrANpO0s
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBN3fJ2MCEEmQb0nzxZfmtKHAlqKRiDAFEgEBAQExKWMxYwAAAAAA_eMAAA&S=AQAAAkSBMnKyunv5d5rrctZIKoY
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DC2853D5-3799-48B3-B941-A5BB4E63177C
.smaato.net/ Name: SCM
Value: c3a2778e
.smaato.net/ Name: SCMaps
Value: c3a2778e
.bidswitch.net/ Name: tuuid
Value: 5047f2b9-b6f8-4817-8b9f-f5305f524dc8
.bidswitch.net/ Name: c
Value: 1663557597
.bidswitch.net/ Name: tuuid_lu
Value: 1663557597
.3lift.com/ Name: tluid
Value: 662737811153841467575
.adgrx.com/ Name: ADGRX_UID
Value: f04b31c0-37c9-11ed-bc06-b199e15137b5
.simpli.fi/ Name: suid
Value: CD33A3D1D3B34AC797A55A73FE039E0A
.sharethrough.com/ Name: stx_user_id
Value: bfc897aa-e3ed-4ef1-a38d-91fe63f725a5
.deepintent.com/ Name: CDIUSER
Value: di_39f43f2408e6423e82bee
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.adsrvr.org/ Name: TDID
Value: 8c547213-44f5-41c0-9f3e-f4df6d624005
.acuityplatform.com/ Name: auid
Value: 693869928991
.secretm.me/ Name: _ga
Value: GA1.2.1058947189.1663557596
.mathtag.com/ Name: uuid
Value: 4e206327-dfde-4d00-ab76-f159d6d1793a
.bidr.io/ Name: bito
Value: AAFWA07GT8AAAA-PgyShyw
.bidr.io/ Name: bitoIsSecure
Value: ok
.csync.loopme.me/ Name: viewer_token
Value: 69738a86-aeb4-4988-9ad8-dc4c1211f807
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CD33A3D1D3B34AC797A55A73FE039E0A
.ipredictive.com/ Name: cu
Value: 5ad9f333-1342-47cc-9601-9b4fede0b79b|1663557597934
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-c6129cc4-c2ec-4f3e-b106-f49d27416ea8&KRTB&23340-c6129cc4-c2ec-4f3e-b106-f49d27416ea8
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8c547213-44f5-41c0-9f3e-f4df6d624005&KRTB&22918-8c547213-44f5-41c0-9f3e-f4df6d624005&KRTB&23031-8c547213-44f5-41c0-9f3e-f4df6d624005
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-F7ziqx4ap&KRTB&23413-F7ziqx4ap
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&KRTB&16736-uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&KRTB&23019-uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702&KRTB&23208-uid:de736327-dfdd-4a00-bea2-5b8fbbfa6702
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-693869928991
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-f04b31c0-37c9-11ed-bc06-b199e15137b5&KRTB&23275-f04b31c0-37c9-11ed-bc06-b199e15137b5
.tribalfusion.com/ Name: ANON_ID
Value: axnseFsKBRgFmDqU7peOZcp9ZbQRf2AageKZbVbDvITS42nFn1bXU3TZdqFnBT8rWRfYL8J3Mw3g8u3GnvwDtZbWV
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-177430568407624767&KRTB&23339-177430568407624767
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-5ad9f333-1342-47cc-9601-9b4fede0b79b&KRTB&23011-5ad9f333-1342-47cc-9601-9b4fede0b79b&KRTB&23355-5ad9f333-1342-47cc-9601-9b4fede0b79b
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 1b4125ef-d8da-44b4-ba35-2ab026146075
beacon.lynx.cognitivlabs.com/ Name: ss
Value: vCwsN060ZBQbSr9GTsW50Cetd0bF%2Bn4qB7gaJgN9zcsPvhEka8%2BlTBlNUdoAYTZNCKhfEmNTBV8sRkLBIpy30A%3D%3D
.pippio.com/ Name: did
Value: 1D0RoeMKdJZBn5Om
.pippio.com/ Name: didts
Value: 1663557597
.pippio.com/ Name: nnls
Value:
.adform.net/ Name: uid
Value: 1426208387086089782
.rubiconproject.com/ Name: khaos
Value: L8878POX-1U-8LKK
.quantserve.com/ Name: d
Value: EPYBCwGRJ_ijAA
.dotomi.com/ Name: DotomiTest
Value: 560685b1b2e919fa
.w55c.net/ Name: wfivefivec
