urlscan.io logo urlscan.io
SecurityTrails logo

finanswebde.com Open in urlscan Pro
195.201.122.228  Public Scan

Go To Rescan Add Verdict Report
URL: https://finanswebde.com/emtia/altin
Submission: On July 11 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 13 countries across 120 domains to perform 434 HTTP transactions. The main IP is 195.201.122.228, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is finanswebde.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2022. Valid for: a year.
This is the only time finanswebde.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 195.201.122.228 24940 (HETZNER-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
4 151.139.245.20 33438 (STACKPATH)
24 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 24 185.7.176.221 42910 (PREMIERDC...)
3 2607:f8b0:400... 15169 (GOOGLE)
15 2607:f8b0:400... 15169 (GOOGLE)
1 172.217.165.130 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
8 142.250.65.226 15169 (GOOGLE)
3 13.249.119.124 16509 (AMAZON-02)
18 195.201.133.252 24940 (HETZNER-AS)
2 2a04:4e42:600... 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
3 185.7.176.223 42910 (PREMIERDC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.241.45.217 15169 (GOOGLE)
1 35.179.5.97 16509 (AMAZON-02)
4 37.157.5.142 198622 (ADFORM)
5 10 68.67.160.24 29990 (ASN-APPNEX)
2 2602:803:c002... 26667 (RUBICONPR...)
3 26 216.52.2.30 30282 (AS-INAPCD...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.36.115.98 62713 (AS-PUBMATIC)
2 199.187.193.200 47043 (SMARTADSE...)
1 15 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.243.38 15169 (GOOGLE)
2 51.222.39.186 16276 (OVH)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
3 10 104.18.18.126 13335 (CLOUDFLAR...)
8 34.149.40.38 15169 (GOOGLE)
29 2607:f8b0:400... 15169 (GOOGLE)
15 37 142.251.40.162 15169 (GOOGLE)
2 8 34.98.64.218 15169 (GOOGLE)
1 2 23.60.1.46 16625 (AKAMAI-AS)
2 4 52.71.37.99 14618 (AMAZON-AES)
10 13.249.120.26 16509 (AMAZON-02)
1 13.249.120.90 16509 (AMAZON-02)
2 142.250.65.194 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2 104.45.178.220 8075 (MICROSOFT...)
2 7 8.28.7.81 62713 (AS-PUBMATIC)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
4 4 174.137.133.49 27257 (WEBAIR-IN...)
2 3 199.187.193.179 47043 (SMARTADSE...)
1 1 34.193.38.230 14618 (AMAZON-AES)
3 3 35.207.24.140 15169 (GOOGLE)
2 2 54.198.189.0 14618 (AMAZON-AES)
4 5 23.217.162.245 16625 (AKAMAI-AS)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 31.220.27.135 39572 (ADVANCEDH...)
1 1 159.203.145.121 14061 (DIGITALOC...)
5 5 54.175.87.114 14618 (AMAZON-AES)
10 52.217.171.249 16509 (AMAZON-02)
1 168.119.79.223 24940 (HETZNER-AS)
1 185.7.176.4 42910 (PREMIERDC...)
8 8 67.202.105.22 32748 (STEADFAST)
1 2 67.202.105.31 32748 (STEADFAST)
3 11 104.127.172.242 16625 (AKAMAI-AS)
11 11 35.211.178.172 15169 (GOOGLE)
3 3 199.38.167.129 54312 (ROCKETFUEL)
6 34.117.239.71 15169 (GOOGLE)
4 4 216.200.232.253 30419 (MEDIAMATH...)
4 4 2606:ae80:147... 26762 (CNVR-US-EAST)
9 10 15.197.193.217 16509 (AMAZON-02)
9 11 69.173.151.100 26667 (RUBICONPR...)
6 23.60.4.197 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
1 2001:4998:14:... 14777 (YAHOO)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 35.190.60.146 15169 (GOOGLE)
2 4 52.95.122.74 16509 (AMAZON-02)
2 4 209.54.182.161 16509 (AMAZON-02)
1 1 52.71.236.56 14618 (AMAZON-AES)
1 1 2600:9000:21f... 16509 (AMAZON-02)
2 2 141.95.98.67 16276 (OVH)
2 2 96.46.186.57 7979 (SERVERS-COM)
1 1 23.200.204.24 16625 (AKAMAI-AS)
7 8 199.127.204.142 26120 (RHYTHMONE)
3 3 75.126.248.142 36351 (SOFTLAYER)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 51.255.68.171 16276 (OVH)
1 1 198.148.27.140 19189 (PULSEPOINT)
3 3 2620:116:800b... 14618 (AMAZON-AES)
7 7 52.22.197.83 14618 (AMAZON-AES)
2 2 68.67.160.186 29990 (ASN-APPNEX)
1 1 3.209.185.106 14618 (AMAZON-AES)
3 3 207.198.113.87 13768 (COGECO-PEER1)
3 3 52.0.156.250 14618 (AMAZON-AES)
2 2 107.178.246.49 15169 (GOOGLE)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
3 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 35.171.226.138 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 52.36.124.159 16509 (AMAZON-02)
2 3 185.167.164.43 198622 (ADFORM)
4 4 151.101.2.49 54113 (FASTLY)
2 21 104.36.113.107 62713 (AS-PUBMATIC)
1 1 132.226.41.106 31898 (ORACLE-BM...)
9 8.28.7.83 62713 (AS-PUBMATIC)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
5 104.36.115.114 62713 (AS-PUBMATIC)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 173.231.178.77 29791 (VOXEL-DOT...)
1 1 34.234.174.195 14618 (AMAZON-AES)
1 2 35.169.219.41 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 52.2.182.92 14618 (AMAZON-AES)
1 1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.65.44 54113 (FASTLY)
1 1 139.162.117.143 63949 (LINODE-AP...)
1 5.161.54.172 213230 (HETZNER-C...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
6 6 15.235.15.221 16276 (OVH)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 184.85.195.135 16625 (AKAMAI-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 162.248.18.10 62713 (AS-PUBMATIC)
1 2 50.57.31.206 19994 (RACKSPACE)
1 13.249.120.127 16509 (AMAZON-02)
1 52.44.38.45 14618 (AMAZON-AES)
1 1 52.7.59.203 14618 (AMAZON-AES)
2 2 35.211.141.197 19527 (GOOGLE-2)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 1 45.35.192.162 40676 (AS40676)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 2 3.227.107.207 14618 (AMAZON-AES)
1 52.55.236.147 14618 (AMAZON-AES)
2 2404:6800:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:402... 15169 (GOOGLE)
1 2a00:ba61:0:1... 35625 (EURAFIBRE-AS)
2 2 34.239.109.150 14618 (AMAZON-AES)
1 2 142.250.81.230 ()
3 142.251.40.226 ()
2 2 34.206.232.206 ()
1 2607:f8b0:400... ()
3 199.187.193.204 ()
434 95
18    195.201.122.228 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.228.122.201.195.clients.your-server.de
finanswebde.com
2    2607:f8b0:4006:821::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    151.139.245.20 (United States)

ASN33438 (STACKPATH, US)
finanscepte-xuoe622gjknvdey.stackpathdns.com
24    2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
24    185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
static.virgul.com
ng.virgul.com
ng2.virgul.com
logger.virgul.com
istr.izlesene.com
3    2607:f8b0:4006:809::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
adservice.google.fr
1    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
www.googleadservices.com
1    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2607:f8b0:4006:81e::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
8    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
3    13.249.119.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-119-124.atl51.r.cloudfront.net
c.amazon-adsystem.com
18    195.201.133.252 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.133.201.195.clients.your-server.de
finans.apipara.com
2    2a04:4e42:600::775 (United States)

ASN54113 (FASTLY, US)
cuneytekinci.ghost.io
2    2607:f8b0:4006:81e::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:807::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    185.7.176.223 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
c1.imgiz.com
istr-n23.nktcdn.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    35.179.5.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-5-97.eu-west-2.compute.amazonaws.com
spadsync.com
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
10    68.67.160.24 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
26    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
ce.lijit.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    104.36.115.98 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    199.187.193.200 (Canada)

ASN47043 (SMARTADSERVER, CA)
prg.smartadserver.com
15    2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ss-pbs.quantumdex.io
1    34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com
pandg.tapad.com
2    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
3    2607:f8b0:4006:823::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.fr
adservice.google.com
3    2607:f8b0:4006:80c::2001 (New York, United States)

ASN15169 (GOOGLE, US)
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
12    2607:f8b0:4006:80b::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
29    2607:f8b0:4006:806::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
37    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    23.60.1.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-1-46.deploy.static.akamaitechnologies.com
sync.teads.tv
4    52.71.37.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-37-99.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
10    13.249.120.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-120-26.atl51.r.cloudfront.net
am.contobox.com
cbmedia2.contobox.com
1    13.249.120.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-120-90.atl51.r.cloudfront.net
a.svtrd.com
2    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2607:f8b0:4006:822::200a (New York, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
7    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.torchad.com
4    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
3    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    34.193.38.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-38-230.compute-1.amazonaws.com
cc.adingo.jp
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    54.198.189.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-189-0.compute-1.amazonaws.com
match.sharethrough.com
5    23.217.162.245 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-162-245.deploy.static.akamaitechnologies.com
px.owneriq.net
3    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
5    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
10    52.217.171.249 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
contobox-data.s3.amazonaws.com
1    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
1    185.7.176.4 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
panel.izlesene.com
8    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
11    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
11    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    199.38.167.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
4    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    2606:ae80:1471:18::1400 (United States)

ASN26762 (CNVR-US-EAST, US)
33across-match.dotomi.com
pubmatic-match.dotomi.com
10    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
6    23.60.4.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-4-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
ads.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.71.236.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-236-56.compute-1.amazonaws.com
ssp.disqus.com
1    2600:9000:21f9:e400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu
id5-sync.com
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    23.200.204.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-204-24.deploy.static.akamaitechnologies.com
hbx.media.net
8    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
3    75.126.248.142 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com
um.simpli.fi
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
7    52.22.197.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-197-83.compute-1.amazonaws.com
match.prod.bidr.io
2    68.67.160.186 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    3.209.185.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-185-106.compute-1.amazonaws.com
aorta.clickagy.com
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
loada.exelator.com
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
3    2600:1f18:4e9:5a07:90a3:294f:189a:c958 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    35.171.226.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-226-138.compute-1.amazonaws.com
s.company-target.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    52.36.124.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-124-159.us-west-2.compute.amazonaws.com
dpm.demdex.net
3    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
21    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
5    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    173.231.178.77 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    34.234.174.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-174-195.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.169.219.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-219-41.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    52.2.182.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-182-92.compute-1.amazonaws.com
pm.w55c.net
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    139.162.117.143 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1601-143.members.linode.com
gocm.c.appier.net
1    5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
6    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
1    184.85.195.135 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-195-135.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
1    13.249.120.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-120-127.atl51.r.cloudfront.net
aa.agkn.com
1    52.44.38.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-38-45.compute-1.amazonaws.com
rtb.adentifi.com
1    52.7.59.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-59-203.compute-1.amazonaws.com
sync.ipredictive.com
2    35.211.141.197 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
2    204.2.255.233 (Fort Lauderdale, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    3.227.107.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-107-207.compute-1.amazonaws.com
io.narrative.io
1    52.55.236.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-236-147.compute-1.amazonaws.com
rtb.gumgum.com
2    2404:6800:4009:820::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2607:f8b0:4006:807::2001 (New York, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2607:f8b0:4020:1::6 (Montreal, Canada)

ASN15169 (GOOGLE, US)
rr1---sn-t0a7ln7d.googlevideo.com
1    2a00:ba61:0:126::d (France)

ASN35625 (EURAFIBRE-AS, FR)
rr2---sn-apaapm4g-apae.googlevideo.com
2    34.239.109.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-109-150.compute-1.amazonaws.com
ads.avct.cloud
2    142.250.81.230 (None, )

ASN- ()
ad.doubleclick.net
3    142.251.40.226 (None, )

ASN- ()
ade.googlesyndication.com
2    34.206.232.206 (None, )

ASN- ()
ad.360yield.com
1    2607:f8b0:4004:c17::8b (None, )

ASN- ()
s.youtube.com
3    199.187.193.204 (None, )

ASN- ()
rtb-csync.smartadserver.com
Apex Domain
Subdomains		 Transfer
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287
pubads.g.doubleclick.net — Cisco Umbrella Rank: 487
ad.doubleclick.net
262 KB
50 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520
image6.pubmatic.com — Cisco Umbrella Rank: 629
ads.pubmatic.com — Cisco Umbrella Rank: 488
simage2.pubmatic.com — Cisco Umbrella Rank: 611
image2.pubmatic.com — Cisco Umbrella Rank: 865
image4.pubmatic.com — Cisco Umbrella Rank: 882
simage4.pubmatic.com — Cisco Umbrella Rank: 1202
aud.pubmatic.com — Cisco Umbrella Rank: 5409
64 KB
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
ade.googlesyndication.com
272 KB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
3 MB
26 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
ce.lijit.com — Cisco Umbrella Rank: 963
48 KB
26 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
eus.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 993
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2344
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5287
51 KB
23 virgul.com
static.virgul.com — Cisco Umbrella Rank: 99715
ng.virgul.com — Cisco Umbrella Rank: 70575
ng2.virgul.com — Cisco Umbrella Rank: 77424
logger.virgul.com — Cisco Umbrella Rank: 111033
221 KB
18 apipara.com
finans.apipara.com — Cisco Umbrella Rank: 610948
1 MB
18 finanswebde.com
finanswebde.com
333 KB
15 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 10756
sync.quantumdex.io — Cisco Umbrella Rank: 4819
ss-pbs.quantumdex.io — Cisco Umbrella Rank: 168644
3 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 953
events-ssc.33across.com — Cisco Umbrella Rank: 1887
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 6356
5 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
acdn.adnxs.com — Cisco Umbrella Rank: 591
secure.adnxs.com — Cisco Umbrella Rank: 408
28 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
5 KB
11 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2518
mp.4dex.io — Cisco Umbrella Rank: 3646
u.4dex.io — Cisco Umbrella Rank: 5919
27 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1274
s.amazon-adsystem.com — Cisco Umbrella Rank: 286
47 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
data.adsrvr.org — Cisco Umbrella Rank: 6046
5 KB
10 amazonaws.com
contobox-data.s3.amazonaws.com — Cisco Umbrella Rank: 142403
189 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299
ads.yahoo.com — Cisco Umbrella Rank: 1058
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
cms.analytics.yahoo.com — Cisco Umbrella Rank: 847
6 KB
10 contobox.com
am.contobox.com — Cisco Umbrella Rank: 24159
cbmedia2.contobox.com — Cisco Umbrella Rank: 36700
237 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
10 KB
8 openx.net
us-u.openx.net — Cisco Umbrella Rank: 387
1 KB
8 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1366
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1255
rtb-csync.smartadserver.com
3 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com — Cisco Umbrella Rank: 92
2 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 474
3 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 3956
c1.adform.net — Cisco Umbrella Rank: 583
2 KB
7 gstatic.com
fonts.gstatic.com
csi.gstatic.com
134 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3729
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 540
3 KB
5 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1004
4 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
imasdk.googleapis.com — Cisco Umbrella Rank: 425
331 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
1 KB
4 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 4168
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3635
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
2 KB
4 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
sync.crwdcntrl.net — Cisco Umbrella Rank: 716
2 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 964
88 KB
4 stackpathdns.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
81 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 909
ad.turn.com — Cisco Umbrella Rank: 801
1 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1268
loada.exelator.com — Cisco Umbrella Rank: 19811
3 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 587
2 KB
3 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 443
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
2 KB
3 unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3080
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121
1 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
idsync.rlcdn.com — Cisco Umbrella Rank: 321
844 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 775
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2209
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 901
1 KB
3 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 1846
pixel.tapad.com — Cisco Umbrella Rank: 444
896 B
3 google.ca
www.google.ca — Cisco Umbrella Rank: 7301
719 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 360yield.com
ad.360yield.com
633 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3099
890 B
2 googlevideo.com
rr1---sn-t0a7ln7d.googlevideo.com — Cisco Umbrella Rank: 149057
rr2---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 830298
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4014
643 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5558
965 B
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 5263
769 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1128
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 4768
624 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 672
match.taboola.com — Cisco Umbrella Rank: 2357
658 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 790
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1398
572 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1459
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 717
widget.us.criteo.com — Cisco Umbrella Rank: 16628
722 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 809
718 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
2 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 622
734 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2197
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 550
3 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1575
hde.tynt.com — Cisco Umbrella Rank: 5463
3 KB
2 izlesene.com
panel.izlesene.com — Cisco Umbrella Rank: 265629
istr.izlesene.com — Cisco Umbrella Rank: 163441
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5628
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
626 B
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5237
1 KB
2 torchad.com
rtb2-useast.torchad.com — Cisco Umbrella Rank: 21962
1 KB
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4123
809 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 938
523 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
85 KB
2 google.fr
adservice.google.fr — Cisco Umbrella Rank: 25125
914 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
2 KB
2 imgiz.com
c1.imgiz.com — Cisco Umbrella Rank: 137848
131 KB
2 ghost.io
cuneytekinci.ghost.io
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
83 KB
1 youtube.com
s.youtube.com
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 257
3 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1247
209 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2661
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4081
464 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2597
493 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1030
522 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1200
35 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 445
653 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 483
424 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 908
403 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6006
281 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6426
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2352
395 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1301
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 753
613 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 922
222 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3984
391 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1161
785 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2219
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 4439
400 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2381
426 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 556
679 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3329
477 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1351
596 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
530 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 4219
291 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 395
788 B
1 nktcdn.com
istr-n23.nktcdn.com — Cisco Umbrella Rank: 573986
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1905
159 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 1844
385 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3931
323 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3185
452 B
1 svtrd.com
a.svtrd.com — Cisco Umbrella Rank: 32678
2 KB
1 spadsync.com
spadsync.com — Cisco Umbrella Rank: 84033
308 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1695
4 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
434 120
Domain Requested by
37 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
eus.rubiconproject.com
ap.lijit.com
us-u.openx.net
29 s0.2mdn.net 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
finanswebde.com
s0.2mdn.net
imasdk.googleapis.com
24 pagead2.googlesyndication.com finanswebde.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
21 simage2.pubmatic.com 2 redirects ads.pubmatic.com
20 ce.lijit.com ap.lijit.com
us-u.openx.net
ads.pubmatic.com
18 finans.apipara.com finanswebde.com
18 finanswebde.com finanswebde.com
13 sync.quantumdex.io 1 redirects static.virgul.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
imasdk.googleapis.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googleadservices.com
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
finanswebde.com
11 x.bidswitch.net 11 redirects
10 contobox-data.s3.amazonaws.com am.contobox.com
contobox-data.s3.amazonaws.com
10 ib.adnxs.com 5 redirects static.virgul.com
googleads.g.doubleclick.net
acdn.adnxs.com
9 image2.pubmatic.com ads.pubmatic.com
9 match.adsrvr.org 8 redirects static.virgul.com
9 ng.virgul.com static.virgul.com
8 eus.rubiconproject.com hde.tynt.com
eus.rubiconproject.com
static.virgul.com
sync.quantumdex.io
finanswebde.com
8 ssc-cms.33across.com 8 redirects
8 us-u.openx.net 2 redirects googleads.g.doubleclick.net
ap.lijit.com
us-u.openx.net
8 u.4dex.io hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
ssbsync.smartadserver.com
7 match.prod.bidr.io 7 redirects
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
6 pixel.onaudience.com 6 redirects
6 ads.pubmatic.com static.virgul.com
sync.quantumdex.io
ap.lijit.com
ads.pubmatic.com
finanswebde.com
6 logger.virgul.com c1.imgiz.com
6 cbmedia2.contobox.com 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
6 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 ap.lijit.com 3 redirects static.virgul.com
ap.lijit.com
6 www.google.com finanswebde.com
tpc.googlesyndication.com
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
6 static.virgul.com finanswebde.com
static.virgul.com
5 sync.1rx.io 5 redirects
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
5 ups.analytics.yahoo.com 5 redirects
5 px.owneriq.net 4 redirects ap.lijit.com
5 fonts.gstatic.com fonts.googleapis.com
5 securepubads.g.doubleclick.net static.virgul.com
securepubads.g.doubleclick.net
4 sync-tm.everesttech.net 4 redirects
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ap.lijit.com
4 sync.mathtag.com 4 redirects
4 am.contobox.com 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
finanswebde.com
4 ssum-sec.casalemedia.com 2 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
4 adx.adform.net static.virgul.com
4 use.fontawesome.com finanswebde.com
use.fontawesome.com
4 finanscepte-xuoe622gjknvdey.stackpathdns.com finanswebde.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 ade.googlesyndication.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 simage4.pubmatic.com ads.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
ads.pubmatic.com
us-u.openx.net
3 pixel-sync.sitescout.com 3 redirects
3 pixel.quantserve.com 3 redirects
3 um.simpli.fi 3 redirects
3 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
3 pixel-us-east.rubiconproject.com 3 redirects
3 p.rfihub.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects finanswebde.com
3 imasdk.googleapis.com c1.imgiz.com
imasdk.googleapis.com
3 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com static.virgul.com
c.amazon-adsystem.com
3 www.google.ca finanswebde.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ad.360yield.com 2 redirects
2 ad.doubleclick.net 1 redirects
2 ads.avct.cloud 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 io.narrative.io 1 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 m.fg8dgt.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 sync.crwdcntrl.net 1 redirects
2 pm.w55c.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 ad.turn.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects ads.pubmatic.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pixel.tapad.com 2 redirects
2 loadm.exelator.com 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 creativecdn.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 id5-sync.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 match.sharethrough.com 2 redirects
2 dsp.adkernel.com 2 redirects
2 rtb2-useast.torchad.com 2 redirects
2 mweb.ck.inmobi.com 2 redirects
2 googleads4.g.doubleclick.net finanswebde.com
2 bcp.crwdcntrl.net 1 redirects 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 www.googletagservices.com 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
2 ng2.virgul.com
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 adservice.google.fr securepubads.g.doubleclick.net
imasdk.googleapis.com
2 onetag-sys.com finanswebde.com
sync.quantumdex.io
2 prg.smartadserver.com static.virgul.com
2 fastlane.rubiconproject.com static.virgul.com
2 script.4dex.io static.virgul.com
script.4dex.io
2 c1.imgiz.com finanswebde.com
c1.imgiz.com
2 fonts.googleapis.com finanswebde.com
s0.2mdn.net
2 cuneytekinci.ghost.io finanswebde.com
2 www.googletagmanager.com finanswebde.com
www.googletagmanager.com
1 s.youtube.com
1 rr2---sn-apaapm4g-apae.googlevideo.com
1 rr1---sn-t0a7ln7d.googlevideo.com 1 redirects
1 yt3.ggpht.com
1 rtb.gumgum.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 sync.resetdigital.co 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 aa.agkn.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 tags.bluekai.com ads.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 loada.exelator.com 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 widget.us.criteo.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 ss-pbs.quantumdex.io eus.rubiconproject.com
1 tags.rd.linksynergy.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 d.turn.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 data.adsrvr.org 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 usermatch.targeting.unrulymedia.com sync.quantumdex.io
1 hbx.media.net 1 redirects
1 s.ad.smaato.net 1 redirects
1 ssp.disqus.com 1 redirects
1 id.rlcdn.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 acdn.adnxs.com static.virgul.com
1 istr-n23.nktcdn.com
1 istr.izlesene.com 1 redirects
1 cms-xch-chicago.33across.com hde.tynt.com
1 hde.tynt.com finanswebde.com
1 de.tynt.com 1 redirects
1 panel.izlesene.com c1.imgiz.com
1 sync.richaudience.com finanswebde.com
1 cs.chocolateplatform.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 s.tribalfusion.com 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
1 cc.adingo.jp 1 redirects
1 a.svtrd.com s0.2mdn.net
1 pandg.tapad.com pghub.io
1 useast.quantumdex.io static.virgul.com
1 hbopenbid.pubmatic.com static.virgul.com
1 mp.4dex.io static.virgul.com
1 spadsync.com static.virgul.com
1 pghub.io static.virgul.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googleadservices.com www.googletagmanager.com
0 sync.tidaltv.com Failed ssbsync.smartadserver.com
0 match.bnmla.com Failed ads.pubmatic.com
434 182