Value: REpD1VrU1OA7ka5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7fdcdb23-9750-4931-6e38-e33a7eb38763.Im9wwLa31EASoNPN8xORrfDh7yVvfXcZd7X%2BmGpN0tk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Af9zbI5dQSTFuOOM6frOHY5U4mbI.LgcW1OBsT1my5TxMkI%2Fpk8s9rtsWZIW19ydyaWCxWFQ
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1426208387086089782&KRTB&23263-1426208387086089782
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ad006d29-5932-421f-aa6d-8a406243cead-005%22%7D
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-f9zbI5dQSTFuOOM6frOHY5U4mbI
.turn.com/ Name: uid
Value: 3232777307143540978
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-ad006d29-5932-421f-aa6d-8a406243cead-005&KRTB&17107-RX-ad006d29-5932-421f-aa6d-8a406243cead-005
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3232777307143540978&KRTB&23150-3232777307143540978
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAJOpQSY_SOMwMU3-OIAAAAAAA&KRTB&22713-AAAJOpQSY_SOMwMU3-OIAAAAAAA&KRTB&22715-AAAJOpQSY_SOMwMU3-OIAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:REpD1VrU1OA7ka5
.pippio.com/ Name: pxrc
Value: CN6/n5kGEgQIAhAAEgYI7OsBEAA=
.mxptint.net/ Name: mxpim
Value: R1B342_F66F0406_99F868BD.1.00000000000000006327DFDE
.doubleclick.net/ Name: IDE
Value: AHWqTUn36gkquYqGW_dMDiTpijk_aUk8EZ0H1UTLGzH1QtT5S7BeF7KCGxt9aZzWEoU
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B342_F66F0406_99F868BD&KRTB&23092-R1B342_F66F0406_99F868BD
.linksynergy.com/ Name: rmuid
Value: 7b38c69b-1201-49c8-a3de-b1c07c175a9b
.linksynergy.com/ Name: icts
Value: 2022-09-19T03:19:58Z
.sitescout.com/ Name: ssi
Value: 9b6ec299-9bb0-41e0-9ff8-09f0d35728fc#1663557598314
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&97a4515d-69b4-4cf8-8c3d-71461a91a6fd"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2790:u=1:x=1:i=1663557598:t=1663643998:v=2:sig=AQEgQxd48EqUD3xKfbBlQLzqq1YRNbG5"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw&KRTB&19420-ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw&KRTB&22979-ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw&KRTB&23403-ovYOa_CjWDi59ApvpfcRP_bxWWi5oA84o6cGbRZw
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKBQWMderpazD698mKN2lY8&KRTB&16514-CAESEKBQWMderpazD698mKN2lY8&KRTB&23025-CAESEKBQWMderpazD698mKN2lY8&KRTB&23386-CAESEKBQWMderpazD698mKN2lY8
.secretm.me/ Name: _ga_94XQDK4SL9
Value: GS1.1.1663557596.1.1.1663557598.0.0.0
.creative-serving.com/ Name: tuuid
Value: 4e491354-ff89-46c3-8ad4-a5c2e193b131
.creative-serving.com/ Name: c
Value: 1663557598
.creative-serving.com/ Name: tuuid_lu
Value: 1663557598
my.rtmark.net/ Name: ID
Value: bb666497ce124fe88fb50c530dd4fd71
.criteo.com/ Name: uid
Value: a3af821a-70cb-4061-8c35-0aa0709d3884
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQVR4J1O2mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUFUeCdTto90aGlyZFBhcnR5VXNlcklkIfuBMjn6QiS6QyUBQVR4J262RCUBQVR4J262RWM1MDQ3ZjJiOS1iNmY4LTQ4MTctOGI5Zi1mNTMwNWY1MjRkYzj7+4Z2ZXJzaW9uwvs="
.contextweb.com/ Name: V
Value: fWyFakvtyfns
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: cc571e43b982b2b2
.lijit.com/ Name: ljt_reader
Value: FVxHeQZHUkWDWtrdT_66iDou
.openx.net/ Name: i
Value: 8c5296ee-580a-4e58-be05-d78b36528455|1663557598
.lijit.com/ Name: _ljtrtb_42
Value: 1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c
.mfadsrvr.com/ Name: tuuid
Value: 5f217df4-4aa3-4f7b-b84b-73b42d4f6649
.mfadsrvr.com/ Name: c
Value: 1663557598
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663557598
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9b6ec299-9bb0-41e0-9ff8-09f0d35728fc-6327dfde-4341
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-5047f2b9-b6f8-4817-8b9f-f5305f524dc8
.omnitagjs.com/ Name: ayl_visitor
Value: fe3fde68a4f9ba4c55aedeae25f87857
.adx.opera.com/ Name: UID
Value: 7a83b50caa894004ae44b1efd70d8778
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g6m|5Ql.0.1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c|7dN.0.AAFWA07GT8AAAA-PgyShyw
.technoratimedia.com/ Name: tads_uid
Value: A217729D3A5C4EE398455642D91752B2
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220918231959-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFWA07GT8AAAA-PgyShyw
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFWA07GT8AAAA-PgyShyw
.casalemedia.com/ Name: CMID
Value: Yyff356zThWaqrsQ-11EXQAA
.casalemedia.com/ Name: CMPS
Value: 158
.casalemedia.com/ Name: CMPRO
Value: 158
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.pubmatic.com/ Name: SPugT
Value: 1663557599
secretm.me/ Name: ezux_lpl_374922
Value: 1663557599827|0f4e2f52-1223-48d2-6d8d-0579ebcd6f17|false
.go.sonobi.com/ Name: __uis
Value: bdd621ad-373c-48e7-8fa2-f15f07807f54
.go.sonobi.com/ Name: HAPLB8S
Value: s8523|Yyff0
.tapad.com/ Name: TapAd_TS
Value: 1663557600118
.tapad.com/ Name: TapAd_DID
Value: 2649b0e0-6bba-422c-a092-22b21a9541f8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yyff4AAAISIPfgAE
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 159110:4
.pubmatic.com/ Name: DPSync3
Value: 1664755200%3A226_228_197_201_219_221%7C1664150400%3A164%7C1663632000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1664755200%3A189_178_249_231_243_222_239_204_166_104_99_176_57_13_233_234_81_21_220_71_7_5_3_55_96_238_240_22_165_56_54_48_8%7C1664150400%3A223_15_2_38%7C1668729600%3A69%7C1664409600%3A63%7C1666137600%3A224%7C1664841600%3A35
.zemanta.com/ Name: zuid
Value: tOhP7I8LYrXohCrQPr6-
.zeotap.com/ Name: zc
Value: 1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8
.zeotap.com/ Name: zsc
Value: %91%C7%96%85%81%A51%17%90%05%AA%1AwZ%C4%9B7B%ED%D3%90%95%0F%7B%C6%AE%DF%BC3%B2%5D%93%10%3E%81%DD%8C%EE%26.4%C2%5BI%172%2B%8AX%C2%3F%9Fa%C8a%8E%99%CE%A71c%24qR%8B%13%2FD%EC%A9%10%97R.%3D%DC%1F%ED%B8%2B%E6%DE%80%5E%0F%FF%1E%D6%E8P-%AC%8D%24%FD%9DL%ECh%E1%ED%81fm%0DD9%B0%C01%B0%24L%D0%12%EEI%F0%04%8B%F2%B5%EEp%2B8%9B%3A%82%5E%2Fx%60%EC%04%DEE%1A%C7N%09%7D%19Un%C5%07q%9D%3E%A3%86B%FA%0D
.smaato.net/ Name: SCMp
Value: c3a2778e
.w55c.net/ Name: matchmedianet
Value: 5
.mfadsrvr.com/ Name: ssh
Value: !medianet,1663557600!taboola,1663557598
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~278r:192w~278r"
.aralego.com/ Name: sspid
Value: 00cb19e3-4129-32ac-8903-4df5848752ef
ads.playground.xyz/ Name: connect.sid
Value: s%3AqTRlAcK9Y-5aFfc32V7bOokF339PJAlH.dHCnP6gfhzNgg9%2BRIG56YjSc0YxhL6Fn9iQcpF1xq4M
.fiftyt.com/ Name: fifid
Value: c1eb3902-aca3-4f1f-6799-6325c76fe438
.fiftyt.com/ Name: cs
Value: MTY2MzU1NzYwMHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fHhz3dsBZMsfvAy3kL3pwxhZzViyxmbrdEZC_yEaDwTj
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D5392a7c5-f4cd-448d-841f-6d4296b7a422
.bnmla.com/ Name: rx_uuid
Value: 5392a7c5-f4cd-448d-841f-6d4296b7a422
.bnmla.com/ Name: rx_maxage_10738
Value: 1664853600
.bnmla.com/ Name: rx_sspid_10738
Value: 6_170
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 9a6bda78-3d0d-5306-be5d-d6c8dd7a0928