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
appgallery.cloud.huawei.com
Subject Issuer Validity Valid
finanswebde.com
Go Daddy Secure Certificate Authority - G2		 2022-01-29 -
2023-03-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.stackpathdns.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.virgul.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-04 -
2022-11-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.apipara.com
Go Daddy Secure Certificate Authority - G2		 2022-07-10 -
2023-08-11		 a year crt.sh
ghost.io
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.imgiz.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-08 -
2022-10-09		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
spadsync.com
SSL.com RSA SSL subCA		 2022-03-02 -
2023-03-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.google.fr
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.contobox.com
Go Daddy Secure Certificate Authority - G2		 2021-11-14 -
2022-12-16		 a year crt.sh
a.svtrd.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.izlesene.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-11 -
2022-10-13		 2 years crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-06-23 -
2023-06-22		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-08-19		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
truffle.bid
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
u.4dex.io
GTS CA 1D4		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 67 frames:

Primary Page: https://finanswebde.com/emtia/altin
Frame ID: 7A92CB116F8B6ED824B796428DE2B17F
Requests: 126 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 7659C4C064C75BABEAB881674ADFB06B
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 28964BB5FA151543251B447E2092E897
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Frame ID: AAB4AB6F944519110C751655691FC966
Requests: 1 HTTP requests in this frame

Frame: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BECA162F0C8B9F723479101413887766
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E79A6B4F142362230E34629820E7DCC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FAEFF7D7467ABA2FC8304D42789D4457
Requests: 2 HTTP requests in this frame

Frame: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 744B4DFBEDEFF93581336D674E3BFCA0
Requests: 16 HTTP requests in this frame

Frame: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F3936F7C1F1A1B1C188516F5EEF58F3C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMfb37kCGNDfqqABMAE&v=APEucNV2RA97j0qTfWMUXQ3qbDd4USuvVkUttbeFxeITtfac5IyTYdthK4AwMoCqTFK0UwRWIJ07VWXpMf4kQmodC8fZPSybDw
Frame ID: E97F25BB6D72F51026A0D459E69BE785
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCy9b7HAhjA8PLLATAB&v=APEucNWf-h5QGeaDp9rlSbhNiXlvJ6-CgBq7V7QzMmzBrV2ZYvschCqilctIAG5zEZii4p_URoxASgzAY4ObANDSoz1X7ZOiKg
Frame ID: 4F2A192A9DB7B41D18CD64233B8A799D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C187156495B78DA4B7155BDD9835000B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 85D186F6E8EB92830D4F0CFEFED19D14
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Frame ID: 9A325D9E589156AB27A03EE08B1D63D7
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F6E2969D676E99CA0B09777AB09EF4D9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B873AC73D990BF4BBC2D3953E498BA4
Requests: 3 HTTP requests in this frame

Frame: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.html
Frame ID: 65577B396DA95D6C809043A78EC771AD
Requests: 10 HTTP requests in this frame

Frame: https://am.contobox.com/cbdata/fonts/ITCAvantGardeStd/ITCAvantGardeStd-Bk.woff?ac=1651525269
Frame ID: 12A93767E6A0499BD71AC78940DCC555
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 9A03106BA07BA93D2491A22E24671232
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Frame ID: 36D311957BB2F2039C5D8A6D02F9C929
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.520.0_tr.html
Frame ID: C99E9690BF727F6EE48EC1F0818ACE8A
Requests: 20 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Frame ID: C46687C227E8D4FCCE5E568753F4562A
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: FB30C8A08D30436CC47D0DD66627056E
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 7DAC50229A5FA3296519C97FBB2A4F51
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Frame ID: 09F697E674ABE1AE9059D0FC4953A0D4
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8EF37940E9CADD05490E9EB86E5BDD9D
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13442375
Frame ID: E651649C6B0480A63C7FCCE650CF9650
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 149F220051CC1F88BD55C853C917D03F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: CF64D145C21CE367308992621F82B0DC
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: D56ABCE44121E9C29FFF24100F8349B5
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: A3D4B59AB66EEAA4E9FC77C9462922FC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 0DADB0CF54689B4C795E5ACBE94932B9
Requests: 3 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 3BC90857A758496FCD448183C883D081
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=7091436072324207667&gdpr=0&gdpr_consent=
Frame ID: 96E4EF44625E9694F0AC4249230842BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 75C2210BE6B907E94EA310DDE2C9D02F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: EEC6D1169BE1C54CB7DE4522B27B900B
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: DEB313F3D15185ABD456DC426B049CD6
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06
Frame ID: F588CFAB3A8858A5D9F41821477C2484
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YswoqQAPhODTGgA2&gdpr=0&gdpr_consent=&_test=YswoqQAPhODTGgA2
Frame ID: B33BE1290EE71C97F9095485CE4F5947
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Frame ID: 8FC020E6A74DD430FFF8271536D523DF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSJk7FmFEAABLfOoZ8lw
Frame ID: A989C18471FBC2B957925D469E969BED
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: DF21599050627FE936B9F394EC3BA1A0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 51096608DD153E365E5AADD5A1FA1EEA
Requests: 19 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 501C694D6BEBC910DF0BA433BD25BF57
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E4BD908AF7CA002DD8E9DB73C99045DD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3f5080b8-011f-11ed-8a48-7928c69fc35f
Frame ID: 262A792413B4E00FF3D9BDEECB0F0AC2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sPtn5R41RshEyzTAZGtoS5U4mbI
Frame ID: 3BCB6A3B7E7621AD0B7EE44818966FEF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
Frame ID: C345D0FAD98443DB69E1C62A575463A1
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=33F3D6F8-BCC8-4348-BE15-968240180A06
Frame ID: 31E1366D2B35B1828284AD24AA9F58E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=679997214942
Frame ID: 3EB774B7FF53FD6FCAA24C4761BB9898
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZuvqWjKQ1OaTFN5&gdpr=0&gdpr_consent=
Frame ID: 4ADA83343A8952D5E3D2BA0CA8E1A68A
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EFEA9C84D4E76623065F9410E1F96C97
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7108333181862472954P
Frame ID: C966CDE5D47BC242012060B24002C378
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b957b40a-62f4-44a9-bb5f-7db7febc4d49-tuct9c5ae2b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: EFFD4FBC0F3130F45967731D2FCEEB14
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=R2AE12GeCIG9umgLrCjMYg
Frame ID: 95BB203636BB237F639F3CE2609E0C48
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B9BEA4B97CEFAF72C32F5DFD64FE4F6E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: E46941D2FB67E3FE4BCB994118245658
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 3DF5CC050568DF830898FFB5587B421A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=21ff4873-c3ff-45e2-8823-055a996590ea
Frame ID: FEE25FE49E5EC186212FE3EB6C8EDB7D
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 616B354B4D9DFDE487EC0C19510EBDC4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
Frame ID: BBD3CE936E99E99800062248E3AE1015
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)33F3D6F8-BCC8-4348-BE15-968240180A06
Frame ID: 192F52B82CE4397035A686F1C4674895
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=33F3D6F8-BCC8-4348-BE15-968240180A06
Frame ID: 025D61AE2D2A13F683AE407D2C00F6E2
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=33F3D6F8-BCC8-4348-BE15-968240180A06
Frame ID: 71E30DFB5B3720A04F7C592BDF5709A0
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=33F3D6F8-BCC8-4348-BE15-968240180A06
Frame ID: 1BDBEF764A73C3BC1CAC71F32B264F1A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: E0C9D2CDECB96F055921027ACE4C683D
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 0FBB522731CFF578D6C7A9365B1A2D0F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ons Yorum ve Analizi [FinansCepte]

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

434
Requests

74 %
HTTPS

25 %
IPv6

120
Domains

182
Subdomains

95
IPs

13
Countries

6751 kB
Transfer

16757 kB
Size

223
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1 HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=YswopvRNebm77TagTrJF1QAAAeAAAAIB
Request Chain 126
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
Request Chain 127
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YswopvRNebm77TagTrJF1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
Request Chain 128
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnQ4IOtzIcOPmiaEXaB7Mw&google_cver=1
Request Chain 129
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDkwMTUxNzQ2MzkwNTE3Mg%3D%3D
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
Request Chain 131
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE3OTNmMjItMjJkMC0yMDFkLWM2Y2UtMzRmYjhlMjU4NTkw
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEP4z1R3JKUvlganu9zgDr38&google_cver=1
Request Chain 133
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMyMTE5YTEtZTkxNC00NjZjLTg0NTMtOWMyNWM1YTExYmE3
Request Chain 136
  • https://bcp.crwdcntrl.net/5/c=14633/b=85950886 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=14633/b=85950886
Request Chain 152
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELZPw-3kVJaa3ULrx9upZEs&google_cver=1&google_push=AehlK4Dforz5NAEtAKdu5Cbw8Nq-9GAe_wSD_QJf-YFzkwO8tmQVXIGbnrpxc3cTO6WTBI-7riKL4d1-GZ90ryUuBSCwizAV2iBkyWDI61M0Yd9GhKsx1c3EkqVvE5hyfY9N63M-UKzLx3c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjFmZjQ4NzMtYzNmZi00NWUyLTg4MjMtMDU1YTk5NjU5MGVh&google_gid=CAESELZPw-3kVJaa3ULrx9upZEs&google_cver=1&google_push=AehlK4Dforz5NAEtAKdu5Cbw8Nq-9GAe_wSD_QJf-YFzkwO8tmQVXIGbnrpxc3cTO6WTBI-7riKL4d1-GZ90ryUuBSCwizAV2iBkyWDI61M0Yd9GhKsx1c3EkqVvE5hyfY9N63M-UKzLx3c
Request Chain 153
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENXf_xNf1hZ414wuh-VNZF0&google_cver=1&google_push=AehlK4BD6th_DWITk2a0ulZuxMcinqDXWFCRiSxEp9jVlD2xjM312_meOTgh4Nfnd7kezVsdBjEphWRqdaAaAzM_K8iy2H3k58zEkgspIyNBdCHLm9ZV5PRdXcn53zGkX1u1UyQdUCxMeLw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENXf_xNf1hZ414wuh-VNZF0&google_cver=1&google_push=AehlK4BD6th_DWITk2a0ulZuxMcinqDXWFCRiSxEp9jVlD2xjM312_meOTgh4Nfnd7kezVsdBjEphWRqdaAaAzM_K8iy2H3k58zEkgspIyNBdCHLm9ZV5PRdXcn53zGkX1u1UyQdUCxMeLw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M_PW-LzIQ0i-FZaCQBgKBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BD6th_DWITk2a0ulZuxMcinqDXWFCRiSxEp9jVlD2xjM312_meOTgh4Nfnd7kezVsdBjEphWRqdaAaAzM_K8iy2H3k58zEkgspIyNBdCHLm9ZV5PRdXcn53zGkX1u1UyQdUCxMeLw
Request Chain 154
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEFduEOl2AFqx4XapZfdnQhg&google_cver=1&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9RYsmclumyrOpDYCFHPXbQxgwpjUxQR2oAiLd1EKhfQkFTa7ELkZOesidv88l1w HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESEFduEOl2AFqx4XapZfdnQhg%26google_cver%3D1%26google_push%3DAehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9RYsmclumyrOpDYCFHPXbQxgwpjUxQR2oAiLd1EKhfQkFTa7ELkZOesidv88l1w HTTP 302
  • https://rtb2-useast.torchad.com/sync?adkuid=A692093370687054872&exchange=309&google_gid=CAESEFduEOl2AFqx4XapZfdnQhg&google_cver=1&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9RYsmclumyrOpDYCFHPXbQxgwpjUxQR2oAiLd1EKhfQkFTa7ELkZOesidv88l1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTY5MjA5MzM3MDY4NzA1NDg3Mg&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9RYsmclumyrOpDYCFHPXbQxgwpjUxQR2oAiLd1EKhfQkFTa7ELkZOesidv88l1w
Request Chain 155
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBbGBPTkK4E25clr3lSgANQ&google_cver=1&google_push=AehlK4DNXJUI_l4kNQDEaceDVvOHAnUDjhGzDAIr-d8bUk0gCtd38ymrafsIO3BkwIJtZ1fsEmMk9xdLXNz4qQCUKHXpihL_48PQg8fvkEvX2fLDmHpJxLAwgU2a2GXnlLPPocP5YUz8D40 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DNXJUI_l4kNQDEaceDVvOHAnUDjhGzDAIr-d8bUk0gCtd38ymrafsIO3BkwIJtZ1fsEmMk9xdLXNz4qQCUKHXpihL_48PQg8fvkEvX2fLDmHpJxLAwgU2a2GXnlLPPocP5YUz8D40&google_hm=ODIzNTE5ODkzNjgyNzM5MzM1Mw%3D%3D
Request Chain 156
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEAUA9z5iHpYUzY7-Gm0FJJI&google_cver=1&google_push=AehlK4DwZzvB34EsgBhaVc0nSgJMWWLF73EDFA_j45ZtI6CWR1hCPnQ2zM9WQUp9F6-MAnb6WUS_snD3BkZQncu4MxmUxz-pXSGrbfYHKYXWIATNC_F0XV2nQy6tOEbTL4GPE9Bn6WjhZA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DwZzvB34EsgBhaVc0nSgJMWWLF73EDFA_j45ZtI6CWR1hCPnQ2zM9WQUp9F6-MAnb6WUS_snD3BkZQncu4MxmUxz-pXSGrbfYHKYXWIATNC_F0XV2nQy6tOEbTL4GPE9Bn6WjhZA&google_hm=aeb3cc2c800fefeb2c2bc5f85f4007f7
Request Chain 157
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESENDe-n3m7-Mvh0sH1ltnvOk&google_cver=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C41k4omabjphaQAZq5-izT391Dv8sDqtyHqcTVg35r_E0U3h5xyxXbgX4Hh0x9sdY8pF0GHx90 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESENDe-n3m7-Mvh0sH1ltnvOk&google_cver=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C41k4omabjphaQAZq5-izT391Dv8sDqtyHqcTVg35r_E0U3h5xyxXbgX4Hh0x9sdY8pF0GHx90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=7xA8EyzJR2Oc3QO8g3mUEA==&no_redirect=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C41k4omabjphaQAZq5-izT391Dv8sDqtyHqcTVg35r_E0U3h5xyxXbgX4Hh0x9sdY8pF0GHx90
Request Chain 158
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEENNMiCzolA-EpS97Oxdjmo&google_cver=1&google_push=AehlK4AtaPIJ8SU8iZUzvAeET4SLiAaSCYLl2vcc9YUr47zqxQLZFRJAO9_2hcTj76dr73fG7Q74AVgeiXJ59pVQaQ0vOK0R86PfssLhv7fZ-6mVs8aRqJApYNG4PWoxzZQ44aaZprUqA4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWQ0N2M2ZjYtOWY1MS00NTk3LWJkODAtZmI0Y2ZmZTZmNDdh&google_push=AehlK4AtaPIJ8SU8iZUzvAeET4SLiAaSCYLl2vcc9YUr47zqxQLZFRJAO9_2hcTj76dr73fG7Q74AVgeiXJ59pVQaQ0vOK0R86PfssLhv7fZ-6mVs8aRqJApYNG4PWoxzZQ44aaZprUqA4w
Request Chain 161
  • https://px.owneriq.net/ecmg?google_gid=CAESELf30i1xbavsTXcZbLAMetg&google_cver=1&google_push=AehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBaLOv5WArGeuEsnKOCHA-ExxtglPXZczJ2IXKY1TTM HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBaLOv5WArGeuEsnKOCHA-ExxtglPXZczJ2IXKY1TTM%26google_cver%3d1%26google_gid%3dCAESELf30i1xbavsTXcZbLAMetg%26google_hm%3dUTcxMDgzMzMxODE4NjI0NzI5NTQ%3d&uid=Q7108333181862472954&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBaLOv5WArGeuEsnKOCHA-ExxtglPXZczJ2IXKY1TTM&google_cver=1&google_gid=CAESELf30i1xbavsTXcZbLAMetg&google_hm=UTcxMDgzMzMxODE4NjI0NzI5NTQ=
Request Chain 162
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED6z-LA_KdsuQuO8MHKlrbs&google_cver=1&google_push=AehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6z-LA_KdsuQuO8MHKlrbs&google_cver=1&google_push=AehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 163
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEFAyyHRZd7rZ_c_RpU4BqKg&c_param1=AehlK4C9VHFocb_XQKboxuOdPvkRlmf0B2apIarUYYTP9mraMjhBa93E_OmmW_gJIPPm3gnE9Zb0qcVVg5hNP-GVkM7adB0pj2opObhzKR6Bwiq5BrK7t6snVlpgoov0M8SgxfSCPBQTN77u&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4C9VHFocb_XQKboxuOdPvkRlmf0B2apIarUYYTP9mraMjhBa93E_OmmW_gJIPPm3gnE9Zb0qcVVg5hNP-GVkM7adB0pj2opObhzKR6Bwiq5BrK7t6snVlpgoov0M8SgxfSCPBQTN77u
Request Chain 164
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBqVDOjTKBqsuhJIIua345w&google_cver=1&google_push=AehlK4BnXRc5W9d8YDIlytAZcWcZj7Zn52x4Yf41G5B94-ZvB1k-StBpoS-2LbUDXWpBBPEIcms-1K6Lp-5M5jPYFj8qaGwsp2l_1xzesEryi5ZQEVlp13-q1fPnINAteC3ZfwFb2_nNU-BG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzZjNGU2NzFjMzQ0NGZmZjY1MjUyNmU1NjU5NTU0MWI=&google_push=AehlK4BnXRc5W9d8YDIlytAZcWcZj7Zn52x4Yf41G5B94-ZvB1k-StBpoS-2LbUDXWpBBPEIcms-1K6Lp-5M5jPYFj8qaGwsp2l_1xzesEryi5ZQEVlp13-q1fPnINAteC3ZfwFb2_nNU-BG
Request Chain 165
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEATfg1QgyMvs9UdivM3JXCo&google_cver=1&google_push=AehlK4CaGVXGKDCmn6qNxgQa3n12xWRRa1zDxcQNIGeFb8itzgd1hPGwxLkmh_HCFk4AIFVZB2Lf2Z6jKGPV1AadYKUvPbcOGwXdIqDp3Yy-UdJljmZUwwfXAnCJpV3Cr4YsT9R0yo7S00mE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4CaGVXGKDCmn6qNxgQa3n12xWRRa1zDxcQNIGeFb8itzgd1hPGwxLkmh_HCFk4AIFVZB2Lf2Z6jKGPV1AadYKUvPbcOGwXdIqDp3Yy-UdJljmZUwwfXAnCJpV3Cr4YsT9R0yo7S00mE&google_hm=NjM4OTYwNzU5NTE3MDQyODIwMw%3D%3D
Request Chain 166
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMBlY81h5gQCU5MbPCHJTLs&google_cver=1&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQF1AHXDSfU3eK8VGWFEOvTj1Fw_755n5WTNqVXrLf-rXgqTBPqEtiTuPlsVPhojtX HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMBlY81h5gQCU5MbPCHJTLs%26google_cver%3D1%26google_push%3DAehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQF1AHXDSfU3eK8VGWFEOvTj1Fw_755n5WTNqVXrLf-rXgqTBPqEtiTuPlsVPhojtX HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1193109803054947163&exchange=193&google_gid=CAESEMBlY81h5gQCU5MbPCHJTLs&google_cver=1&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQF1AHXDSfU3eK8VGWFEOvTj1Fw_755n5WTNqVXrLf-rXgqTBPqEtiTuPlsVPhojtX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExOTMxMDk4MDMwNTQ5NDcxNjM&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQF1AHXDSfU3eK8VGWFEOvTj1Fw_755n5WTNqVXrLf-rXgqTBPqEtiTuPlsVPhojtX
Request Chain 167
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELYGLvw2rvtivYwTNAudXWc&google_cver=1&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkGJFSkp72PgRiATcb9wxMlD2nofSFMigCtG73KUpzFtOUwdc7jBYeDicGQdGGgOTU5zfBU3d HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELYGLvw2rvtivYwTNAudXWc&google_cver=1&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkGJFSkp72PgRiATcb9wxMlD2nofSFMigCtG73KUpzFtOUwdc7jBYeDicGQdGGgOTU5zfBU3d&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naW9ObXBCRTJ1RUpmdlE0ajRpUmRNU0E0OC5XZmMwM35B&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkGJFSkp72PgRiATcb9wxMlD2nofSFMigCtG73KUpzFtOUwdc7jBYeDicGQdGGgOTU5zfBU3d
Request Chain 238
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Request Chain 240
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 241
  • https://ssc-cms.33across.com/ps/?_=1657546920690.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=119247657947133
Request Chain 242
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968625780200756773&expires=30&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=2a4a299e-ac66-4131-8227-6fe993cf126f HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2a4a299e-ac66-4131-8227-6fe993cf126f&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 243
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1657546920690.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=833a62cc-28a8-4400-9b6f-8592905e9c76
Request Chain 244
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-NaCAFoNE2uHvbPFXV7LeJDIKvWBxjI2q~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-NaCAFoNE2uHvbPFXV7LeJDIKvWBxjI2q%7EA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 245
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=70a922e7defe08ef&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADLT1XaEAsGAMZ8C1lAAAAAAA&expiration=1657633320&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADLT1XaEAsGAMZ8C1lAAAAAAA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 246
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1660138920%26external_user_id%3D8bf691ed-cd25-49cd-9719-a63df514c4e4 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660138920&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4
Request Chain 250
  • https://istr.izlesene.com/data/videos/10487/10487510-480_2-170k.mp4?token=y8Nl9gx9jtzzrhvY9QJGPQ&ts=1657636920&playername=npm_finanswebde HTTP 302
  • https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=cMQZD-vQ_yf5bRfN3gHKWg&ts=1657633322
Request Chain 252
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L5GSMYYL-1A-6KSM HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L5GSMYYL-1A-6KSM HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5GSMYYL-1A-6KSM&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 259
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GSMYYL-1A-6KSM&sigv=1&esig=2~c3a91bb8f6a49f1f1041bbbc443399847f929780
Request Chain 260
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzQyNjZiMWRjYzQzYjRlNzRiYzJiZWU0ZDc1YWRmZjUxYmI4NTFmNg
Request Chain 261
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GSMYYL-1A-6KSM
Request Chain 262
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHU01ZWUwtMUEtNktTTQ==
Request Chain 263
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 264
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NZwlUhoYSRG92nBHwItd1w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NZwlUhoYSRG92nBHwItd1w
Request Chain 265
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oT8rDdaeRjWIV6JbTp6cNA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oT8rDdaeRjWIV6JbTp6cNA
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAzGUWNJCKG6lSI4r9ykSVE&google_cver=1
Request Chain 268
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=42aae90a-9e06-c990-57fe-c43e7eabc578
Request Chain 269
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=1ddfae83
Request Chain 270
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4359RdpE2uHJ8IR2KEfmRAtg3LUBEvcvvOx0HE0-~A
Request Chain 271
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOky993OjHh7daGX2LF2I8Y27eNC13jnodnrn4JA
Request Chain 272
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6194901517463905172
Request Chain 273
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E9T1uBZH6n51xHEpQK-Jzp2M
Request Chain 274
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d47c6f6-9f51-4597-bd80-fb4cffe6f47a
Request Chain 275
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=1a8d6075-da75-53c0-b5b6-58b7d77a701e
Request Chain 276
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3005485211454630000V10
Request Chain 280
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 284
  • https://um.simpli.fi/lj_match?r=1657546921009&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=3A9F3ACFC9154E91B5311C1A60034D6F
Request Chain 285
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=Gib7Ry8m9zpbJtKqGnOh&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 286
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1657546921252 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2316654642 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8bf691ed-cd25-49cd-9719-a63df514c4e4 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc259a-ad73-4226-accf-e14e7c369d62-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-0afc259a-ad73-4226-accf-e14e7c369d62-005 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a941c98b-954d-4487-9ce7-5764e6939bfe&expires=1&user_group=5&ssp=fmx&bsw_param=2a4a299e-ac66-4131-8227-6fe993cf126f HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=
Request Chain 288
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=UVZFvszzqWOq&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 290
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RTlUMXVCWkg2bjUxeEhFcFFLLUp6cDJN&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 291
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=3Jc0HNidNkbHkWVNj8N6G9vDYUzHkTZJ0sFfQOUK
Request Chain 292
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
Request Chain 293
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=968625780200756773
Request Chain 294
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
Request Chain 295
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=6194901517463905172&gdpr=0&gdpr_consent=
Request Chain 296
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=E9T1uBZH6n51xHEpQK-Jzp2M&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:47cc0f51c742ab4c9a2fb927ebba91b9
Request Chain 297
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=ef103c13-2cc9-4763-9cdd-03bc83799410
Request Chain 298
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
Request Chain 299
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RTlUMXVCWkg2bjUxeEhFcFFLLUp6cDJN&gdpr=0
Request Chain 300
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=L5GSMYYL-1A-6KSM&gdpr=0
Request Chain 301
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=E9T1uBZH6n51xHEpQK-Jzp2M&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Request Chain 302
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/fr/epx.gif
Request Chain 303
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=L5GSMYYL-1A-6KSM&gdpr=0
Request Chain 304
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=7091436072324207667&gdpr=0&gdpr_consent=
Request Chain 310
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4&expiration=1660138921&gdpr=0&gdpr_consent=
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YswopvRNebm77TagTrJF1QAAAeAAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJFig9LjrDodgeOTj-1ZYE8&google_cver=1
Request Chain 313
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625780200756773
Request Chain 314
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673444521&external_user_id=2f0bd56f-b916-4612-bdb7-39f10a857788
Request Chain 316
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YswopvRNebm77TagTrJF1QAA%26480?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YswopvRNebm77TagTrJF1QAA%26480
Request Chain 318
  • https://c1.adform.net/serving/cookie/match?party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06
Request Chain 319
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YswoqQAPhODTGgA2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YswoqQAPhODTGgA2&gdpr=0&gdpr_consent=&_test=YswoqQAPhODTGgA2
Request Chain 320
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Request Chain 321
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeHdFN0ZtRkVBQUE4b0ZnV3VuQQ&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABSJk7FmFEAABLfOoZ8lw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSJk7FmFEAABLfOoZ8lw
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M_PW-LzIQ0i-FZaCQBgKBg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 323
  • https://idsync.rlcdn.com/420486.gif?partner_uid=33F3D6F8-BCC8-4348-BE15-968240180A06 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=06905393e18ff9a26a8b7d71ec1b7d9b30dd674cdfd434d3aabb037ee2254c30791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwNjkwNTM5M2UxOGZmOWEyNmE4YjdkNzFlYzFiN2Q5YjMwZGQ2NzRjZGZkNDM0ZDNhYWJiMDM3ZWUyMjU0YzMwNzkxNDI2YjU0MTdkY2UyMRAAGgwIqdGwlgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwNjkwNTM5M2UxOGZmOWEyNmE4YjdkNzFlYzFiN2Q5YjMwZGQ2NzRjZGZkNDM0ZDNhYWJiMDM3ZWUyMjU0YzMwNzkxNDI2YjU0MTdkY2UyMRAAGgwIqdGwlgYSBAgCEABCAEoA&google_gid=CAESEBNa6GwgXVdl1lVNc-I9mBQ&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=31a3d8d9-2693-44f9-ba93-71b09696f163
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=833a62cc-28a8-4400-9b6f-8592905e9c76
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzNGM0Q2RjgtQkNDOC00MzQ4LUJFMTUtOTY4MjQwMTgwQTA2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMgb-eBsdTrY0XxPkFu1hPk&google_cver=1
Request Chain 327
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
Request Chain 328
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7236114210353484851&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 329
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8bf691ed-cd25-49cd-9719-a63df514c4e4
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=33F3D6F8-BCC8-4348-BE15-968240180A06&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rVSbS1pE2uUQ6QUmFMhzhzMc3pxdQwk-~A&gdpr=0&gdpr_consent=
Request Chain 332
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression&khaos=L5GSMYYL-1A-6KSM HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=rubicon&uid=L5GSMYYL-1A-6KSM HTTP 302
  • https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L5GSMYYL-1A-6KSM
Request Chain 334
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7452286992467268659&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 335
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YswoqQAPhgLTIAA2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YswoqQAPhgLTIAA2&_test=YswoqQAPhgLTIAA2
Request Chain 337
  • https://match.adsrvr.org/track/cmf/openx?oxid=ed16ece8-eba7-7eb9-d32e-6e4244c74bf0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bf691ed-cd25-49cd-9719-a63df514c4e4&ttd_puid=ed16ece8-eba7-7eb9-d32e-6e4244c74bf0&gdpr=0&gdpr_consent=
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
Request Chain 340
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6194901517463905172
Request Chain 343
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 345
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L5GSMYYL-1A-6KSM HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L5GSMYYL-1A-6KSM
Request Chain 350
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Request Chain 351
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3f5080b8-011f-11ed-8a48-7928c69fc35f
Request Chain 352
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sPtn5R41RshEyzTAZGtoS5U4mbI
Request Chain 353
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005&rndcb=4716396657 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=2a4a299e-ac66-4131-8227-6fe993cf126f&google_hm=MmE0YTI5OWUtYWM2Ni00MTMxLTgyMjctNmZlOTkzY2YxMjZm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIDxlcTd630idq92mDetg6c&google_cver=1&ssp=adconductor&bsw_param=2a4a299e-ac66-4131-8227-6fe993cf126f HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/2a4a299e-ac66-4131-8227-6fe993cf126f?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc259a-ad73-4226-accf-e14e7c369d62-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0afc259a-ad73-4226-accf-e14e7c369d62-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
Request Chain 354
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=805fc764-8f73-4e95-9f82-0f3fbf33c7b2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=33F3D6F8-BCC8-4348-BE15-968240180A06
Request Chain 355
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=679997214942
Request Chain 356
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZuvqWjKQ1OaTFN5&gdpr=0&gdpr_consent=
Request Chain 358
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7108333181862472954P
Request Chain 359
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b957b40a-62f4-44a9-bb5f-7db7febc4d49-tuct9c5ae2b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 360
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=R2AE12GeCIG9umgLrCjMYg
Request Chain 363
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 364
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=21ff4873-c3ff-45e2-8823-055a996590ea
Request Chain 366
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
Request Chain 368
  • https://pixel.onaudience.com/?partner=214&mapped=33F3D6F8-BCC8-4348-BE15-968240180A06 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9cc618793616bd9e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=27b3192b52b861e5e228ea0e5bc9425d&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=8bf691ed-cd25-49cd-9719-a63df514c4e4&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=215b39d8d5b7f2180a89c51cdd897b24&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=252&mapped=y-JfeDgDdE2pQky.cygrgNYVWAIaP7WIAdSA--~A&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=5d472fba4d9be7e2
Request Chain 369
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=33F3D6F8-BCC8-4348-BE15-968240180A06&addseg=12,35,41
Request Chain 370
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=33F3D6F8-BCC8-4348-BE15-968240180A06&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=33F3D6F8-BCC8-4348-BE15-968240180A06&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 373
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3f4b8054-011f-11ed-bf3e-6f7d5681965a&gdpr=0&gdpr_consent=
Request Chain 374
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=56b66a6069408f1&is_secure=true&networkId=17100&version=1&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADLOJkUyIcjwMj9KYQAAAAAAA&expiration=1657633323&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 375
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6194901517463905172&gdpr=0&gdpr_consent=
Request Chain 376
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1
Request Chain 377
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=2a4a299e-ac66-4131-8227-6fe993cf126f HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=2a4a299e-ac66-4131-8227-6fe993cf126f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=5920572e-52ce-4898-be7b-d1f94c830691 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 379
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F2D9DC0D_292AD50B&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 380
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4187505635242364082
Request Chain 381
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B997DFDAAF
Request Chain 382
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6194901517463905172
Request Chain 383
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3666fb0e-1f8a-4dfd-8568-910f852545f3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 393
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:33F3D6F8-BCC8-4348-BE15-968240180A06 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=3fbb5910-011f-11ed-8084-0a02ecc458dd&companyId=673&id=pubmatic_id:33F3D6F8-BCC8-4348-BE15-968240180A06
Request Chain 405
  • https://rr1---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1657575724&ei=rCjMYs_kC9HOhwbY6Jr4DA&ip=149.56.153.178&id=27d460b8988573c4&itag=22&source=youtube&requiressl=yes&mh=-5&mm=31&mn=sn-t0a7ln7d&ms=au&mv=u&mvi=1&pl=25&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=2270.911&lmt=1657328705493698&mt=1657546143&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAN2x-plRUqsfyxd6VIINUltgtjQS7r3tcitQAgUlWfeHAiB6ZqzYBHadENZCmrrUA15nT13JpAdXw-jh8E0Oa5MpVQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANXjxYpYf-HHee02knGt9kh3J8Ro1W5BI8ehAsevwMVTAiAd0TUpbJeewdTcD940x-NcXOMj9qxMIE_nOguxAFrDnw==&cpn=9Galhk6BkUjCPJP_ HTTP 302
  • https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1657575724&ei=rCjMYs_kC9HOhwbY6Jr4DA&ip=149.56.153.178&id=27d460b8988573c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=2270.911&lmt=1657328705493698&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAN2x-plRUqsfyxd6VIINUltgtjQS7r3tcitQAgUlWfeHAiB6ZqzYBHadENZCmrrUA15nT13JpAdXw-jh8E0Oa5MpVQ==&cpn=9Galhk6BkUjCPJP_&redirect_counter=1&rm=sn-t0al7e&req_id=8654050fb9d336e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=-5&mip=2607:5300:60:7867::6&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1657546643&mv=m&mvi=2&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALwG1dpkNHzfCe3l9RNbAaC_UV8f_KvriGuY-IKdGi9eAiA_FTNpRw74nUZKMWV-zyfwqzE0eb64ML-g4E1RieOZUQ%3D%3D
Request Chain 407
  • https://x.bidswitch.net/sync?ssp=adagio&user_id=ebd1d762-e57b-4967-89e4-be3f547f5f96 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dadagio HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dadagio HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9ecd3041-af2e-4db4-884d-e53342792098&ssp=adagio HTTP 302
  • https://u.4dex.io/setuid?bidder=bidswitch&uid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 411
  • https://ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/B28094759.339917159;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=5477634978002161174;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/B28094759.339917159;dc_pre=CLqtxL378PgCFQ0KDAod2ZYLwQ;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=5477634978002161174;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23
Request Chain 422
  • https://ad.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=6e7d3cb0-00ac-4087-bdf4-da023a64d0af
Request Chain 436
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
Request Chain 437
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
Request Chain 438
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=sjcN-rY9D6CpMVyr4WND_bVjWKqpMQ-vvGHwCo7T