.id5-sync.com/ Name: id5
Value: fe1bfeee-05b6-4b33-ab33-baf378acf1ba#1663557598889#4
.id5-sync.com/ Name: callback
Value:
.inmobi.com/ Name: idsp_c
Value: f1dd804e-2ca0-4541-9b2c-a87e73744a65
.media.net/ Name: data-ttd
Value: 8c547213-44f5-41c0-9f3e-f4df6d624005~~1
.media.net/ Name: data-g
Value: CAESEIp2lK4hf8p5Ygi2u5ll_O8~~8
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzIzMDcxMDQztjQ3EeIz1A3Irsw2izDP93a1KAUAv4z3XiQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzsDQwNzIzMDcxMDQztjQ3EeIz1A3Irsw2izDP93a1KAUAv4z3XiQAAAA
.agkn.com/ Name: ab
Value: 0001%3AH3UF1QKxcA7A4TZBwBfMOgfVpM2Wp0oo
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMi0wOS0xOVQwMzoxOTo1Ni45MzU4NjgyMTZaIiwicHVibWF0aWMiOiIyMDIyLTA5LTE5VDAzOjE5OjU2LjkzNTg2MjEzOVoiLCJydWJpY29uIjoiMjAyMi0wOS0xOVQwMzoxOTo1Ni45MzU4NjU3OTNaIn0sInVpZHMiOnsiYWRhZ2lvIjp7InVpZCI6ImUzMjMzNDcwLTY2ZDUtNDgzOC1iNTFmLWM0YjIwNzk0ZmQ5NyIsImV4cGlyZXMiOiIyMDIyLTExLTE4VDAzOjE5OjU2LjkzNTcwMjQ4MloifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJZeWZmMzU2elRoV2FxcnNRXzExRVhRQUFBSjRBQUFBQiIsImV4cGlyZXMiOiIyMDIyLTExLTE4VDAzOjE5OjU5Ljc4NTY5NzI4NVoifSwicHVibWF0aWMiOnsidWlkIjoiREMyODUzRDUtMzc5OS00OEIzLUI5NDEtQTVCQjRFNjMxNzdDIiwiZXhwaXJlcyI6IjIwMjItMTEtMThUMDM6MjA6MDAuNzIyNDU1Nzc5WiJ9LCJydWJpY29uIjp7InVpZCI6Ikw4ODc4UE9YLTFVLThMS0siLCJleHBpcmVzIjoiMjAyMi0xMS0xOFQwMzoxOTo1OS4yNjMwMjIyMDRaIn19LCJiZGF5IjoiMjAyMi0wOS0xOVQwMzoxOTo1Ni45MzU1MDE5OTNaIn0=
.media.net/ Name: data-mf
Value: 5f217df4-4aa3-4f7b-b84b-73b42d4f6649~~1
.betweendigital.com/ Name: ut
Value: Yyff4AAL9oA-kb5qPaZ1fr1KqZ6tUwYyI2wXIw==
.semasio.net/ Name: SEUNCY
Value: 3BA234ED71E450D3
.fiftyt.com/ Name: fppm
Value: 20220919032000
.mookie1.com/ Name: id
Value: 10610902935401796924
.mookie1.com/ Name: mdata
Value: 1|10610902935401796924|1663557600816
.mookie1.com/ Name: ov
Value: e59fafd5c9adddbdc4e22454bf8515ec
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a4ca4a1a-712f-367a-9a87-7eef0af66b93
.media.net/ Name: data-xu
Value: REpD1VrU1OA7ka5~~8
.media.net/ Name: data-o
Value: 97d2c028-5a8d-4b4f-879c-610de09a2574~~8
.id5-sync.com/ Name: 3pi
Value: 464#1663557599301#1930347375#1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c|2#1663557599430#666746756#177430568407624767|434#1663557600022#1399702274|3#1663557599567#1419697340#4e206327-dfde-4d00-ab76-f159d6d1793a|264#1663557599692#1340585214#8c547213-44f5-41c0-9f3e-f4df6d624005|136#1663557600805#1009726051|108#1663557600245#-1892953111|429#1663557599815#-1908972475#DC2853D5-3799-48B3-B941-A5BB4E63177C
.krxd.net/ Name: _kuid_
Value: PFmngjtl
.rlcdn.com/ Name: rlas3
Value: xgTTDR9C2nsMMaM4qyltXK1Qb2jF9bjf7OL79QBHyEY=
.rlcdn.com/ Name: pxrc
Value: CN2/n5kGEgUI6AcQABIFCOhHEAASBgi46wEQAw==
.media.net/ Name: visitor-id
Value: 3065592001454680000V10
.rubiconproject.com/ Name: audit
Value: 1|bQno7epNQS7ArhRs0s5U3D21Sd+442rbGOnA8kJ/i+IeECEUBMheiuP0pqMq73xAFxUvz1gOOrfqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.media.net/ Name: data-so
Value: bdd621ad-373c-48e7-8fa2-f15f07807f54~~8
.owneriq.net/ Name: pmc
Value: 1
.owneriq.net/ Name: si
Value: Q7168440001428602739
.owneriq.net/ Name: p2
Value: cc
.company-target.com/ Name: tuuid
Value: 28c02b3f-aa87-49d4-b41e-4fda73e4054a
.company-target.com/ Name: tuuid_lu
Value: 1663557600
.adsby.bidtheatre.com/ Name: __kuid
Value: a43f58da-b153-4708-ab41-60a29c16d19b.432771600
.dyntrk.com/ Name: dyn_u
Value: 04030001_6327dfe0e0261