434 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request altin
finanswebde.com/emtia/ 		128 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
4b49190da40cbea727ab851832a48c4f26128c8b47f34bb1f07c382c116863c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Jul 2022 13:41:53 GMT
ETag
W/"1fecf-RF38ZcwYY16kF0uOzXe1PwfXy9k"
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express
x-cache
MISS
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-49264185-15
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cdf850156be632a84cb6cddd28dccb96b6e8890a1f44c660396386efa089324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40356
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 13:41:53 GMT
web.min.css
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/ 		235 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/web.min.css
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
79e3381adccea1f5cadcf8e81b189501b935f79475555dcbd8e8831f53c4b4e5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:53 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 10:48:12 GMT
server
nginx
x-amz-request-id
4JJ2BRJ4GW94E4J5
etag
W/"4d4d63749f73c010b081996d4d777087"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/07012021/web.min.css>; rel="canonical"
x-amz-id-2
GcExB563r6cX3ho007NNEbEAoABQwwWcVZB5hiybi3iddba4+IUO2ike/LTx+LkFyRWA4HTHIJU=
expires
Mon, 18 Jul 2022 13:41:53 GMT
detail.js
finanswebde.com/_next/static/0c76427b0e824aa3055905fbd79f9b0da1d4764a/pages/ 		160 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/0c76427b0e824aa3055905fbd79f9b0da1d4764a/pages/detail.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
1caa83c50f1dd66405a1636b78361c6990d98596f07f4ced0df3717b2fac08c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"27fa5-1813915fbbe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:53 GMT
_app.js
finanswebde.com/_next/static/0c76427b0e824aa3055905fbd79f9b0da1d4764a/pages/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/0c76427b0e824aa3055905fbd79f9b0da1d4764a/pages/_app.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
3b96281a4d7f0a6dd75da09d47fb06e4f8417d743974dcd7a14ba8d5fbea33c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1fce-1813915fbbe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:54 GMT
webpack-d99145c68f82eafef3ec.js
finanswebde.com/_next/static/runtime/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
dcfd2026eab710c04b46105b32a10edb216c66c9c603d2f5c3704ea781d99342

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"a4e-1813915fbae"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:54 GMT
commons.8bee4b3c4194d042fb64.js
finanswebde.com/_next/static/chunks/ 		617 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
38097f414378d7437ae11ec8d1779cf09b169d8e5205ff59d83b61c3de0b929e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"9a381-1813915fbb2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:54 GMT
main-541f01c65744a5c2c60b.js
finanswebde.com/_next/static/runtime/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/runtime/main-541f01c65744a5c2c60b.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
70083d81f4abc958e43215542c5543afedd6294b03d1d544934118c5e2ea054b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"4629-1813915fbba"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:54 GMT
hms.png
finanswebde.com/mobile/images/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finanswebde.com/mobile/images/hms.png
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
ef677dc1926cbfa2aa4e0f3a2cd13cc318d2d968cbfd2bcc5d7eb9a94ff13034

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:54 GMT
Last-Modified
Sun, 15 Aug 2021 06:13:47 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"6287-17b4871e09a"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25223
Expires
Tue, 11 Jul 2023 13:41:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3c01b4b2520d761ee7409a2b8339752f7b4be6342040278101f7df6f4ae26de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56418
x-xss-protection
0
server
cafe
etag
16211853572649382246
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Jul 2022 13:41:53 GMT
e8927eb029.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/e8927eb029.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11e623f6cb6978519f97a73de00c8633974b11405e184d292eab0602a0981413

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:53 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5Z5ZXYEN502X2B70
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ytIqsuErKezO2WJq3V3EFpXLqMafJUBIlXTnbzckiJ3o+T4380+EfiLTLHCvtmUcrKy5V+UjwEY=
last-modified
Thu, 01 Jul 2021 19:54:16 GMT
server
cloudflare
etag
W/"134c3d18e809fbefe83bc29f441b1463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgQUjgkR1ptRADb0w7Gx2cc9Xi85kLHn1nvJrHcMKKkeEbANNi6D6gQXDoatx3g46efH0%2FN%2B1KpB2Gpi18haQJCsfgnzUGduHsGPtfvtxPPjtR4CLKHQWBUXZy%2Fs4pZQEng5HcJgZeJxo88QsWASi4om"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7291f59359807157-YUL
outside.js
static.virgul.com/theme/mockups/adcode/ 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
afe58ab7af103e3300c88f81a386f06eddefb1f786f94e1c435024ac6c4308c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:54 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 09:46:32 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
Flaticon.woff
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/font/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/font/Flaticon.woff
Requested by
Host: finanscepte-xuoe622gjknvdey.stackpathdns.com
URL: https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/web.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
a290abc20f0b59dc02b4f83a189b9830ee4f7c1110318dbdbb6bd8e19cc84407

Request headers

Referer
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/07012021/web.min.css
Origin
https://finanswebde.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:53 GMT
last-modified
Thu, 11 Jul 2019 15:08:07 GMT
server
nginx
x-amz-request-id
8C3MX4Z29CX2Y77T
etag
"d692e40c5d9f2c580f1b78ad3c0b706e"
x-cache
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/font/Flaticon.woff>; rel="canonical"
content-length
9184
x-amz-id-2
Cwqiu1pRDm02+iDXl1qCtdgjmmlscxBUYShQG7EwUO4M64WrDTk6TDxV7c5id8Gdp1NOzZ6HaMk=
expires
Mon, 18 Jul 2022 13:41:53 GMT
e8927eb029.css
use.fontawesome.com/ 		1 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/e8927eb029.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2259fd47c8c7d4495d954f079cab5f532a7b6747a358a3e8fd92209348b0a8a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:54 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NTRXW68DQN0FXH9N
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Kjae1p1vti68sadEEJOtqiOCYQOxxPGm3oVkYy1mdmt4ujOZEMwc8/3pnNgO/uAiOwEA1InI+uY=
last-modified
Thu, 01 Jul 2021 19:54:16 GMT
server
cloudflare
etag
W/"a00e40ff4ad7d4534f920814436d32c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JciJ85AN%2FZh4wXPTgGcBVEBleOEqFIkgz%2Fhz0V%2BEL7GY0BxkLSw9SfAF6Y8CjkA74Oz%2BKeSKmgqVWDIi4obz8StYwwKtj%2BwzdSn0IiKvLkd9Fne41RejcIMegZJEU6Nkoget8xyRx5Lp6iXrOEY8b%2FLC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7291f5957c297157-YUL
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49264185-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2728
date
Mon, 11 Jul 2022 12:56:26 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Jul 2022 14:56:26 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-924247547&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49264185-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eacbda4dddda7b6cd5e027cb8aed2cedb8bf4e1923f3493e20b59c32b52e8ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43963
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 13:41:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 7659 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
61796
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 20:31:58 GMT
etag
10429905676100781186
expires
Sun, 24 Jul 2022 20:31:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1922024537&t=pageview&_s=1&dl=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&ul=en-us&de=UTF-8&dt=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1184451474&gjid=1390594509&cid=783307744.1657546914&tid=UA-49264185-15&_gid=1898217932.1657546914&_r=1&gtm=2ou760&z=973116924
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.fontawesome.com/e8927eb029.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
K7K0THYQ96VNEJP7
x-amz-id-2
rU/viUmgijuqli49HvCaXbrtIiMj5zQGFnS2WqhEgix7uS9L0RUR7kqVRw89/FXc+PfAJfy/Kdc=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twmlrfm2hGCtu8F85p4V5hlVpYTKCdvVt8UCxnA3oGO0maXdhS7%2Bck15NELUR3dNsGue5DsFDGt1%2ForbZjJ3uFc7uh8FO5OpotNwOUrd5tP9MfbX8TdHScLXkyvB0o%2BS8LbMKnystrUYp4k6gGFVymx2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7291f5961f344bb8-YUL
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924247547&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
cafe /
Resource Hash
f339bf56ad8afee196e4fc0b372309b0182860243c807c6577f3a3d64fcc1a4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15167
x-xss-protection
0
server
cafe
etag
11554697858837217958
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Jul 2022 13:41:54 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/e8927eb029.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/e8927eb029.css
Origin
https://finanswebde.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:54 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NTRN12FHRCN3MJW5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
oD2o35ABehvIxNo+jdxnncAQBLyRTjoBCBWrvULxpRZlwX7Njw9fE3acXCJgWUQWznobFVSxgU0=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmaS5mwj3K7mP0Akl872fr7%2FKDgsUSL2o1G6IRAwBZIPRHo7YFfde9%2F%2FsJL%2B3o%2BuGdBw4jUU4GJrf8SrzTTiXgboXfKWPZbF4APQKrAWA7w73j%2FYP3MzmNcLaydcGfSEFueu6AbOGyjlZY%2B6zD5MHeJT"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7291f596ab5f4bd7-YUL
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-49264185-15&cid=783307744.1657546914&jid=1184451474&gjid=1390594509&_gid=1898217932.1657546914&_u=YEBAAUAAAAAAAC~&z=1376766092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jul 2022 13:41:54 GMT
content-type
text/plain
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/?random=1657546914414&cv=9&fst=1657546914414&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa760&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tiba=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd54af9a06cde1dd6a85709949646690a7a7e7085aa50288fe11eac2ec4dad9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49264185-15&cid=783307744.1657546914&jid=1184451474&_u=YEBAAUAAAAAAAC~&z=191761431
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-49264185-15&cid=783307744.1657546914&jid=1184451474&_u=YEBAAUAAAAAAAC~&z=191761431
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/924247547/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924247547/?random=1657546914414&cv=9&fst=1657544400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa760&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tiba=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&async=1&fmt=3&is_vtc=1&random=4183072374&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/924247547/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/924247547/?random=1657546914414&cv=9&fst=1657544400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa760&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tiba=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&async=1&fmt=3&is_vtc=1&random=4183072374&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
b871e28f94a1481e60c8a1d53289e5ef4d603b55063cc67c35ab63db2589ee6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28112
x-xss-protection
0
server
sffe
etag
"1270 / 29 of 1000 / last-modified: 1657537564"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 11 Jul 2022 13:41:55 GMT
finanswebde.js
static.virgul.com/theme/mockups/fallback/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/fallback/finanswebde.js?dts=19184
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
8960045a0f15851413611eb6f4222e018bc397cf49be3ff0420390e96db405cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:41:55 GMT
last-modified
Wed, 15 Sep 2021 11:30:47 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
2560
content-type
application/javascript
ads.js
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 		120 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:41:55 GMT
last-modified
Wed, 25 Dec 2019 09:23:27 GMT
server
openresty/1.15.8.3
accept-ranges
bytes
content-length
120
content-type
application/javascript
pubads_impl_2022063001.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 05:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130816
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Jul 2023 05:23:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		148 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=finanswebde.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
dfba3a870c2fc34b914511160418b1b668e0722213b83e2e87fa53d7d0358034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:41:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105
x-xss-protection
0
expires
Mon, 11 Jul 2022 13:41:55 GMT
prebid6.24.2.js
static.virgul.com/theme/mockups/outside/ 		446 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
2490f6d25f36f22b59d07263d7a204027111dc5c7b98e51f6c66c7a01ca34fec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:55 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 11:28:48 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.119.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-119-124.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 11 Jul 2022 13:06:24 GMT
via
1.1 62997e8047323290451b8a864e88914c.cloudfront.net (CloudFront), 1.1 2cacac101b02e29f4681db92bacffa84.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:39 GMT
server
AmazonS3
age
2132
etag
W/"075df3dec453a3febd9aaae8d9bd0411"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD50-C2, ATL51-C1
content-encoding
gzip
x-amz-cf-id
J8BFeiggw8D9PZsmcI_RFW26wXYp5w_y5ZQkZDpPbExPJeFxtlhkMg==
pageview
ng.virgul.com/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ng.virgul.com/pageview?c=site_geneli&mt=1657546915305&v=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&r=finanswebde:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.32975439565537834
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
f80620d9648d28219c8c6b423326882e27f2b3bcd88206b119076dbc42fbfd74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:56 GMT
server
openresty/1.15.8.3
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin
https://finanswebde.com
access-control-allow-credentials
true
content-type
application/javascript
content-length
23825
expires
Tue, 04 Jan 2022 10:49:40 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffinanswebde.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.119.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-119-124.atl51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:55 GMT
via
1.1 2cacac101b02e29f4681db92bacffa84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ATL51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://finanswebde.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
G0EoGXRCKnsF6zdrwOS8MbCOuJPrsZ2dvrWZbHfor1r_DJAWomtIPA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.119.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-119-124.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:56 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
ATL51-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
via
1.1 c1e4a92dc10823ce70a0466c21ad9e1e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
_ulcPX2HC8gApLmKirpNRpUAg7hnihxIBwCu33tMKQDNj22Pev7mkQ==
stockMap
finans.apipara.com/json/v9// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//stockMap?auid=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
comment
finans.apipara.com/json/v9/options/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/options/comment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
/
cuneytekinci.ghost.io/ghost/api/v2/content/posts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cuneytekinci.ghost.io/ghost/api/v2/content/posts/?key=3ec7f28c39f563d6e90b173d71&limit=5&fields=id,title,created_at,slug,meta_description,url,feature_image,primary_tag&filter=tag:haber,tag:Yazilar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
auid,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
clear
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
date
Mon, 11 Jul 2022 13:41:56 GMT
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
server
openresty
status
204 No Content
vary
Access-Control-Request-Headers, Accept-Version, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-request-id
f5828a9d5de90e74ce99d0b06fce6ec9 f5828a9d5de90e74ce99d0b06fce6ec9
x-served-by
cache-ams12724-AMS, cache-yul12824-YUL
x-timer
S1657546916.912204,VS0,VE102
emtia
finans.apipara.com/json/v9// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//emtia?bank=1&website=1&code=ons&auid=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
stock
finans.apipara.com/json/v9// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//stock?async=1&auid=1&sortby=volume_try
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
comment
finans.apipara.com/json/v9/options/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/options/comment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
css
fonts.googleapis.com/ 		2 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c650cc89f6ef435f214537ae7eb227a084a465e0270c7896fb224b520829d73b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 12:04:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 13:41:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 13:41:55 GMT
d65e.3bdd5f1dbb8c32bcfa6b.js
finanswebde.com/_next/static/chunks/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/d65e.3bdd5f1dbb8c32bcfa6b.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
2cceac1929e30ad3d0ca4612a3aac4c58a8a097d6b1f9aadf0a141087eb5e66a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"55c4-1813915fbba"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:55 GMT
d6db.4bac1b495dfdaaeb8af9.js
finanswebde.com/_next/static/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/d6db.4bac1b495dfdaaeb8af9.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
29a18daaaccc2896c4f4c22efc02cd69ef78861b9250bf53ea3c9704f285e6d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1e53-1813915fbbe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:55 GMT
d926.5b9239abc7781d242b7c.js
finanswebde.com/_next/static/chunks/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/d926.5b9239abc7781d242b7c.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
24bf624ed768c1d266c62e624b1244c6990ca161138f9aebcd4dc9c0db7eb033

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"296b-1813915fbbe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:55 GMT
27f4.d5b7d19e7b8d3b04ec0d.js
finanswebde.com/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/27f4.d5b7d19e7b8d3b04ec0d.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
2db9402fc3a72ee838132d05171bb8428d9192abe23f1fd90c1e4221d51e6dfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"32c4-1813915fba2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:55 GMT
ba39.c978b26f220ac8ca87f3.js
finanswebde.com/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/ba39.c978b26f220ac8ca87f3.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
9ab0baca7a738a0ed49bd74f042400153d207a444f1675808802a3c2aa923322

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"c62-1813915fbba"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:55 GMT
1b5b.c778adc91d0ab2782614.js
finanswebde.com/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/1b5b.c778adc91d0ab2782614.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
c038f2f92310db4f32b756ed4de997ef499335657fc351ed95c21f48e91e2fa9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1369-1813915fba2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:55 GMT
e06e.695d6db8eb59caa0f2de.js
finanswebde.com/_next/static/chunks/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com/_next/static/chunks/e06e.695d6db8eb59caa0f2de.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/runtime/webpack-d99145c68f82eafef3ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
4f77143d53a55f7d543e285668bc7092e2aa24b59c95ae5c7ab8a2e512fb6ee9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Jun 2022 12:55:50 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"12399-1813915fbbe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 11 Jul 2023 13:41:56 GMT
stockMap
finans.apipara.com/json/v9// 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//stockMap?auid=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
5919c1a17b6794226484007c8a28339fb0d2b0b29965ccd42db94f235f7414e3

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
comment
finans.apipara.com/json/v9/options/ 		37 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/options/comment
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
e567bef53ed26bc959101ab4450b3803f0282330a98eceb9c8542384869d9899

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
cuneytekinci.ghost.io/ghost/api/v2/content/posts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cuneytekinci.ghost.io/ghost/api/v2/content/posts/?key=3ec7f28c39f563d6e90b173d71&limit=5&fields=id,title,created_at,slug,meta_description,url,feature_image,primary_tag&filter=tag:haber,tag:Yazilar
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
9f9a50a811205cf0f7e2cd03d957bfbc963d8cdfd849d476810e701ec7a42a01

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

ghost-age
0
date
Mon, 11 Jul 2022 13:41:56 GMT
content-encoding
gzip
age
16906
accept-ranges
bytes
x-cache
HIT, MISS
status
200 OK
alt-svc
clear
content-length
812
ghost-fastly
true
x-request-id
47318354a92a3aa8609b590d0ec7be92, 47318354a92a3aa8609b590d0ec7be92
x-served-by
cache-ams12734-AMS, cache-yul12824-YUL
access-control-allow-origin
*
server
openresty
x-timer
S1657546916.026099,VS0,VE85
etag
W/"952-UkzFgB7kUoZVD1lcZ/Wqb8KyAHI"
vary
Accept-Encoding, Accept-Version, Cookie
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache
MISS
x-cache-hits
1, 0
emtia
finans.apipara.com/json/v9// 		244 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//emtia?bank=1&website=1&code=ons&auid=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
552fa2dd8385f3e002ac62fce69eda85235e5bfc4e397cd69559c2e8416cdea3

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
stock
finans.apipara.com/json/v9// 		255 KB
256 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//stock?async=1&auid=1&sortby=volume_try
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
539a1e42f6c78424182e755abb7da38f5b27ecfc708f0ce735dc89af65f8eafb

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding, Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
finanswebde-light.svg
finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/nextjs/img/finanswebde-light.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
0fe02731c22e5466827e8f662f13266450cd5cca96f2fbc063331c8014bfb961

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:56 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 15:13:47 GMT
server
nginx
x-amz-request-id
C0T70TYJDTV42KWM
etag
W/"1d3c1b74ae39f68256ef408529734cce"
vary
Accept-Encoding
x-cache
MISS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/nextjs/img/finanswebde-light.svg>; rel="canonical"
x-amz-id-2
jrDbzIuUv/pGZo/otq+tuS6ZcFi5BGz3/+j3HE+FwEpX3sNpAoAyp/5BNVetjpWMUjmFnbmKQo8=
expires
Mon, 18 Jul 2022 13:41:56 GMT
28167a657f_250x250.png
finanscepte-xuoe622gjknvdey.stackpathdns.com/avatar/tmp/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finanscepte-xuoe622gjknvdey.stackpathdns.com/avatar/tmp/28167a657f_250x250.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.245.20 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx /
Resource Hash
790cc826cae7d0f00bb6730fa124aa3e95471970730e798065d14c06a9d85355

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:56 GMT
content-encoding
gzip
last-modified
Fri, 18 Feb 2022 02:18:39 GMT
server
nginx
x-amz-request-id
C0TF354G5F651M7P
etag
W/"d00f90a86ccf11ef655e65c168a3304b"
vary
Accept-Encoding
x-cache
MISS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3-eu-west-1.amazonaws.com/s2.finanswebde.com/avatar/tmp/28167a657f_250x250.png>; rel="canonical"
x-amz-id-2
JSt5D705LHL55iaqd1cpNTv0Li1pEtyYc7dDNGNnavNiyO7lU+A/0tgGbYKzZWUv/CQv4DNZ8WQ=
expires
Mon, 18 Jul 2022 13:41:56 GMT
comment
finans.apipara.com/json/v9/options/ 		37 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/options/comment
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
e567bef53ed26bc959101ab4450b3803f0282330a98eceb9c8542384869d9899

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v27/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 23:27:37 GMT
x-content-type-options
nosniff
age
569658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 23:27:37 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v27/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 23:27:37 GMT
x-content-type-options
nosniff
age
569658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 23:27:37 GMT
7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v27/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v27/7Auwp_0qiz-afTzGLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb9fb3698c9d5794121b184603b9d1e381f80ba0dc7ebd7991a3fd1774538a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 06:26:02 GMT
x-content-type-options
nosniff
age
544553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28488
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:32:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 06:26:02 GMT
7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v27/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v27/7Auwp_0qiz-afTzGLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&amp;subset=lating-ext&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb9fb3698c9d5794121b184603b9d1e381f80ba0dc7ebd7991a3fd1774538a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://finanswebde.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 06:26:02 GMT
x-content-type-options
nosniff
age
544553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28488
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:32:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jul 2023 06:26:02 GMT
converter
finans.apipara.com/json/v9// 		743 KB
744 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//converter
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
1a0835e73b15ae32e46d8dec8393664efb55095719033e8a364ee5d88643e483

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
converter
finans.apipara.com/json/v9// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//converter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
/
finanswebde.com/socket.io/ 		101 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=O7jVi76
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
/
Resource Hash
15f344d6b8c3fd1b310e40fcb9270ae44244be590bc5447439761edc46c92403

Request headers

Accept
*/*
Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://finanswebde.com
Date
Mon, 11 Jul 2022 13:41:56 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
101
Content-Type
application/octet-stream
notif
finans.apipara.com/json/v9/ 		530 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/notif?type=undefined&code=undefined&auid=1&more=1&last=
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
9a9e4e01ade298b9d0fead5787fc586db5fd430d59bbb014af09b5d01e56f930

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
notif
finans.apipara.com/json/v9/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/notif?type=undefined&code=undefined&auid=1&more=1&last=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:56 GMT
Server
nginx/1.10.3
/
finanswebde.com/socket.io/ 		5 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=O7jViEH&sid=j-taIQX-ykXVX-65AESH
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
/
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

Accept
*/*
Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://finanswebde.com
Date
Mon, 11 Jul 2022 13:41:56 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
5
Content-Type
application/octet-stream
/
finanswebde.com/socket.io/ 		4 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://finanswebde.com:8094/socket.io/?EIO=3&transport=polling&t=O7jViFy&sid=j-taIQX-ykXVX-65AESH
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
/
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

Accept
*/*
Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://finanswebde.com
Date
Mon, 11 Jul 2022 13:41:57 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4
Content-Type
application/octet-stream
market
finans.apipara.com/json/v9// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//market?auid=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:57 GMT
Server
nginx/1.10.3
market
finans.apipara.com/json/v9// 		159 KB
160 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9//market?auid=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
432facf1326797b5fbce3e8d76d0da21909b799e4e26473c80c0cc52573bd0cd

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:57 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
NoktaNpmPlayerApi.js
c1.imgiz.com/player_others/html5/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19184
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 11:58:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 18 Jul 2022 13:41:58 GMT
localstore.js
script.4dex.io/ 		483 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
261725
x-amz-request-id
tx86f8e995592547ee95ab9-00629f4bc7
x-amz-id-2
tx86f8e995592547ee95ab9-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMEHVSf3mUe%2FPTNYikKdNoaHk4%2B4uXwVYRrc3JC0lE1WV5SyMilbbgxzHSNzeDb3NMHigb5ELwNP5danjzZ%2F%2FrQr3lUG%2BCjUQ41YopywWj%2FQ3XoHYCrlDQrlMmof9jx%2F2aYDikgsZFNloy2u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
7291f5a87f164bca-YUL
finanswebde.js
static.virgul.com/theme/mockups/sites/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/sites/finanswebde.js?dts=460429
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
d04b3718c0e7c608862910165a3f4becac10f42a7339ddf0876eb08121ccb38d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:57 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 11:54:59 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:44:47 GMT
content-encoding
gzip
age
3430
x-guploader-uploadid
ADPycdsdVBKN8AoN3PfD9ByioCB3IhHDIOSN0NwNSAWCN81BskPn9qkkz-_lfyRmeZW4QgQm-AJlZzeDSPGYOmnCZhxwNx0mwONY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
7
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation
1649178504809914
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-meta-last-modified
2022-06-22T13:41:31.093Z
x-goog-stored-content-length
3690
accept-ranges
bytes
content-type
application/javascript
x-goog-meta-cache-control
public, max-age=57600
zoneview
ng.virgul.com/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1657546917144&v=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&r=153567@153435@153439@153492:finanswebde&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.223939116561102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:41:57 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sync
spadsync.com/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spadsync.com/sync?sptoken=dd39abde-1c08-4500-b3e4-77862baae7924cc0&sspid=n8k&ssphost=finanswebde.com
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.179.5.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-179-5-97.eu-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Jul 2022 13:41:57 GMT
server
openresty
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://finanswebde.com
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://finanswebde.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 11 Jul 2022 13:41:57 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
prebid
ib.adnxs.com/ut/v3/ 		138 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
53476c5323221181886894b7adc76f8b0b7ef6bb4e860d3166ce4641fab24703
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:41:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
71ebfb0a-23e6-41b1-a852-d30d21a76526
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://finanswebde.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		475 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=342518&zone_id=1808674&size_id=2&alt_size_ids=1%2C57&eid_novatiq.com=dd39abde-1c08-4500-b3e4-77862baae7924cc0%5E1&eid_pubcid.org=8e8b5408-13bb-470a-a77d-a2ccb74655fa%5E1&rf=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&kw=altin%2Cfinanscepte%2Cfinanswebde%2Cd%C3%B6viz%2Calt%C4%B1n%2Ckripto%2Cbitcoin%2Cbist%2Cborsa%2Chisse%2Cyorum%2Ccanl%C4%B1%2Cg%C3%BCncel%2Ckur%2Cfiyat&tg_i.ref=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tg_i.page=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tg_i.domain=finanswebde.com&tg_i.pbadslot=div-gpt-ad-1455783126174-15343921728129623web_finanswebde_grafik_ustu_728x90&tk_flint=pbjs_lite_v6.24.1&x_source.tid=f08f4da2-d9ea-45ec-b8bd-abe3407aa042&l_pb_bid_id=454552b17e1372&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29760288340650587
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c0083756ceec4dc311e9d1395e4cafda82c4ff1fd361e6d2c20fd4759bd8201

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:41:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://finanswebde.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
475
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=342518&zone_id=1808672&size_id=15&alt_size_ids=2%2C14%2C55%2C57&eid_novatiq.com=dd39abde-1c08-4500-b3e4-77862baae7924cc0%5E1&eid_pubcid.org=8e8b5408-13bb-470a-a77d-a2ccb74655fa%5E1&rf=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&kw=altin%2Cfinanscepte%2Cfinanswebde%2Cd%C3%B6viz%2Calt%C4%B1n%2Ckripto%2Cbitcoin%2Cbist%2Cborsa%2Chisse%2Cyorum%2Ccanl%C4%B1%2Cg%C3%BCncel%2Ckur%2Cfiyat&tg_i.ref=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tg_i.page=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tg_i.domain=finanswebde.com&tg_i.pbadslot=div-gpt-ad-1455783126174-15343521728129623web_finanswebde_masthead&tk_flint=pbjs_lite_v6.24.1&x_source.tid=d4f4128d-8e05-4a25-8f01-01db2cc39b34&l_pb_bid_id=572cf2bda136e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3528492881388108
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3e16ddd4d0c636670da74d57c516743d6dd1e3d09c495db05ed1ac50a1c66b6f

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:41:57 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://finanswebde.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.24.1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3e8a60c033a11d8176b40a7877b84b5f7e2668403eeffc111c5110813e188bb3

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 11 Jul 2022 13:41:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://finanswebde.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ 		250 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f3934e9af1ba4a78d3f2d46f9ba361dd1654f77e4f12ab0602b0bbdaca3c21d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:41:57 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d39770a1-30fb-48f5-b460-f6db03a6dd20
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://finanswebde.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
mp.4dex.io/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444574dde191cf15aa333688df4154345b4f1846a8f41f77abb0d3c039e6a5bc

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Jul 2022 13:41:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
access-control-allow-origin
https://finanswebde.com
content-length
889
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7291f5a8cb767133-YUL
expires
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.98 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:41:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.200 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:57 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.200 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:57 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
pbjs
useast.quantumdex.io/auction/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Jul 2022 13:41:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://finanswebde.com
access-control-allow-credentials
true
cf-ray
7291f5a8cba5ece6-YUL
openrtb
adx.adform.net/adx/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:57 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://finanswebde.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Mon, 11 Jul 2022 13:41:57 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
tag
pandg.tapad.com/ Frame 2896 		13 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&owner=P%26G&bp_id=noktacommedya&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
content-type
text/html;charset=utf-8
date
Mon, 11 Jul 2022 13:41:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx56817d9267a348778e015-0062a04eca
cf-ray
7291f5a90887ca6f-YUL
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-id-2
tx56817d9267a348778e015-0062a04eca
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLpLSwOetR0f766sYznHzQ1iVYEhCM3yqhHMkoJ95SVa1r%2FW%2Bp2W%2FiUXIFjMjGnUzHTIyzY3G4qTdruORRpyRbuWOFqi%2BAQOC2OFe7VDR25K0hYhvPfdTb%2B9LAu%2F5DbGj3o1BH2flEnT07L7"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176651393042
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
Authorization
notif
finans.apipara.com/json/v9/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/notif?type=emtia&code=altin&more=1&last=&analiz=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auid,token
Access-Control-Request-Method
GET
Origin
https://finanswebde.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 11 Jul 2022 13:41:57 GMT
Server
nginx/1.10.3
notif
finans.apipara.com/json/v9/ 		821 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://finans.apipara.com/json/v9/notif?type=emtia&code=altin&more=1&last=&analiz=true
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/_next/static/chunks/commons.8bee4b3c4194d042fb64.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.133.252 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.133.201.195.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
bb921a36ef278f7ff6324a4b8c09f863c5228170a279fd22da62b407e32cdc90

Request headers

Accept
application/json, text/plain, */*
Referer
https://finanswebde.com/
auid
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
token
_magic