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 94073d30c6a6c33e434c937c64bf25b1
.pswec.com/ Name: tuuid
Value: c0909991-d209-419c-84c0-5908597ca204
.pswec.com/ Name: c
Value: 1663557600
.pswec.com/ Name: tuuid_lu
Value: 1663557600
.smartadserver.com/ Name: csync
Value: 32:3232777307143540978|107:1ef0ffae-5bb4-42e1-bbea-d8e497fcab2c-tucta21655c|116:tOhP7I8LYrXohCrQPr6-|139:0
.media.net/ Name: data-bs
Value: 5047f2b9-b6f8-4817-8b9f-f5305f524dc8~~1
.media.net/ Name: data-r
Value: L8878POX-1U-8LKK~~1
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIVr%2F%2FEEhBABMDA9cMEJOr6TOQBABJYARu"
.quantumdex.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMODg3OFBPWC0xVS04TEtLIiwiZXhwaXJlcyI6IjIwMjItMTAtMDNUMDM6MjA6MDEuMDA3NDExWiJ9fSwiYmRheSI6IjIwMjItMDktMTlUMDM6MjA6MDEuMDA3Mzg1WiJ9
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDQxMDdOMTZINks0SzY2TjUxNkm2NDZPNjNJSjMyTTJkAIJk9fsP%2FwMBP4gDBgIXvm3QZ2wrZ%2FjPyMhwHol9Don95MVHXZiaTX8KYcxni%2BewwNjnjh5ihrG%2Fb5wCF9%2B977IATPwwkvrV659yw8Qnn1CHMd8tQRjZixA%2B%2B%2BufHkzJpVOP2GBsACoKU9s%3D"
.media.net/ Name: data-rk
Value: 968907260740163974~~9
.weborama.fr/ Name: AFFICHE_W
Value: p362lc@m5Cmn96
.demdex.net/ Name: demdex
Value: 04391427402192166912549765893084360539
pool.admedo.com/ Name: tuuid
Value: b20538f5-2838-4e82-8157-07747f2caacd
pool.admedo.com/ Name: c
Value: 1663557601
pool.admedo.com/ Name: tuuid_lu
Value: 1663557601
.fwmrm.net/ Name: _uid
Value: "eb01c_7144925491307316741"
.adfarm1.adition.com/ Name: UserID1
Value: 7144925491308918923
.dpm.demdex.net/ Name: dpm
Value: 04391427402192166912549765893084360539
.eqads.com/ Name: EQUser
Value: UID=09cfd016-151b-4df8-acac-6b35d84c3e53
.media.net/ Name: data-ze
Value: tOhP7I8LYrXohCrQPr6-~~9
.c.appier.net/ Name: _auid
Value: DiH1KxaUDZWqGRO_4d8nYw
.onaudience.com/ Name: cookie
Value: 1a730eb1659eb387
.onaudience.com/ Name: done_redirects161
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MzU1NzU5ODgyMSwiNyI6MTY2MzU1NzYwMTE5Nn0
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7168440001839935516&KRTB&22521-Q7168440001839935516
.truoptik.com/ Name: to_master_s
Value: b0ae24212899ffb3fbc4a8c239b2dc4f
.truoptik.com/ Name: to_version_s
Value: b2
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6291-2!6291
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ad006d29-5932-421f-aa6d-8a406243cead-005%22%7D
.secretm.me/ Name: cto_bundle
Value: Osk8rF8xak92MEdTcWZMRzg4UmcwUWVmSlVpMXdya2RBSEJwQlZvc25QMGhTQ2VybnlUN3BnRHBlbGFEMkJQVXZDR293dmVNQlVHdHV2RkdYa3dkQjJzdUFtZFoxVWozQ3JxWTdMblAlMkJFRGxTS3A4U1Rpb0lnZ3NXa3ZrbE5BUEVxclFOQmJ4NzhXc1BzU1UlMkZEMWJVdWglMkJxalElM0QlM0Q
.secretm.me/ Name: cto_bidid
Value: DMZIcV8lMkJxMXo1QWZSbUVzMVNmU0lhc1dTUUhQMzVQM284ZFhHS1J6Z0tYY2UwNVhWdWR5JTJGaThseHhxRHVvaHpJcmt0JTJCaWtYbVF0aDBncWJBQXMlMkJMWWJKYnlXOWFvWEVBZGN6TVFQUGNxdkwlMkJ1UTAlM0Q
.media.net/ Name: data-r1
Value: RX-ad006d29-5932-421f-aa6d-8a406243cead-005~~9
.casalemedia.com/ Name: CMTS
Value: 149
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-DiH1KxaUDZWqGRO_4d8nYw&KRTB&23130-DiH1KxaUDZWqGRO_4d8nYw
.pubmatic.com/ Name: PugT
Value: 1663557601
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmZsampuZmBoamAAAGzMSSgQAAAA
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj2iuLO-_2MOxAFEhsKDHNoYXJldGhyb3VnaBILCLbni8_7_Yw7EAUSFgoHcnViaWNvbhILCI6jhtL7_Yw7EAUSFAoFdGFwYWQSCwjW7rrr-_2MOxAFGAEgASgCMgsIhvmUoZL-jDsQBTgBWgd4a3N3OWxhYAI.