Response headers

Date
Mon, 11 Jul 2022 13:41:57 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding,User-Agent
Access-Control-Allow-Methods
GET, OPTIONS,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3628800
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, origin,auid,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
onetag-sys.com/usync/ Frame AAB4 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=finanswebde.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=finanswebde.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3062165373676821&correlator=3155683927157988&eid=31064687%2C31068035%2C44761478%2C31068364%2C21065724&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=21728129623%3A36563801%2Cweb_finanswebde_grafik_ustu_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90%7C468x60&fluid=height&ifi=1&adks=384010672&sfv=1-0-38&ecs=20220711&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Dfinanswebde%26mt%3D1657546915305%26pager%3D1%2540site_geneli%2540finanswebde%253Asite_geneli%26host%3Dfinanswebde.com%26url%3Dhttps%253A%252F%252Ffinanswebde.com%252Femtia%252Faltin%26targetCtr%3D0%26pid%3Dvnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnet1137539b1a864cd3a1b59bee5a17c5cf&sc=1&cookie_enabled=1&abxe=1&dt=1657546917985&lmt=1657546917&dlt=1657546913748&idt=1542&adxs=196&adys=901&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&frm=20&vis=1&psz=930x0&msz=728x0&fws=640&ohw=0&ga_vid=783307744.1657546914&ga_sid=1657546918&ga_hid=1922024537&ga_fc=true&cbidsp=CswBCAEyB3Y2LjI0LjESDgoHcnViaWNvbhCSBCACEgwKBXNvdnJuENACIAISDgoIYXBwbmV4dXMQZiACEgoKA2FkZhCRBiACEg0KBmFkYWdpbxCmASACEg8KCHB1Ym1hdGljEKkCIAISFAoNc21hcnRhZHNlcnZlchCiAyACEg4KB2FwYWNkZXgQpwIgAhIQCglhZGZvcm1wYnMQiQYgAhgCIiRmMDhmNGRhMi1kOWVhLTQ1ZWMtYjhiZC1hYmUzNDA3YWEwNDIqAggDQNwL
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ebaa42d0c06f94b3bfd9c22b7124f8b488b7c88829fcadd89ea6f4e82f7fa20d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9963
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3062165373676821&correlator=1471503389617946&eid=31064687%2C31068035%2C44761478%2C31068364%2C21065724&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fif&iu_parts=21728129623%3A36563801%2Cweb_finanswebde_masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C468x60%7C250x250%7C200x200%7C160x160&fluid=height&ifi=2&adks=1971925398&sfv=1-0-38&ecs=20220711&fsapi=false&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26category%3Dsite_geneli%26viewable%3D2%26site%3Dfinanswebde%26mt%3D1657546915305%26pager%3D1%2540site_geneli%2540finanswebde%253Asite_geneli%26host%3Dfinanswebde.com%26url%3Dhttps%253A%252F%252Ffinanswebde.com%252Femtia%252Faltin%26targetCtr%3D0%26pid%3Dvnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&ppid=vnet1137539b1a864cd3a1b59bee5a17c5cf&sc=1&cookie_enabled=1&abxe=1&dt=1657546917993&lmt=1657546917&dlt=1657546913748&idt=1542&adxs=315&adys=159&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&frm=20&vis=1&psz=1110x-1&msz=970x-1&fws=128&ohw=0&ga_vid=783307744.1657546914&ga_sid=1657546918&ga_hid=1922024537&ga_fc=true&cbidsp=CuABCAEyB3Y2LjI0LjESEgoMcHJvamVjdGFnb3JhEGUgAhIOCgdydWJpY29uEJMEIAISDAoFc292cm4Q0AIgAhIOCghhcHBuZXh1cxBmIAISCgoDYWRmEJEGIAISDQoGYWRhZ2lvEKYBIAISDwoIcHVibWF0aWMQqQIgAhIUCg1zbWFydGFkc2VydmVyEKIDIAISDgoHYXBhY2RleBCnAiACEhAKCWFkZm9ybXBicxCJBiACGAIiJGQ0ZjQxMjhkLThlMDUtNGEyNS04ZjAxLTAxZGIyY2MzOWIzNCoCCANA3As.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
90c409f1ce2b25d07550d5c00929433fd8acf8f8aed6fd6f128981504d9233d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11744
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://finanswebde.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fab3be759e449d4daad5639d82fdd3c2bcbac1eae3232378b8ba4ee9a4c9d152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10861
x-xss-protection
0
container.html
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BECA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
expires
Tue, 11 Jul 2023 13:41:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5f34da2ce4b08a6a3a8f36ff
ng2.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5f34da2ce4b08a6a3a8f36ff?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=153435@site_geneli@finanswebde:site_geneli&l=&info=&os=&mt=1657546915305&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:41:58 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Jul 2022 13:41:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E79A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
40558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 02:26:00 GMT
expires
Tue, 11 Jul 2023 02:26:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FAEF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62cf6bfd6eb621d47669b6c34122e098485baa735cc2510cef7dc57921a060da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lPTDE7Sd3QvrNeOj6oGYNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-lPTDE7Sd3QvrNeOj6oGYNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
expires
Mon, 11 Jul 2022 13:41:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame E79A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:39:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
129764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 01:39:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FAEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=3062165373676821&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
container.html
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 744B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
expires
Tue, 11 Jul 2023 13:41:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=YswopvRNebm77TagTrJF1QAAAeAAAAIB
0
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=YswopvRNebm77TagTrJF1QAAAeAAAAIB
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBZXDfMKqT%2FqK7h7aG3MYzNnnHoiVSYomMwzDCtPd6GtYiKU5lBrYYphpR1I8AmE5ZvpilfknQ%2B4NMqo5XkuQ38DCd1rlIR1K%2BBAJtFnSYnSSC8fXaycRq6O6TSmUa9DxrRJFiEEG0fcJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://u.4dex.io/setuid?bidder=indexexchange&uid=YswopvRNebm77TagTrJF1QAAAeAAAAIB
cache-control
no-cache
cf-ray
7291f5b10d6a54bb-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
generate_204
tpc.googlesyndication.com/ Frame E79A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?D74dfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F393 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
expires
Tue, 11 Jul 2023 13:41:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E97F 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMfb37kCGNDfqqABMAE&v=APEucNV2RA97j0qTfWMUXQ3qbDd4USuvVkUttbeFxeITtfac5IyTYdthK4AwMoCqTFK0UwRWIJ07VWXpMf4kQmodC8fZPSybDw
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 744B 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dv8zVYnUBjvoIHHl6K2iIOUIvjGfCG740l3ITBhtG45syMwR7DSuWXfOvWHi20B6Yn2Sgy_ak1UXMWZJ1Sok3DGZSQLROVZ2ooKhxH7Zaeqqp9jplRopowMJCSolCepRiecPn36JlbQ9TbCUD9k7q8OprS5w&dbm_d=AKAmf-B00JRyWplA-hm1OmKN-7QHVJSCPcKY64XfwF2hotcrSjP8vYgO1P51-aBM33akatiahil5zq8KP85FuPOd2T1ijOzFVFzyQfbOAbXuyngEzS0wPCfnGs-MbpVhvHBOmG_myxK1ipYfj7fxHvqnce6EG_5yucwJLta-D9LioWA8-wqlUCuvHrdGXmctY5-xVqldW3l_6oB_xCsaXmcP7bioq1B-Ehf47Ascn2OTqEcwUVrc_A7PhJV_VMiR4SB2ynvY6sy4cwL2Q2gAll_RajYXAIAAyz-9leQgGsfCqrrYnoLNZ4J6Rp5JrNBrvGwBkVJ9efB0Zi7FTkqgTX4tNCszn0wwY_xBht9aNKqPe_8PcI8rgvhULiMEC94sPOr8RWDiJmwCrw6ZrGxI47aHZS5P3brRW0Nbf04MZaGui9tIb28ypdd3Or-KR-3Ex6u5vwuAwAHmjU-4n-XlnLgv5elDMpLrIy474JDocPHNB4AsS9WP0kzQK36z5m57ifkW5b69ruhnd28WxgUl2m9BZlS6qyzBOCK_Rta33QOx70TM45vp5LneHTD1XM0mrYSn1FjyjJWwKFsIUAofn87aHWdUsx_GiNIOeJKjycprRd6VTYUnGxCcvRJtTcM8t4cnqRYFnvtrqSNncDu0BXqQL3RM4wbMrxwAoBhRzMob0O4I0MMsKXYtguG9VFvtV9FGueAoACEcDqugk19LJtjB3tfYuzwmUh4wobNaVOMcOuKod9YI0yOIf0S8ovZHaPuU5zvoQHxCCajHJAM5ujGtzvGNZMlCaiys35mjnXLPskAE2JFcKuU0gAa807tboUsOxTRwKiQEaAF2aye5VncDrlNUgkW_eNfLiN6JnFflRmC5Vzr3iCKG_QqNZ5a-LSB1-GJCgIrTWzesHO95QFD90lsSKO3BxQvfho7bAAIcl7a1uypvFwu-lNYwvGI8rczh3oldFYqKkC9AVLHtjZlmUtRR1YERvcvutOAKrzHXH77UmNvwHFT3q1uiJyjEMgavx5TYutux9XBB837Tqc_yXRxSEZhM4_xVTcc9TpeWM_bseYdxSsiW6ZUwCGuTQOruKs4kZWDYHR3G4PhzyWgbfphBtiAT-6CLXQ6WljgWRsmjgAR4nt5SBIAZfypxOvHVZ-pyyDm9A_uwkDOgAbkxQIOI0t_I4Wal7AQyOrN2P_i4m3QiJUvG285R4eonM2GraK-vOtuuw2Pdkjz3hQM1OT5hmzNbSXHyhW52OS5u8SObKKssTUkEOJFOiALziOXlOlKWYyvav5VVFqbdSk1Z1shihDZw89XYgFGMLr2OGp5aImag87VKZhX4CZ1zes09jw-0KDsiJxh2qwKGFS-7TZAnTeu9JlqV9E3uFfDV0F_p4yI1oh0HJI7YRNhgElQPnHbSLNXm4HXdJz3uaK_aKRQNjvFVeGIB-Q-tTK7BD08QD5G4eamAXZMARmrgtxcy5V-fA5qCePrBFe-b8J-ObcDvBHBQfQtvXrcs4zIgC-a14Mfqj5N3SsPMRkVA1zM0XtDW7NurWHq3mlEimW_FDhTdFkUdBkBisI5SYceI8vmkIMyBfpD0F8vaN87TLoucYUB0TRf0H_I_t0CY1OyE1Kq755xezn_NuEqTgQwQjagDjxFHgCq9cm-F5X2JEXUeXrmNzi3WBkQ8mcCXMf-BMXQ-lwJa3wo4FG5bw4bLtFGNzkhJXPRIvYihtiEAiKXu1OijbHtCLSebNQ_OXRsDkrrAbj5yg5UJumpq-ku9Ridlf-WFrfqkYQPEewTjMucGXyQGZPn69xMTJ0JOnQsayMN3xsjw84q1Pt-VwcU67T1X9-SyDgsMsmbu-BVlbqLOwmhZhTQWV2Gb6QI48pxx8n5zF74tcnP9TTfhKreN539q1DtSbR8RSjBXHwwb2joOIRAUGP7iGziVI1xDbhhO033DtlbYDEaqVrTLsZVwE1SMCTt428GEeDqeFtTWqJ4_V06AG3RolcUK4Sh_p_iQAVsu1yNBUiByjrlMGmg6oZdEWu_cTPju5p3rcYkoZYp725S9PCrvJC8ewlrLwHK6BDqXhrQ6dAnbcVGwQjZmxSdq0LMbZFH1TBrCc6DQS7zcIRAWu17nIvPutXzs_0euAsoKGtvOYixTT0V_UC-CobOI54WKmjBNL5jffcpOYmQ97fMJJTIL7TN4d2712vPWys2TYcPLOsxjwavwnzDCYgMbEI-vbhC2YXiCUqZ1zZVOGWTOJUgFVXOPKiGV47Vwz9Oz_9lLYovz1wmHAN9snSqp_FRrTl94KjNGBXmA0Kl4WPTesndpeiHKCSssDC6Xx17g87D6V6dtimw29sj7DIa6NwLpWR4SEKREh1GME6MCbzT6LND8Zuih3scX3Zazk9L23fDoWebt5Yoif-688QfYMzmBbeFi2FKEYDy-OoCAnycPqIRTzWMH4rHFt-YQFgUubqSSAd5Q4HTmoIGR_RhefKXGE_hs7MdgGG_KrLo6Deo2UXnv_CP8LJ45v83jfjsnJwZENCa_RZ6_PZ5H9KHtoBn3GpmCB5L_p0F2de19ZcBXXMwfiF-bI90W0M0YEqYM_-4qiX_2Hu25qVYvBDXRBwlHxujYSDItLgZqgBX5mMaCp-RqV8thbkMGGNa2uAh1uRAuO-yABjlnnU-b8Mbb-3ahweyL5LNNzw8g2p3fMtX2djtsGJ2YHZ_VUemjMfZ5u7UhOXqS_qOfqc9hEVtN6QJX0DN_rHq3wOH8wf5F63TIeIuwTrs9pn3FT7DVavePwZ6h3facpCXJi1_UDd5qvid4ViqPgN7FpXc5Zzi-pgQxNDenXFxnL0gtm1cOgZjNf6a3civa5nu-l54UNJilxd8YctC4MbMXMJ6FyRSCnFs3ZMwQdhSpeSrWldsU8ZDu0xAwAvQKA8pFjDc87Dgkp_X-OjZ9gu_ZPZf_Mqpu0_XYok6ItlZIfn2j8MMKEODhFgqynWZbwP3MNDYVEuI6KbAOV-Sjb3x_bIlwly-6w-j3PDftdTMKfHwCCYL96eGWUo8W6B_YHKNxUFF5Q7C6N0h5kDL8Lsqu7J700IV2I_mwn2mIkPyJrheUKqtvXU9bt8my-6A_qT3VyhK8n1uMo9g0jjtv9QzmF9s632Spu20e8WLzbM8w62q7y5Mgc5HDipH4ZuW1Dcj4tBT7n53WwvyjdmtcdcFjILnivvws6mxcq0gc&cid=CAASJeRo--w7IHix1ZmU0PpZ2M36AG8BajdHPstsAUSFBWAH38GXmbo&rfl=1%2Chttps%253A%252F%252Ffinanswebde.com%252F%240
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7086175b8f7a118e076eaeee3b551090649c2c818b7e81b901aa1006a54348c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34144
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 744B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLMmiFgU6xSIRHxPMNfodlIkVktNbtNQIwBYDBelpWb9pw9YnUsIsb2pbtXjgpR74GxklfgH46Aqbp__rak3Ad_EatAltLKhQf4KYIjxWx9jzHr9o
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
s0.2mdn.net/pagead/js/r20220707/r20110914/client/ Frame 744B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:36 GMT
x-content-type-options
nosniff
server
sffe
age
22
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 11 Jul 2022 13:56:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 744B 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43254
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657132091081416"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Jul 2022 13:41:58 GMT
qs_click_protection_fy2021.js
s0.2mdn.net/pagead/js/r20220707/r20110914/client/ Frame 744B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:29:14 GMT
x-content-type-options
nosniff
server
sffe
age
764
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 11 Jul 2022 13:44:14 GMT
l
www.google.com/ads/measurement/ Frame 744B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8uYOhxnq7GP6kIpyjYe7Jb0GAIuaTgffEZQjrBoWF4LYcYTOcnrWG5uzwtx-NzRjI2u2Ve-MtgFhOOYu_wlgbREA0nA
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4F2A 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCy9b7HAhjA8PLLATAB&v=APEucNWf-h5QGeaDp9rlSbhNiXlvJ6-CgBq7V7QzMmzBrV2ZYvschCqilctIAG5zEZii4p_URoxASgzAY4ObANDSoz1X7ZOiKg
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F393 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIf6HYK_mJdMbiZfqrEj1l3aysEz1h40-AUs5WlM99tiIvsgcBYWIKi05rvyeQYmOew7TCRjUe3jo3Nxh1ocpDqiJY8Ym7DNi2pmofofIKy4WOi1HT9NltMHb400PYB-XdA5IgMbk-yHSBWIXI0_LfUx6h-g&dbm_d=AKAmf-D_e8RFJybgkP1Cf75dLzpRcIEabQCzxSApPNrJTYI9a1B8BWeOijUPVNqD7_zcoVpr7l7ei0mkC0MR4-dfgVp1Zlvv3WnNi0LRqSzFpxeS-wkneP54GOislpqAE9bVAmD0bXwpYqSKMBR2d5Zzf_Q8JSrUsbQmIoAzt-XcClc8Zi6ZBWl41zsFQTpxPzRBfxPqv64uBIgoIbTACX1m34UHqujuSNAn4VwG7kQjYWJzOb33unFSJipP8YR7eMHjBzVW--kHWomntkMwpYTxiITFoZLNYswDEkIhnM5Ki5NOA4n2lpfLQJJ9bXqwrj52lO8CWeTVJPvXYyns_grK-6cxLwCyE4sCVJfcxxgXqLtaDsYHG3DVB12GhAOzMAUDFf8fkVhJWG26bVPTbG6V2QZuehpMqA-ugXuESjFgt5hPxPviObe_BO3fxc9dtEgWb7T5pj03lDGFQ-6EMYFOcNgDq59hMwk1nUIRrS6EFi7qNGraZ4CCd1koPslRNFAL0vqFN-b14W-nPSJYN05Vh8WKYEw000kcuAba-P6-nHiQ533fWWkCIUEeCrBPrqpNhlt3EzhJL9fVfLQugFD7UMNNw1LJpdBx2X9ZHO8xmTVntCXA_RujVof-jG-JBUVVqS8wccUQbneOqgoeCiR9P9ukg9KeN3U0IDkBcFjT-Ih9r1okgVAVfTNARX6ccPHdJctvalYeHdtGxfZ-4P_TbcjGjMaNSPDP2ynO9fbA9K_Vu_K9tpib4W2iuhSAq7WJFpl9QijshgK-1kMPJ31X9obdrSq30KTKxPL4Vp5uRZ5rNT5yghTICbLRwpSAjJoouDw44loir-EFRuROxPappqJwxIoM6fwgdpn5eaU8TZ3LOygOxseQ-CjbwU7y4_1uK0-hx2_mnj9Ssu13XqXeoDDN8GJBtBF8kK3fKYQr8WEUy5XDXRp4ilFuUFOQfrSWvOVAW9vL8-VvbIveexlV4sjhEZyxFxkpRaSQlTo4Zow8Eg31LQOlWNOCJEKQaUVzpCICdNzoGr_RBeCy98QHTEkM6iv_85-dyU-BFvL0IZtOwMsoeI6WdsaoaGzKLjzKYVq8_lAZNqZn-5CErphJX7bf6Kjq4MW0OYra3n8kW17ch8HM9t8c4sgfVugRzaJX29vfPN_N835elzSc2VhqDDDNHl2mQR7XncL9Sg1h4Nl_VM4wqUIEaBIQ7GhHy2lWStODWZfwbkdj_eWa6Vo8iOj6OxdhOiMiXr9cdtVwaWLedf-95gtjo0hY07O4hQMf7FxZKPe6Gv5Ngl5SdrU7ODazBldRobMkb8hp96NGrIuopXVzFvZH2d9YgEEgPAX28O-l-SJeZN8FS4hWbmYlEWvqJNhjUaHS03BjYfsyLcuz6nF2BiXeNgLL2t01FaiDVFH1Ofi7PRPA--Y1hpmtxaCDQp40TKUOVo2J3LvdcvkgWQlFCm_9wkJyzS3vgYJiPZA0eH0CQIMP0QpZGh4ndAvYUlWH491gakUXXGcTIwlh3GfwgKzTG7mfaqcGWMG20fQKzV9PFVus4AADE8pIHaJdszX8G_wwibTR2MaGm2LWtjENKiFdltHiaHarunL5GWvYXqbi_SbE2lkoO3U-NFBGxhy_YmFyQZv_JqZe9W_kUfne7QmRnj78L-5O3R1-5-KrU2pc2nIbBdD4h7NpQ6b-Dh9qjmrplYi47HiJ2nOIe-JTKDku1Q9NoOS6Pbn6vvHgdCyoyFAIfMTELXBo1QY1Nu12frIpM2VT74Rg_k2-R2_WvCd8a6KRmfZ3yROTus1yz2MQKPZBEPf0Q_cJrkD6E0lowpl0lb8DtqcxwLFSWIoiMNx0LRzSPgZLcdAnPq4WyjLvfWVWBY3p-VRhh_Od8-gQ3ZbrgGmNj9A1e0LFOaul2fsh7TVVHuIEA_0scsHWd_Yquun9ls5jefa0YQOrqFXm-583JcmPBnnJ5oSkpXAvFfVfqoXAq0V2RMoUQ738pBDiEPDdLAev5uu2LSUY9_qMrEHyokbGYXyM2ZyR_a7AhaDrGTCLjXUasxjyDM9Nm8n9yoh2928WjKeFus529_fxYQNVLU8156SupqrChBQLs5ISN5hkdyFrVMBJqvB6emiSD3jGkcX9YpGkekvaXfW_OWPUYG4bDFJZ1YjdIwXoLsY8_3XsUp0tJ4IOgYEfbrGiQJd4jpQ0PQkL3NsOGeuYKqdkun4Gzmx6rBCjhWgtxc5Y11MgLl_VWHp23PigppKRZNbj7wOSPmYvT4eDybTeXg5SfhMq7dIcNZynNGYN2mGvGaTB4D0wSGG-7IqPa6eQAdK7qRdLCNLtFnXhuHeDwa-NRdE93XptXm1UmJGh7aU2GyfG9mparky_t0V11hEsXAdqNM_r1CpTfGefeiBjdRX6tvZww12YMl6oe6Bmp8kTTeVADUqmUWIFEMF8gAU2WSP615k_Lpc4OM8lFnBgT863dVBO9vR-61Fz-Ec6acRqgm7s9tgZNayFctnJn70wuXtUgVs9hy-RLoFO594pd-cYo8h1PFvmrkO1A3SM55ZKYKsynKRq2jQSEgAeiU5Wd-DnS0GTNFNoVfOrRHrVeV_o6mvXseoGLhEnHea6_n2lm2mC-_fNjGkmL-WHR0slAk-3sYWo1KFLQhw3BrXJrgmebWm4AJV4KXQ60KrN5v1tCrfPbgUyEo-U34DC9Nf9-n7w155EjqOsPTqpGaJ1dGsgfIuDtaFcd3ZsBBi8sypeqAjBGEbH0INRqFnlBGKDsqK29-PcOuJJN9ij14kzXuDPQNYs4lIJJWxq5yS9bCA2BaIoGFoYyh6VdWWw_nr7qwar1WR7X8eWCbArcJhFyN9qp47C-UuakG2Pkpw6kdYQqSmbx11WMBiw23ZZAgfTzy40qBPinef55HQW4XqNmmw8Fdyl3tXVFuX3N3I20ffZDoQ68t2XZQkQBDVdcOffQdYsNu-tTrWIb3l2eB7_pNP2RMkz1nDZLYC84I7DWHf5uPh1izA4IaTnkZiXlfi-bIZCVZr9M-iwQgdrU7eo7wsd6G0bIy6JbF_u_DHH-iF46pjK0oLkBM0aQ8b3nXzWB27UyCe7XRbL7QBH711-PcTrKsZ3MwbMJ6W-1kRp3_CSkLgzvvSvrqSOgW9eHjOJaOA0mMvDeJeaR9qkE4zRAVy_kbyKHasvc5j3JB1NkTQ3JNULHGq5LFsvNyc2SW9i-2cFpP_8raB8u9w3nKR7hNDurl6MVRJKgHZeP1che0fGXJ3gIlfd8NhmuwMxs9Two5KwGcB3kMVVaP6KZEYP400vxPzN_msARthU4whYkupDf1g9hfIuoC9qoGZppiWi&cid=CAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24&rfl=1%2Chttps%253A%252F%252Ffinanswebde.com%252F%240
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c39d4e8ccc4b98243e084f84568247e47f4cc8c806d5dea44b79fe32eb062d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18269
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F393 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeBdYqaO_HMjnuwT70XonHHC2gVck4CYhf2wxKAcN0MacWbtDRqJOq-VQaPPJOLK6_IzQLtMuHbIXrVR7IBbVgEVR2zhQkrAtDoJ18fUIWcFPHoFI
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F393 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1046
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:24:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F393 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43254
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657132091081416"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Jul 2022 13:41:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F393 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:32:37 GMT
l
www.google.com/ads/measurement/ Frame F393 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD1plhoK3ycqtkOwzo4wzpUbkED__gB3PLFyfdru7ee7wdhYxAeOXCmd6v9-a_BsMNueZAN7bVWQ9XupjvUbnsmWBkRw
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame E97F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMfb37kCGNDfqqABMAE&v=APEucNV2RA97j0qTfWMUXQ3qbDd4USuvVkUttbeFxeITtfac5IyTYdthK4AwMoCqTFK0UwRWIJ07VWXpMf4kQmodC8fZPSybDw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7291f5b318b2a1fe-YYZ
pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guRQprzZC2Tty1KNYvBRakQ3MnjhG0B%2F4NwXtzGwOpw8ld8yZYM1duYFHzYnCDrfn6vmUzM20VQ%2BLSY8YfE1PWgD4w3ya6trpEO3aCFRzOCTju2ESh3wq7vTCaa%2F2lYxyRKDmtvAIiQ38w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E97F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YswopvRNebm77TagTrJF1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMfb37kCGNDfqqABMAE&v=APEucNV2RA97j0qTfWMUXQ3qbDd4USuvVkUttbeFxeITtfac5IyTYdthK4AwMoCqTFK0UwRWIJ07VWXpMf4kQmodC8fZPSybDw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7291f5b318b3a1fe-YYZ
pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6r8gqW4iz8R6zg9DDAPSDfwWox07HXN%2B8ZTJt7QyRSQhEtcRpw9ALk8FPcuv9uZXxyB16V4w%2FtS369LoRnKJlyukSWqPMWolejyTX0kIsbqWw3uLByfLTN%2FC4ijDDRSvaXo%2BpfQu%2Fl%2BOPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIjt0ZAEZpP56LCYtBUTpQI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E97F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMnQ4IOtzIcOPmiaEXaB7Mw&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnQ4IOtzIcOPmiaEXaB7Mw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMfb37kCGNDfqqABMAE&v=APEucNV2RA97j0qTfWMUXQ3qbDd4USuvVkUttbeFxeITtfac5IyTYdthK4AwMoCqTFK0UwRWIJ07VWXpMf4kQmodC8fZPSybDw
Protocol
HTTP/1.1
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:41:58 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f77a962-181f-476e-88aa-6c8df52f2267
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMnQ4IOtzIcOPmiaEXaB7Mw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E97F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDkwMTUxNzQ2MzkwNTE3Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDkwMTUxNzQ2MzkwNTE3Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEMfb37kCGNDfqqABMAE&v=APEucNV2RA97j0qTfWMUXQ3qbDd4USuvVkUttbeFxeITtfac5IyTYdthK4AwMoCqTFK0UwRWIJ07VWXpMf4kQmodC8fZPSybDw
Protocol
H2
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:41:58 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c7d7446-c1bd-4061-810f-03351bf7ca27
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5NDkwMTUxNzQ2MzkwNTE3Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4F2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCy9b7HAhjA8PLLATAB&v=APEucNWf-h5QGeaDp9rlSbhNiXlvJ6-CgBq7V7QzMmzBrV2ZYvschCqilctIAG5zEZii4p_URoxASgzAY4ObANDSoz1X7ZOiKg
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F2A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE3OTNmMjItMjJkMC0yMDFkLWM2Y2UtMzRmYjhlMjU4NTkw
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE3OTNmMjItMjJkMC0yMDFkLWM2Y2UtMzRmYjhlMjU4NTkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCy9b7HAhjA8PLLATAB&v=APEucNWf-h5QGeaDp9rlSbhNiXlvJ6-CgBq7V7QzMmzBrV2ZYvschCqilctIAG5zEZii4p_URoxASgzAY4ObANDSoz1X7ZOiKg
Protocol
H2
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE3OTNmMjItMjJkMC0yMDFkLWM2Y2UtMzRmYjhlMjU4NTkw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 4F2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEP4z1R3JKUvlganu9zgDr38&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEP4z1R3JKUvlganu9zgDr38&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCy9b7HAhjA8PLLATAB&v=APEucNWf-h5QGeaDp9rlSbhNiXlvJ6-CgBq7V7QzMmzBrV2ZYvschCqilctIAG5zEZii4p_URoxASgzAY4ObANDSoz1X7ZOiKg
Protocol
H2
Server
23.60.1.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-1-46.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 11 Jul 2022 13:41:58 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEP4z1R3JKUvlganu9zgDr38&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4F2A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMyMTE5YTEtZTkxNC00NjZjLTg0NTMtOWMyNWM1YTExYmE3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMyMTE5YTEtZTkxNC00NjZjLTg0NTMtOWMyNWM1YTExYmE3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCy9b7HAhjA8PLLATAB&v=APEucNWf-h5QGeaDp9rlSbhNiXlvJ6-CgBq7V7QzMmzBrV2ZYvschCqilctIAG5zEZii4p_URoxASgzAY4ObANDSoz1X7ZOiKg
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDMyMTE5YTEtZTkxNC00NjZjLTg0NTMtOWMyNWM1YTExYmE3
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 11 Jul 2022 13:41:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame F393 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIf6HYK_mJdMbiZfqrEj1l3aysEz1h40-AUs5WlM99tiIvsgcBYWIKi05rvyeQYmOew7TCRjUe3jo3Nxh1ocpDqiJY8Ym7DNi2pmofofIKy4WOi1HT9NltMHb400PYB-XdA5IgMbk-yHSBWIXI0_LfUx6h-g&dbm_d=AKAmf-D_e8RFJybgkP1Cf75dLzpRcIEabQCzxSApPNrJTYI9a1B8BWeOijUPVNqD7_zcoVpr7l7ei0mkC0MR4-dfgVp1Zlvv3WnNi0LRqSzFpxeS-wkneP54GOislpqAE9bVAmD0bXwpYqSKMBR2d5Zzf_Q8JSrUsbQmIoAzt-XcClc8Zi6ZBWl41zsFQTpxPzRBfxPqv64uBIgoIbTACX1m34UHqujuSNAn4VwG7kQjYWJzOb33unFSJipP8YR7eMHjBzVW--kHWomntkMwpYTxiITFoZLNYswDEkIhnM5Ki5NOA4n2lpfLQJJ9bXqwrj52lO8CWeTVJPvXYyns_grK-6cxLwCyE4sCVJfcxxgXqLtaDsYHG3DVB12GhAOzMAUDFf8fkVhJWG26bVPTbG6V2QZuehpMqA-ugXuESjFgt5hPxPviObe_BO3fxc9dtEgWb7T5pj03lDGFQ-6EMYFOcNgDq59hMwk1nUIRrS6EFi7qNGraZ4CCd1koPslRNFAL0vqFN-b14W-nPSJYN05Vh8WKYEw000kcuAba-P6-nHiQ533fWWkCIUEeCrBPrqpNhlt3EzhJL9fVfLQugFD7UMNNw1LJpdBx2X9ZHO8xmTVntCXA_RujVof-jG-JBUVVqS8wccUQbneOqgoeCiR9P9ukg9KeN3U0IDkBcFjT-Ih9r1okgVAVfTNARX6ccPHdJctvalYeHdtGxfZ-4P_TbcjGjMaNSPDP2ynO9fbA9K_Vu_K9tpib4W2iuhSAq7WJFpl9QijshgK-1kMPJ31X9obdrSq30KTKxPL4Vp5uRZ5rNT5yghTICbLRwpSAjJoouDw44loir-EFRuROxPappqJwxIoM6fwgdpn5eaU8TZ3LOygOxseQ-CjbwU7y4_1uK0-hx2_mnj9Ssu13XqXeoDDN8GJBtBF8kK3fKYQr8WEUy5XDXRp4ilFuUFOQfrSWvOVAW9vL8-VvbIveexlV4sjhEZyxFxkpRaSQlTo4Zow8Eg31LQOlWNOCJEKQaUVzpCICdNzoGr_RBeCy98QHTEkM6iv_85-dyU-BFvL0IZtOwMsoeI6WdsaoaGzKLjzKYVq8_lAZNqZn-5CErphJX7bf6Kjq4MW0OYra3n8kW17ch8HM9t8c4sgfVugRzaJX29vfPN_N835elzSc2VhqDDDNHl2mQR7XncL9Sg1h4Nl_VM4wqUIEaBIQ7GhHy2lWStODWZfwbkdj_eWa6Vo8iOj6OxdhOiMiXr9cdtVwaWLedf-95gtjo0hY07O4hQMf7FxZKPe6Gv5Ngl5SdrU7ODazBldRobMkb8hp96NGrIuopXVzFvZH2d9YgEEgPAX28O-l-SJeZN8FS4hWbmYlEWvqJNhjUaHS03BjYfsyLcuz6nF2BiXeNgLL2t01FaiDVFH1Ofi7PRPA--Y1hpmtxaCDQp40TKUOVo2J3LvdcvkgWQlFCm_9wkJyzS3vgYJiPZA0eH0CQIMP0QpZGh4ndAvYUlWH491gakUXXGcTIwlh3GfwgKzTG7mfaqcGWMG20fQKzV9PFVus4AADE8pIHaJdszX8G_wwibTR2MaGm2LWtjENKiFdltHiaHarunL5GWvYXqbi_SbE2lkoO3U-NFBGxhy_YmFyQZv_JqZe9W_kUfne7QmRnj78L-5O3R1-5-KrU2pc2nIbBdD4h7NpQ6b-Dh9qjmrplYi47HiJ2nOIe-JTKDku1Q9NoOS6Pbn6vvHgdCyoyFAIfMTELXBo1QY1Nu12frIpM2VT74Rg_k2-R2_WvCd8a6KRmfZ3yROTus1yz2MQKPZBEPf0Q_cJrkD6E0lowpl0lb8DtqcxwLFSWIoiMNx0LRzSPgZLcdAnPq4WyjLvfWVWBY3p-VRhh_Od8-gQ3ZbrgGmNj9A1e0LFOaul2fsh7TVVHuIEA_0scsHWd_Yquun9ls5jefa0YQOrqFXm-583JcmPBnnJ5oSkpXAvFfVfqoXAq0V2RMoUQ738pBDiEPDdLAev5uu2LSUY9_qMrEHyokbGYXyM2ZyR_a7AhaDrGTCLjXUasxjyDM9Nm8n9yoh2928WjKeFus529_fxYQNVLU8156SupqrChBQLs5ISN5hkdyFrVMBJqvB6emiSD3jGkcX9YpGkekvaXfW_OWPUYG4bDFJZ1YjdIwXoLsY8_3XsUp0tJ4IOgYEfbrGiQJd4jpQ0PQkL3NsOGeuYKqdkun4Gzmx6rBCjhWgtxc5Y11MgLl_VWHp23PigppKRZNbj7wOSPmYvT4eDybTeXg5SfhMq7dIcNZynNGYN2mGvGaTB4D0wSGG-7IqPa6eQAdK7qRdLCNLtFnXhuHeDwa-NRdE93XptXm1UmJGh7aU2GyfG9mparky_t0V11hEsXAdqNM_r1CpTfGefeiBjdRX6tvZww12YMl6oe6Bmp8kTTeVADUqmUWIFEMF8gAU2WSP615k_Lpc4OM8lFnBgT863dVBO9vR-61Fz-Ec6acRqgm7s9tgZNayFctnJn70wuXtUgVs9hy-RLoFO594pd-cYo8h1PFvmrkO1A3SM55ZKYKsynKRq2jQSEgAeiU5Wd-DnS0GTNFNoVfOrRHrVeV_o6mvXseoGLhEnHea6_n2lm2mC-_fNjGkmL-WHR0slAk-3sYWo1KFLQhw3BrXJrgmebWm4AJV4KXQ60KrN5v1tCrfPbgUyEo-U34DC9Nf9-n7w155EjqOsPTqpGaJ1dGsgfIuDtaFcd3ZsBBi8sypeqAjBGEbH0INRqFnlBGKDsqK29-PcOuJJN9ij14kzXuDPQNYs4lIJJWxq5yS9bCA2BaIoGFoYyh6VdWWw_nr7qwar1WR7X8eWCbArcJhFyN9qp47C-UuakG2Pkpw6kdYQqSmbx11WMBiw23ZZAgfTzy40qBPinef55HQW4XqNmmw8Fdyl3tXVFuX3N3I20ffZDoQ68t2XZQkQBDVdcOffQdYsNu-tTrWIb3l2eB7_pNP2RMkz1nDZLYC84I7DWHf5uPh1izA4IaTnkZiXlfi-bIZCVZr9M-iwQgdrU7eo7wsd6G0bIy6JbF_u_DHH-iF46pjK0oLkBM0aQ8b3nXzWB27UyCe7XRbL7QBH711-PcTrKsZ3MwbMJ6W-1kRp3_CSkLgzvvSvrqSOgW9eHjOJaOA0mMvDeJeaR9qkE4zRAVy_kbyKHasvc5j3JB1NkTQ3JNULHGq5LFsvNyc2SW9i-2cFpP_8raB8u9w3nKR7hNDurl6MVRJKgHZeP1che0fGXJ3gIlfd8NhmuwMxs9Two5KwGcB3kMVVaP6KZEYP400vxPzN_msARthU4whYkupDf1g9hfIuoC9qoGZppiWi&cid=CAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24&rfl=1%2Chttps%253A%252F%252Ffinanswebde.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:30:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F393 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIf6HYK_mJdMbiZfqrEj1l3aysEz1h40-AUs5WlM99tiIvsgcBYWIKi05rvyeQYmOew7TCRjUe3jo3Nxh1ocpDqiJY8Ym7DNi2pmofofIKy4WOi1HT9NltMHb400PYB-XdA5IgMbk-yHSBWIXI0_LfUx6h-g&dbm_d=AKAmf-D_e8RFJybgkP1Cf75dLzpRcIEabQCzxSApPNrJTYI9a1B8BWeOijUPVNqD7_zcoVpr7l7ei0mkC0MR4-dfgVp1Zlvv3WnNi0LRqSzFpxeS-wkneP54GOislpqAE9bVAmD0bXwpYqSKMBR2d5Zzf_Q8JSrUsbQmIoAzt-XcClc8Zi6ZBWl41zsFQTpxPzRBfxPqv64uBIgoIbTACX1m34UHqujuSNAn4VwG7kQjYWJzOb33unFSJipP8YR7eMHjBzVW--kHWomntkMwpYTxiITFoZLNYswDEkIhnM5Ki5NOA4n2lpfLQJJ9bXqwrj52lO8CWeTVJPvXYyns_grK-6cxLwCyE4sCVJfcxxgXqLtaDsYHG3DVB12GhAOzMAUDFf8fkVhJWG26bVPTbG6V2QZuehpMqA-ugXuESjFgt5hPxPviObe_BO3fxc9dtEgWb7T5pj03lDGFQ-6EMYFOcNgDq59hMwk1nUIRrS6EFi7qNGraZ4CCd1koPslRNFAL0vqFN-b14W-nPSJYN05Vh8WKYEw000kcuAba-P6-nHiQ533fWWkCIUEeCrBPrqpNhlt3EzhJL9fVfLQugFD7UMNNw1LJpdBx2X9ZHO8xmTVntCXA_RujVof-jG-JBUVVqS8wccUQbneOqgoeCiR9P9ukg9KeN3U0IDkBcFjT-Ih9r1okgVAVfTNARX6ccPHdJctvalYeHdtGxfZ-4P_TbcjGjMaNSPDP2ynO9fbA9K_Vu_K9tpib4W2iuhSAq7WJFpl9QijshgK-1kMPJ31X9obdrSq30KTKxPL4Vp5uRZ5rNT5yghTICbLRwpSAjJoouDw44loir-EFRuROxPappqJwxIoM6fwgdpn5eaU8TZ3LOygOxseQ-CjbwU7y4_1uK0-hx2_mnj9Ssu13XqXeoDDN8GJBtBF8kK3fKYQr8WEUy5XDXRp4ilFuUFOQfrSWvOVAW9vL8-VvbIveexlV4sjhEZyxFxkpRaSQlTo4Zow8Eg31LQOlWNOCJEKQaUVzpCICdNzoGr_RBeCy98QHTEkM6iv_85-dyU-BFvL0IZtOwMsoeI6WdsaoaGzKLjzKYVq8_lAZNqZn-5CErphJX7bf6Kjq4MW0OYra3n8kW17ch8HM9t8c4sgfVugRzaJX29vfPN_N835elzSc2VhqDDDNHl2mQR7XncL9Sg1h4Nl_VM4wqUIEaBIQ7GhHy2lWStODWZfwbkdj_eWa6Vo8iOj6OxdhOiMiXr9cdtVwaWLedf-95gtjo0hY07O4hQMf7FxZKPe6Gv5Ngl5SdrU7ODazBldRobMkb8hp96NGrIuopXVzFvZH2d9YgEEgPAX28O-l-SJeZN8FS4hWbmYlEWvqJNhjUaHS03BjYfsyLcuz6nF2BiXeNgLL2t01FaiDVFH1Ofi7PRPA--Y1hpmtxaCDQp40TKUOVo2J3LvdcvkgWQlFCm_9wkJyzS3vgYJiPZA0eH0CQIMP0QpZGh4ndAvYUlWH491gakUXXGcTIwlh3GfwgKzTG7mfaqcGWMG20fQKzV9PFVus4AADE8pIHaJdszX8G_wwibTR2MaGm2LWtjENKiFdltHiaHarunL5GWvYXqbi_SbE2lkoO3U-NFBGxhy_YmFyQZv_JqZe9W_kUfne7QmRnj78L-5O3R1-5-KrU2pc2nIbBdD4h7NpQ6b-Dh9qjmrplYi47HiJ2nOIe-JTKDku1Q9NoOS6Pbn6vvHgdCyoyFAIfMTELXBo1QY1Nu12frIpM2VT74Rg_k2-R2_WvCd8a6KRmfZ3yROTus1yz2MQKPZBEPf0Q_cJrkD6E0lowpl0lb8DtqcxwLFSWIoiMNx0LRzSPgZLcdAnPq4WyjLvfWVWBY3p-VRhh_Od8-gQ3ZbrgGmNj9A1e0LFOaul2fsh7TVVHuIEA_0scsHWd_Yquun9ls5jefa0YQOrqFXm-583JcmPBnnJ5oSkpXAvFfVfqoXAq0V2RMoUQ738pBDiEPDdLAev5uu2LSUY9_qMrEHyokbGYXyM2ZyR_a7AhaDrGTCLjXUasxjyDM9Nm8n9yoh2928WjKeFus529_fxYQNVLU8156SupqrChBQLs5ISN5hkdyFrVMBJqvB6emiSD3jGkcX9YpGkekvaXfW_OWPUYG4bDFJZ1YjdIwXoLsY8_3XsUp0tJ4IOgYEfbrGiQJd4jpQ0PQkL3NsOGeuYKqdkun4Gzmx6rBCjhWgtxc5Y11MgLl_VWHp23PigppKRZNbj7wOSPmYvT4eDybTeXg5SfhMq7dIcNZynNGYN2mGvGaTB4D0wSGG-7IqPa6eQAdK7qRdLCNLtFnXhuHeDwa-NRdE93XptXm1UmJGh7aU2GyfG9mparky_t0V11hEsXAdqNM_r1CpTfGefeiBjdRX6tvZww12YMl6oe6Bmp8kTTeVADUqmUWIFEMF8gAU2WSP615k_Lpc4OM8lFnBgT863dVBO9vR-61Fz-Ec6acRqgm7s9tgZNayFctnJn70wuXtUgVs9hy-RLoFO594pd-cYo8h1PFvmrkO1A3SM55ZKYKsynKRq2jQSEgAeiU5Wd-DnS0GTNFNoVfOrRHrVeV_o6mvXseoGLhEnHea6_n2lm2mC-_fNjGkmL-WHR0slAk-3sYWo1KFLQhw3BrXJrgmebWm4AJV4KXQ60KrN5v1tCrfPbgUyEo-U34DC9Nf9-n7w155EjqOsPTqpGaJ1dGsgfIuDtaFcd3ZsBBi8sypeqAjBGEbH0INRqFnlBGKDsqK29-PcOuJJN9ij14kzXuDPQNYs4lIJJWxq5yS9bCA2BaIoGFoYyh6VdWWw_nr7qwar1WR7X8eWCbArcJhFyN9qp47C-UuakG2Pkpw6kdYQqSmbx11WMBiw23ZZAgfTzy40qBPinef55HQW4XqNmmw8Fdyl3tXVFuX3N3I20ffZDoQ68t2XZQkQBDVdcOffQdYsNu-tTrWIb3l2eB7_pNP2RMkz1nDZLYC84I7DWHf5uPh1izA4IaTnkZiXlfi-bIZCVZr9M-iwQgdrU7eo7wsd6G0bIy6JbF_u_DHH-iF46pjK0oLkBM0aQ8b3nXzWB27UyCe7XRbL7QBH711-PcTrKsZ3MwbMJ6W-1kRp3_CSkLgzvvSvrqSOgW9eHjOJaOA0mMvDeJeaR9qkE4zRAVy_kbyKHasvc5j3JB1NkTQ3JNULHGq5LFsvNyc2SW9i-2cFpP_8raB8u9w3nKR7hNDurl6MVRJKgHZeP1che0fGXJ3gIlfd8NhmuwMxs9Two5KwGcB3kMVVaP6KZEYP400vxPzN_msARthU4whYkupDf1g9hfIuoC9qoGZppiWi&cid=CAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24&rfl=1%2Chttps%253A%252F%252Ffinanswebde.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Jul 2023 13:50:34 GMT