.onaudience.com/ Name: done_redirects252
Value: 1
.onaudience.com/ Name: done_redirects109
Value: 1

10 Console Messages

Source Level URL
Text
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8%26reqId%3D3dab3c5f-d321-4c3d-437d-50a4a061bf70%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3ebf7753-69ba-44ab-6a0d-903bc0e95b6f%26reqId%3Dd940724f-2126-43f6-5e52-95e6005624d8%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3ebf7753-69ba-44ab-6a0d-903bc0e95b6f&reqId=d940724f-2126-43f6-5e52-95e6005624d8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=1dd8aed0-1dbd-41c9-42cb-3600c0c25ab8&reqId=3dab3c5f-d321-4c3d-437d-50a4a061bf70&zdid=1361
Message:
Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
amazon-tam-match.dotomi.com
ap.lijit.com
assets.vlitag.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
cdn.aralego.net
cdn.jsdelivr.net
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
core.iprom.net
cs.media.net
csync.loopme.me
d.turn.com
dis.criteo.com
dmp.adform.net
dmp.truoptik.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hblg.media.net
hbx.media.net
ib.adnxs.com
id.a-mx.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprnjmp.taboola.com
io.narrative.io
lg3.media.net
loada.exelator.com
loadus.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
media.vlitag.com
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
my.rtmark.net
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pbjs.e-planning.net
pippio.com
pips.taboola.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
px.vliplatform.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
r8---sn-quxapm-3c2s.googlevideo.com
redirector.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtd-tm.everesttech.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.tribalfusion.com
s.uuidksinc.net
sb.scorecardresearch.com
script.4dex.io
secretm.me
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ss-pbs.quantumdex.io
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
static.criteo.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
t.pswec.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
targeting.unrulymedia.com
token.rubiconproject.com
trc.taboola.com
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
useast.quantumdex.io
usermatch.krxd.net
usermatch.targeting.unrulymedia.com
vidstat.taboola.com
visitor.fiftyt.com
visitor.omnitagjs.com
warp.media.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yonhelioliskor.com
104.126.112.185
104.126.112.26
104.16.111.154
104.18.18.126
104.18.19.126
104.45.178.220
107.178.246.49
107.178.254.65
13.224.202.36
13.224.205.195
13.224.214.125
13.224.214.36
13.224.214.92
132.226.41.106
139.45.195.8
139.45.197.251
141.226.224.32
141.226.224.48
141.94.171.214
142.250.176.194
145.40.89.200
15.235.43.132
151.101.129.44
151.101.193.108
151.101.194.49
159.65.197.210
162.19.138.117
162.248.18.10
172.105.235.90
172.98.26.241
172.98.26.245
173.231.178.83
18.204.235.41
18.213.85.80
18.235.217.239
184.29.128.213
185.167.164.49
185.184.10.30
185.255.84.153
192.96.200.41
195.5.165.20
198.148.27.140
199.127.204.147
199.187.193.192
199.187.193.199
199.187.193.200
199.38.167.129
207.198.113.87
216.200.232.249
23.206.216.29
23.3.125.24
23.3.125.39
23.34.59.152
23.73.244.44
2600:1f18:1c96:4102:a960:6792:1f2e:dfa
2600:1f18:4e9:5a02:89a8:874b:1d82:df0e
2600:1f18:6593:f602:8bd3:480b:a39:d536
2600:9000:20ed:1e00:11:615:7240:93a1
2600:9000:20ed:a800:1b:5138:8a40:93a1
2600:9000:20ed:ea00:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:3bc7
2606:4700:10::ac43:15e3
2606:4700:10::ac43:2ac9
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4bf1
2606:4700:3031::6815:29fd
2606:4700:3036::ac43:9ba4
2606:4700:3037::ac43:9e3b
2606:4700:4400::ac40:98f5
2606:4700:440e::6812:2fe6
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:272
2606:4700::6813:ac6c
2606:ae80:1471:16::760
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::2008
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::200a
2620:100:a001::4
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a02:2638:1::13
2a04:4e42:600::300
2a0f:f4c1:2::1b
3.221.233.8
3.224.10.93
3.232.202.111
3.92.156.8
3.92.9.222
31.220.27.135
34.102.163.6
34.102.253.54
34.107.148.139
34.111.131.239
34.133.71.175
34.149.40.38
34.201.183.209
34.229.3.43
34.236.72.34
34.96.71.22
34.98.67.3
35.190.60.146
35.190.90.30
35.201.96.126
35.207.24.140
35.210.53.219
35.211.178.172
35.244.159.8
35.71.131.137
35.71.139.29
38.91.45.7
4.78.226.233
44.193.193.135
44.209.207.157
5.161.47.120
50.57.31.206
51.222.239.230
52.205.223.187
52.40.183.14
52.46.128.147
52.95.126.160
54.175.87.114
54.227.59.83
54.80.61.218
54.83.49.252
54.85.248.187
63.251.114.137
64.202.112.127
67.226.210.221
68.67.160.26
68.67.160.76
69.166.1.10
69.173.151.100
69.90.254.78
72.44.36.54
74.119.119.129
74.119.119.139
74.119.119.150
74.222.140.126
76.13.32.147
8.28.7.81
8.28.7.83
8.28.7.84
8.39.36.141
8.43.72.98
82.145.213.8
85.114.159.93
96.46.186.57
00aadcee010a383a0c7cac66e12f03d71f60414e7e4830be19b5eb9bec06fadd
02de97651a1733bc191cb0c95c048614a209430e26f2da59a6e4c9ed5cd3d0ec
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
059099c547e58a064a95c1b43667521b7893c2b3685fda88d942ecce178130f5
06357f7fcb8410e4818fd5178e926b84d3c6c468d8f38b6ead99c2862ad62866
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a910f1c34c1513f27488f4514d77047af0f25c0bf419e847e22ae15d7394e8d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be054c80fff473b66c193ce10c724802ccb19f5fe064a49390134bbacc684fa
0ecebfeaa388bd417382b3cd77c13763bc681c2ced205f3e942b7c1318df80fd
11332e9c41e74cbb6635f2fbda1224919d26c432c9f3123e5fbb470b359c1920
118b932ce446d673706c274aa65d22e8e2b2fe744187ce16f6656ab7940fb140
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1b0e38a0ecb45aa80f530219c68a051ada03d1c366987dbd370c4b9675624f79
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1d8c63b6aeed8d52ef2d95b8611eb72e82cecc509f325f0bcf165b6a269fcca8
1e73f39730b7c5f68e73e19d9d9e0a88ab30dcc33a606d7ed25ae22dc4bd5645
1e7d6a95440cb0f19be037754ec9f1e706b2ee3d1f9101507d5d2916fa7d0e31
1f1116ae6d6af77d7228a5bca8ef6f7303a2f0e4b35a64b0e6927c2983abd2d7
2033d81c3af7b3d885bd3ab2b7e1b3a695bdf93361cca5b8811b1f581c3c70c0
21818bbe9ee338bce523ee10ee192b55d18f03cd6d208ae7dd3ba7202a4828cb
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
26083f4f074f0fd841a9e0041d6b4ee2db787d9b8f5b79feb0b57ecd321ebc39
2657fbf3371f8bfa6914e1a168cf4400d9ad9cc09db05880118da37df9594f3c
282ee9ba0d3397b67893dcdeb5fa698f5efd5f72d06ea6daeef40c3bb7b886f3
288ea1d136e21f5da4b48a360f472ffae47ffab666602876dd6cf301de4c625f
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2da6717eea67439758209686c381069a4b6c66c68e1b5a0db351596a2dc18716
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
331cd35bd18e2aea4890680f6c1bec8ccdb17d47c7a4ef19ef2e11db2a85e9a9
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
34ee669fe01b60de74c078e638dfd36355b560e09303164f204310f06350bbd0
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3832cc246a016bdd60ea37ca1dc41f38d0ec86e3afcf4701ef03797c2687c79e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d4eabf653097e46726bf36f631f4c0f36e26ff79dca0ade8e6403a0731f1d9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb2d1a841bdeff600cf741558a35c8e3e090af56e9354b446a69c4c1e3ce17a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42711ed69228298e54582dafd86e794e2a0bc299da2df81b9439a8dfd8e0abbd
43aa06e58fa0fbaab423ce5148650f27638ea0aac82553d3ee7eec999cb20f99
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
478b3ab728aaa25a76c8cd8bb04addde92c43d72e643d0fdc455340b44c3f074
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49760772dcf18f2f555cdd8f9b2a94282a60ca4143c4adc2db81b12d4063f396
49942d1f0c6d50ea82891ebcd441a591cf8797a95cb360efcc88206d886356d2
4c2df4a0cecdf766a94acf79c51174956b07c092ae70542bce76fa8554651d1b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
52ef8c30a5c035d7d03880353aa6d3d0ba29bc3c1d6cdc1a69cc921418d432dd
537e599f696664f02a76a66bdc763d12d960888b42f462968f4136d37429826f
53a8f70b927c67cbe0895da2b96cd81f2848190e7990e6682ab1ec08cb5837a4
5b80b54c8c1b5911e39791f4b7745f3dd1d5ef6a6ee57081f0b6f7059c7a6ab7
5c0ed795c5fb35cb71439d1f66c838861274a19c0193b965aea52e272bfe06b3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6179ab8a0a6f07773ec5abe5b18cc727cf32f0f9a93961646bf4e44c319f378e
617a761876a4dbf3af1db9113e05d117f8fb46f4bb6e840ae91f571c850148ef
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
674f0c687128e92068d1e8e4a121f5c269d5f3a40a059fa6b5c282e55794c525
6925c4f4113b350be5a2fa6c9e0ca15d46b9947eff92a5d1ed848c3d0d203995
6a58297955ed20ffb7b1b460619ecab8588898602eb997e3646431df2348a701
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d066906448187c48d0f44e256f349cda0056beb89a4c878f89be37805526134
6d35e296c27aa00c2dcee1e808d82f4ede204a97ac3ef2a825d49192f2b13675
70e5fe976cd34869b6e4ac6dd7aa347e53011372cfae89855a4d2d9dc2a8289f
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
7668c9941b80176513e853cc25b61b81a81f80417d52b4c2016deee3935b2b05
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
76e2d4d2de2ab26a68683b281ffaef796dbed2263917d081cb315a56b36120d4
76f62c5dc6e846f50e55ba01e77515aad7df77bd3cbd615a945d7b76de3cf0ae
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b33c6d519ba764f569f6f0e89002015d4e9809c4d4dd1f965f9fedf2d66ef83
7c47f20d1b1d4989640ee6e4c7a0d1f7b457e98944c6ee4dcb0e8b95e3cecfdc
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f12be2ec47f2966e019036b7d89458e4ef1284bfdbff737c398f723c0c5d2ef
8106a4853e01d8b466df5bcb8b2bd60b665cb61e0bb643fbe71d7df90320e88e
8171b04a77b7113569883159e2df5816ba92d553eafc710e28733e17f7787429
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86976de0e51f4ff32ee5376b12d6f6a5ccde97374a8b3888a067b35da3ff9f22
87ce47932d480576732f33e343c747b022f23b4be2f1d04ac446a3e61709386a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a08d72e6f1e9844a2398be22298a6fb9e4f46d9849522bb16ac5c34eff86e9f
8a2a07c6fe16726123cdcd94946208233dd0a09beed285e4a7bbc3a0f9b9b248
8babdf4d1dfec40b71c8d2a972d1e6babf74b93863d6436d2cd86f5f7885c4c9
8fe0fa90b9d0e35496ead065e036f5f6c7e3c97be2f1dd1b5cefb0a39c3c17dd
903dd665b1ac170c3692c0e82472f8d9f1dd2a1b843c8bbfb48ffcbe072ef38b
90a1b56a6a1338b2615b9bdf2875b21dcbf0f5f16b03205c4452c9a2d67fc2f2
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127
9368bfb774b617c9169347e63711fdb0b0186cee2fc2f277f04f27e322d96eea
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
9563291c83c583f8d0cd325cac7352974f21319cf874ad9dd02cbeab1e36c33b
97ac7838d72baaab28b8dc2d98f418738470c34bcfe9aeb5ce59de3472abe4a8
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
981c7dec6bc6c8a0a4b1b3c90ede49a5da2606ba29991cea055145bca4b92002
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98b7cbe24c113ea9ced0455d223812b0d19992b2734c98389d5faf44337684e9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d8b1b53eb7044d960e01ceeb6c0eda7abdd478a8de9e7bc7bb17cbacf29a930
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a45cf3df8027e39ea0d302ca3248553ba749ed800ff297d8543e0ff75b2087ff
a551ae12bd3309f296829943826085ecb3e83ad9eca678fbea35a3ec75f49a16
a92486c205933e5bee304a3f16f89bb87f237e4533154c7d93572aa56b26f1c9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa37929a7aa581cda81da9022843b9e983e12f7c0bf03619f1a063c47cfa5775
ab1fa887a1041ad989bb804ce9f53ad2d54b654c3d1faa463f2f07b91f44b819
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e8e5af94bb54ba3a8cf32cb250b789b6ecbec8fbe36fb02b968e8ef1211122
b5d41bd3f02761e9da0a9b4c1b84703adf33121a3a1a3df7feffbcc02b726e2d
b7baef5f4450fc7e502cb134cc4121186759c9750f2888a336d804427ba7893d
b7d6542c4488ea4e36cc1d6fb19bd92775f9c4a45c60eee7e4ade3d97f2cc459
b80c5d8bfb3c92eecdd3338eea1ff651d3a49d896870556b456a7ba774fbeef9
b9ed05b07a8308ae64b9450d7da503c9db6ac6e993ae8c5f4b714386a74c4755
bae087734103d8fda020e7401dda2ae6a8c39fa385fa2af5878919e854ae192e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb5be8d400a6105d6d66f4d03a7b8b8414a98e394157b4031edee97722350b9
bbfc9dd31913af769c7313d94acc15abe7f3541038b6b93b6c60e4e4e36152dd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c510407055f17452924aaa05baaf0755899fed05f8d6a8dd7f3322819844d23b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cca01367784cb4233823f7ed0728e7f6ee88a2f62176307e195183523a9cb927
ccac7a195b445234a61477779b473f3707220af92f812c736890c7ea619fb706
cd267e2bbeec9925f2bfea9f979e9e1a79a05638c6e4ce604b7cfbe4fb61a519
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02acbb8a8b8f543d31c35e392b53f17e26c49560b3a3920f02f09ebf1d33b3d
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d558dbb609dd1e46eb1678c093569becd93668ba990b377bfc41c0e88e3d054c
da30f668be357ae5bebf02dc4e7ce364d7c57dc828c96fff73cabdcd1e2545a7
da4f9297effcc6218310e35ffc9a7c4e22cd4335ffb466c7b804a6790f2682fe
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df9439b47ccdbd052e6107e94e32b5746e10b400470beaca5d238ca6d32c605e
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e12d294b5f7a904c03712d091bcd6bb8bf4e4d4d9af61e84a5c92aa28c90f2c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46ac08c36c12473bfc148ab3fd280b05a6beb523db2408f989aa78a1b4b6a51
e6a6ba713ca9eb1360da608ce45ada604b66d4088b83453cc478d4d992e60ac6
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e92c27ae503f74a3a258e5b9e611c8e69f5c0ef277b18bf79e01304b972121a5
e9fd133179258be83b253439290aa025baa42da2d8fb5bf6f1dd05e99606db92
ea20cdfa40c7ee80c4c1079164cfc03ad815ab378cf665fb2db7191c9eca11b0
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0905e6a977ab0d3fdc28af41d88d73ba922c495f70bb58793cb2f34c2ce86bf
f0bf98437a8bb108a516e2660f5a7cf6ed3d851dfdbbccf1cb5e9243f1526c77
f1c8a6645bbd557b6f18a1250e649337822e02189e85bfd404320ba52b11c690
f211d82f1076d50be93029d00598ab0f863abd2fe93791ff997dc882e15715e9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f72d7d1793dd9eb7b7697f2c6307a471d644734747381e10794fbe9e82181e1a
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff35667ae307d4aecfa0238aa09bc3f738a7dd0d2a6b190fbae260888626115d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ffc88fb8731197188c817bbbfd98cad325a3bc0e9700e56702851cc10aefd48a