b=85950886
bcp.crwdcntrl.net/5/ct=y/c=14633/ Frame F393
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=14633/b=85950886
  • https://bcp.crwdcntrl.net/5/ct=y/c=14633/b=85950886
49 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=14633/b=85950886
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
52.71.37.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-37-99.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.229
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=14633/b=85950886
cache-control
no-cache
x-server
10.40.40.49
content-length
0
expires
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 744B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Origin
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 02:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38665
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Jul 2022 02:57:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 744B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dv8zVYnUBjvoIHHl6K2iIOUIvjGfCG740l3ITBhtG45syMwR7DSuWXfOvWHi20B6Yn2Sgy_ak1UXMWZJ1Sok3DGZSQLROVZ2ooKhxH7Zaeqqp9jplRopowMJCSolCepRiecPn36JlbQ9TbCUD9k7q8OprS5w&dbm_d=AKAmf-B00JRyWplA-hm1OmKN-7QHVJSCPcKY64XfwF2hotcrSjP8vYgO1P51-aBM33akatiahil5zq8KP85FuPOd2T1ijOzFVFzyQfbOAbXuyngEzS0wPCfnGs-MbpVhvHBOmG_myxK1ipYfj7fxHvqnce6EG_5yucwJLta-D9LioWA8-wqlUCuvHrdGXmctY5-xVqldW3l_6oB_xCsaXmcP7bioq1B-Ehf47Ascn2OTqEcwUVrc_A7PhJV_VMiR4SB2ynvY6sy4cwL2Q2gAll_RajYXAIAAyz-9leQgGsfCqrrYnoLNZ4J6Rp5JrNBrvGwBkVJ9efB0Zi7FTkqgTX4tNCszn0wwY_xBht9aNKqPe_8PcI8rgvhULiMEC94sPOr8RWDiJmwCrw6ZrGxI47aHZS5P3brRW0Nbf04MZaGui9tIb28ypdd3Or-KR-3Ex6u5vwuAwAHmjU-4n-XlnLgv5elDMpLrIy474JDocPHNB4AsS9WP0kzQK36z5m57ifkW5b69ruhnd28WxgUl2m9BZlS6qyzBOCK_Rta33QOx70TM45vp5LneHTD1XM0mrYSn1FjyjJWwKFsIUAofn87aHWdUsx_GiNIOeJKjycprRd6VTYUnGxCcvRJtTcM8t4cnqRYFnvtrqSNncDu0BXqQL3RM4wbMrxwAoBhRzMob0O4I0MMsKXYtguG9VFvtV9FGueAoACEcDqugk19LJtjB3tfYuzwmUh4wobNaVOMcOuKod9YI0yOIf0S8ovZHaPuU5zvoQHxCCajHJAM5ujGtzvGNZMlCaiys35mjnXLPskAE2JFcKuU0gAa807tboUsOxTRwKiQEaAF2aye5VncDrlNUgkW_eNfLiN6JnFflRmC5Vzr3iCKG_QqNZ5a-LSB1-GJCgIrTWzesHO95QFD90lsSKO3BxQvfho7bAAIcl7a1uypvFwu-lNYwvGI8rczh3oldFYqKkC9AVLHtjZlmUtRR1YERvcvutOAKrzHXH77UmNvwHFT3q1uiJyjEMgavx5TYutux9XBB837Tqc_yXRxSEZhM4_xVTcc9TpeWM_bseYdxSsiW6ZUwCGuTQOruKs4kZWDYHR3G4PhzyWgbfphBtiAT-6CLXQ6WljgWRsmjgAR4nt5SBIAZfypxOvHVZ-pyyDm9A_uwkDOgAbkxQIOI0t_I4Wal7AQyOrN2P_i4m3QiJUvG285R4eonM2GraK-vOtuuw2Pdkjz3hQM1OT5hmzNbSXHyhW52OS5u8SObKKssTUkEOJFOiALziOXlOlKWYyvav5VVFqbdSk1Z1shihDZw89XYgFGMLr2OGp5aImag87VKZhX4CZ1zes09jw-0KDsiJxh2qwKGFS-7TZAnTeu9JlqV9E3uFfDV0F_p4yI1oh0HJI7YRNhgElQPnHbSLNXm4HXdJz3uaK_aKRQNjvFVeGIB-Q-tTK7BD08QD5G4eamAXZMARmrgtxcy5V-fA5qCePrBFe-b8J-ObcDvBHBQfQtvXrcs4zIgC-a14Mfqj5N3SsPMRkVA1zM0XtDW7NurWHq3mlEimW_FDhTdFkUdBkBisI5SYceI8vmkIMyBfpD0F8vaN87TLoucYUB0TRf0H_I_t0CY1OyE1Kq755xezn_NuEqTgQwQjagDjxFHgCq9cm-F5X2JEXUeXrmNzi3WBkQ8mcCXMf-BMXQ-lwJa3wo4FG5bw4bLtFGNzkhJXPRIvYihtiEAiKXu1OijbHtCLSebNQ_OXRsDkrrAbj5yg5UJumpq-ku9Ridlf-WFrfqkYQPEewTjMucGXyQGZPn69xMTJ0JOnQsayMN3xsjw84q1Pt-VwcU67T1X9-SyDgsMsmbu-BVlbqLOwmhZhTQWV2Gb6QI48pxx8n5zF74tcnP9TTfhKreN539q1DtSbR8RSjBXHwwb2joOIRAUGP7iGziVI1xDbhhO033DtlbYDEaqVrTLsZVwE1SMCTt428GEeDqeFtTWqJ4_V06AG3RolcUK4Sh_p_iQAVsu1yNBUiByjrlMGmg6oZdEWu_cTPju5p3rcYkoZYp725S9PCrvJC8ewlrLwHK6BDqXhrQ6dAnbcVGwQjZmxSdq0LMbZFH1TBrCc6DQS7zcIRAWu17nIvPutXzs_0euAsoKGtvOYixTT0V_UC-CobOI54WKmjBNL5jffcpOYmQ97fMJJTIL7TN4d2712vPWys2TYcPLOsxjwavwnzDCYgMbEI-vbhC2YXiCUqZ1zZVOGWTOJUgFVXOPKiGV47Vwz9Oz_9lLYovz1wmHAN9snSqp_FRrTl94KjNGBXmA0Kl4WPTesndpeiHKCSssDC6Xx17g87D6V6dtimw29sj7DIa6NwLpWR4SEKREh1GME6MCbzT6LND8Zuih3scX3Zazk9L23fDoWebt5Yoif-688QfYMzmBbeFi2FKEYDy-OoCAnycPqIRTzWMH4rHFt-YQFgUubqSSAd5Q4HTmoIGR_RhefKXGE_hs7MdgGG_KrLo6Deo2UXnv_CP8LJ45v83jfjsnJwZENCa_RZ6_PZ5H9KHtoBn3GpmCB5L_p0F2de19ZcBXXMwfiF-bI90W0M0YEqYM_-4qiX_2Hu25qVYvBDXRBwlHxujYSDItLgZqgBX5mMaCp-RqV8thbkMGGNa2uAh1uRAuO-yABjlnnU-b8Mbb-3ahweyL5LNNzw8g2p3fMtX2djtsGJ2YHZ_VUemjMfZ5u7UhOXqS_qOfqc9hEVtN6QJX0DN_rHq3wOH8wf5F63TIeIuwTrs9pn3FT7DVavePwZ6h3facpCXJi1_UDd5qvid4ViqPgN7FpXc5Zzi-pgQxNDenXFxnL0gtm1cOgZjNf6a3civa5nu-l54UNJilxd8YctC4MbMXMJ6FyRSCnFs3ZMwQdhSpeSrWldsU8ZDu0xAwAvQKA8pFjDc87Dgkp_X-OjZ9gu_ZPZf_Mqpu0_XYok6ItlZIfn2j8MMKEODhFgqynWZbwP3MNDYVEuI6KbAOV-Sjb3x_bIlwly-6w-j3PDftdTMKfHwCCYL96eGWUo8W6B_YHKNxUFF5Q7C6N0h5kDL8Lsqu7J700IV2I_mwn2mIkPyJrheUKqtvXU9bt8my-6A_qT3VyhK8n1uMo9g0jjtv9QzmF9s632Spu20e8WLzbM8w62q7y5Mgc5HDipH4ZuW1Dcj4tBT7n53WwvyjdmtcdcFjILnivvws6mxcq0gc&cid=CAASJeRo--w7IHix1ZmU0PpZ2M36AG8BajdHPstsAUSFBWAH38GXmbo&rfl=1%2Chttps%253A%252F%252Ffinanswebde.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:35:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 744B 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dv8zVYnUBjvoIHHl6K2iIOUIvjGfCG740l3ITBhtG45syMwR7DSuWXfOvWHi20B6Yn2Sgy_ak1UXMWZJ1Sok3DGZSQLROVZ2ooKhxH7Zaeqqp9jplRopowMJCSolCepRiecPn36JlbQ9TbCUD9k7q8OprS5w&dbm_d=AKAmf-B00JRyWplA-hm1OmKN-7QHVJSCPcKY64XfwF2hotcrSjP8vYgO1P51-aBM33akatiahil5zq8KP85FuPOd2T1ijOzFVFzyQfbOAbXuyngEzS0wPCfnGs-MbpVhvHBOmG_myxK1ipYfj7fxHvqnce6EG_5yucwJLta-D9LioWA8-wqlUCuvHrdGXmctY5-xVqldW3l_6oB_xCsaXmcP7bioq1B-Ehf47Ascn2OTqEcwUVrc_A7PhJV_VMiR4SB2ynvY6sy4cwL2Q2gAll_RajYXAIAAyz-9leQgGsfCqrrYnoLNZ4J6Rp5JrNBrvGwBkVJ9efB0Zi7FTkqgTX4tNCszn0wwY_xBht9aNKqPe_8PcI8rgvhULiMEC94sPOr8RWDiJmwCrw6ZrGxI47aHZS5P3brRW0Nbf04MZaGui9tIb28ypdd3Or-KR-3Ex6u5vwuAwAHmjU-4n-XlnLgv5elDMpLrIy474JDocPHNB4AsS9WP0kzQK36z5m57ifkW5b69ruhnd28WxgUl2m9BZlS6qyzBOCK_Rta33QOx70TM45vp5LneHTD1XM0mrYSn1FjyjJWwKFsIUAofn87aHWdUsx_GiNIOeJKjycprRd6VTYUnGxCcvRJtTcM8t4cnqRYFnvtrqSNncDu0BXqQL3RM4wbMrxwAoBhRzMob0O4I0MMsKXYtguG9VFvtV9FGueAoACEcDqugk19LJtjB3tfYuzwmUh4wobNaVOMcOuKod9YI0yOIf0S8ovZHaPuU5zvoQHxCCajHJAM5ujGtzvGNZMlCaiys35mjnXLPskAE2JFcKuU0gAa807tboUsOxTRwKiQEaAF2aye5VncDrlNUgkW_eNfLiN6JnFflRmC5Vzr3iCKG_QqNZ5a-LSB1-GJCgIrTWzesHO95QFD90lsSKO3BxQvfho7bAAIcl7a1uypvFwu-lNYwvGI8rczh3oldFYqKkC9AVLHtjZlmUtRR1YERvcvutOAKrzHXH77UmNvwHFT3q1uiJyjEMgavx5TYutux9XBB837Tqc_yXRxSEZhM4_xVTcc9TpeWM_bseYdxSsiW6ZUwCGuTQOruKs4kZWDYHR3G4PhzyWgbfphBtiAT-6CLXQ6WljgWRsmjgAR4nt5SBIAZfypxOvHVZ-pyyDm9A_uwkDOgAbkxQIOI0t_I4Wal7AQyOrN2P_i4m3QiJUvG285R4eonM2GraK-vOtuuw2Pdkjz3hQM1OT5hmzNbSXHyhW52OS5u8SObKKssTUkEOJFOiALziOXlOlKWYyvav5VVFqbdSk1Z1shihDZw89XYgFGMLr2OGp5aImag87VKZhX4CZ1zes09jw-0KDsiJxh2qwKGFS-7TZAnTeu9JlqV9E3uFfDV0F_p4yI1oh0HJI7YRNhgElQPnHbSLNXm4HXdJz3uaK_aKRQNjvFVeGIB-Q-tTK7BD08QD5G4eamAXZMARmrgtxcy5V-fA5qCePrBFe-b8J-ObcDvBHBQfQtvXrcs4zIgC-a14Mfqj5N3SsPMRkVA1zM0XtDW7NurWHq3mlEimW_FDhTdFkUdBkBisI5SYceI8vmkIMyBfpD0F8vaN87TLoucYUB0TRf0H_I_t0CY1OyE1Kq755xezn_NuEqTgQwQjagDjxFHgCq9cm-F5X2JEXUeXrmNzi3WBkQ8mcCXMf-BMXQ-lwJa3wo4FG5bw4bLtFGNzkhJXPRIvYihtiEAiKXu1OijbHtCLSebNQ_OXRsDkrrAbj5yg5UJumpq-ku9Ridlf-WFrfqkYQPEewTjMucGXyQGZPn69xMTJ0JOnQsayMN3xsjw84q1Pt-VwcU67T1X9-SyDgsMsmbu-BVlbqLOwmhZhTQWV2Gb6QI48pxx8n5zF74tcnP9TTfhKreN539q1DtSbR8RSjBXHwwb2joOIRAUGP7iGziVI1xDbhhO033DtlbYDEaqVrTLsZVwE1SMCTt428GEeDqeFtTWqJ4_V06AG3RolcUK4Sh_p_iQAVsu1yNBUiByjrlMGmg6oZdEWu_cTPju5p3rcYkoZYp725S9PCrvJC8ewlrLwHK6BDqXhrQ6dAnbcVGwQjZmxSdq0LMbZFH1TBrCc6DQS7zcIRAWu17nIvPutXzs_0euAsoKGtvOYixTT0V_UC-CobOI54WKmjBNL5jffcpOYmQ97fMJJTIL7TN4d2712vPWys2TYcPLOsxjwavwnzDCYgMbEI-vbhC2YXiCUqZ1zZVOGWTOJUgFVXOPKiGV47Vwz9Oz_9lLYovz1wmHAN9snSqp_FRrTl94KjNGBXmA0Kl4WPTesndpeiHKCSssDC6Xx17g87D6V6dtimw29sj7DIa6NwLpWR4SEKREh1GME6MCbzT6LND8Zuih3scX3Zazk9L23fDoWebt5Yoif-688QfYMzmBbeFi2FKEYDy-OoCAnycPqIRTzWMH4rHFt-YQFgUubqSSAd5Q4HTmoIGR_RhefKXGE_hs7MdgGG_KrLo6Deo2UXnv_CP8LJ45v83jfjsnJwZENCa_RZ6_PZ5H9KHtoBn3GpmCB5L_p0F2de19ZcBXXMwfiF-bI90W0M0YEqYM_-4qiX_2Hu25qVYvBDXRBwlHxujYSDItLgZqgBX5mMaCp-RqV8thbkMGGNa2uAh1uRAuO-yABjlnnU-b8Mbb-3ahweyL5LNNzw8g2p3fMtX2djtsGJ2YHZ_VUemjMfZ5u7UhOXqS_qOfqc9hEVtN6QJX0DN_rHq3wOH8wf5F63TIeIuwTrs9pn3FT7DVavePwZ6h3facpCXJi1_UDd5qvid4ViqPgN7FpXc5Zzi-pgQxNDenXFxnL0gtm1cOgZjNf6a3civa5nu-l54UNJilxd8YctC4MbMXMJ6FyRSCnFs3ZMwQdhSpeSrWldsU8ZDu0xAwAvQKA8pFjDc87Dgkp_X-OjZ9gu_ZPZf_Mqpu0_XYok6ItlZIfn2j8MMKEODhFgqynWZbwP3MNDYVEuI6KbAOV-Sjb3x_bIlwly-6w-j3PDftdTMKfHwCCYL96eGWUo8W6B_YHKNxUFF5Q7C6N0h5kDL8Lsqu7J700IV2I_mwn2mIkPyJrheUKqtvXU9bt8my-6A_qT3VyhK8n1uMo9g0jjtv9QzmF9s632Spu20e8WLzbM8w62q7y5Mgc5HDipH4ZuW1Dcj4tBT7n53WwvyjdmtcdcFjILnivvws6mxcq0gc&cid=CAASJeRo--w7IHix1ZmU0PpZ2M36AG8BajdHPstsAUSFBWAH38GXmbo&rfl=1%2Chttps%253A%252F%252Ffinanswebde.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
718
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:30:00 GMT
getcode.js
am.contobox.com/v3/frontend/creatives/ Frame F393 		276 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/frontend/creatives/getcode.js?ph_id=cbox_ph_2337164&zone_id=127256&nomraid=false&lid=%7B%22a%22%3A%22DBM%22%2C%22c%22%3A%2217375687515%22%2C%22e%22%3A%221%22%2C%22s%22%3A%22192392219329%22%2C%22d%22%3A%22%22%7D&sourceUrl=https%253A%252F%252Ffinanswebde.com%252Femtia%252Faltin&ifr=1&isSF=nosf&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCsbA0pijMYrm-BYyZoPMPg9Gl-AWOp9GQa6mF1ZqHEPCBka3TKRABIMCygmtgyYb_h_Cj7BLIAQmoAwGqBOoBT9A_hu5cTdn2CDmunrqmOCAyycGM83DWyyUDKRbqyY481gEE_gHa7Vfa00Ig_k7PJSgUO-kU8XfQXE5sTh1fZSDlivB5xRA70hxdx4SGy9H9Fufaji6OXR4ijFvwAinwCNJ2HyRakqcllgyAzVgVPEg0liFWo-ZPpE3NFtzauzIWp6zACZJAe_jaBHZC7w-1jUO4-EGcv26wcidoJOfqaNkiMS4KcTPuUAarpTqtgqVF_zLAGHIX1h5Ad4W-1OhhYRe4Wnwbrnzj4_c1oPyHCfB_6RL-q56u_ELZ4IgSQY36nKCI4LlWgQG3wAS2msDRjQTgBAOQBgGgBk2AB9y_mMcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA5gLAcgLAYAMAbAT55W8D9ATANgTCogUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24%2526sig%253DAOD64_3RhKB0V8yYRI1d8K2Ih6vL1-arHw%2526client%253Dca-pub-7983651257838282%2526dbm_c%253DAKAmf-BtLgFpjdPs_k8VN6MUsc1HTWLxoXybr_C3zVaakSGmTQ9DdMiA0OHZf6roMKgsQhqRFEMDB7IuYWFZjYfXdFONvBCMFB4Hak8fIxxWytlmvp42PzXeagFJuxFpmoXykdVyAEtm4VzI19UrB4Hrk6GwVMM_8w%2526dbm_d%253DAKAmf-Ao8BEedrTorD1NaJDn7iIa2kfEX3HzHzmRguuK5wmJKb10NoukunCcjrKkbJp5uRJuu8OuDEx31ojC8eSoBzi5nwGjVF0qQ7ttCame1zt3jgyfz2fsGIyGAFEE2ywnLmN1JvV8Ae1J-chImJvnDysPMTmmBa-NwKLLy-wwZ-n8x-7a44Dg1rd8ZfuO3s9AI6IUxkW8FhJzJThTWmVt1dXRdYqZU9vAovq1L_53RVHjbFjz9VTTBuUEEde5hSOZ8bDPR7GNRvFb7oshm_RHDg-YcZh1ET521dIhSVaw3iCq-wJdfaC9WDs5bI-N2I3yljSBL4bFVvWgoTPCmj8-61o8rkswh0mFd9KtTJFeLdfYuRQaXS0Rsk3XEsSk4afL8K-4vTDUVTLoBoiboDp-HLOX9GrjvwJCxmXB_zemBs_SEH73fieNLOB9Kibza-YIFC4bIm5t63O8ehh65A--6AmftqGyaFJwvSWfPpEVvDyGFYLRTQI%2526adurl%253D&fromurl=https%3A%2F%2F9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Ffinanswebde.com%2F&dyno_tag_params=%7B%7D
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
e44bd39797144973ef3b51a350a7eedfa399571343a36cc020d101c65a9b788c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
server
fasthttp
x-amz-cf-pop
ATL51-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-headers
Authorization,Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
81909
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
x-amz-cf-id
jp5qEhxHV_2deQkUPqarq2pIg5OWCNMqw-nyNAe0orYrZaXbZEpyuQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C187 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
65992
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 19:22:06 GMT
etag
48472445140208031
expires
Mon, 11 Jul 2022 19:22:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 85D1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
98192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 10:25:26 GMT
expires
Mon, 10 Jul 2023 10:25:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F393 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
435315c3fd117245dd4131a20ebe8362966149e7fcfc8ead72cd4e030848732e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
impressionTrackerOandaIABTCF20.js
a.svtrd.com/media/s/1371/1/ Frame 744B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.svtrd.com/media/s/1371/1/impressionTrackerOandaIABTCF20.js?adID=491689654&advertiserID=8955463&campaignID=25500817&creativeID=168089540&placementID=298520523&implicit=true
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-90.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
n3pvyfi5JkIlvVIaALnmqOoEVt1o140V
content-encoding
gzip
etag
W/"b773a034d0bbd2aac615ce793952d1fc"
last-modified
Wed, 05 Aug 2020 12:46:05 GMT
server
AmazonS3
age
20210
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36b774161e047d762915f1ca3ed6c872.cloudfront.net (CloudFront)
date
Mon, 11 Jul 2022 08:05:09 GMT
x-amz-cf-pop
ATL51-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
tGy5djIXxJ1b_2PvbUuC8andxE_7PDuoPn6JLt8Jq4D3RiWIFqT5qw==
index.html
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
165cde84bfc1078b2a026370ce259269f933d25837d1ca9a88ba5e4bccc61ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:41:58 GMT
expires
Tue, 11 Jul 2023 13:41:58 GMT
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 744B 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssaUtVZPnjoUsWKYnwVRekEh_3pg-5vomvxIRkZSE4DSqbDyiyKpIvy2t1mHnATLBqMJNkMDNYIj-eG3EgAbf7sziEzx9g8sn3VYxyN7dTneaQsmiy-DtMI2Xm0yYUrapYud_ItSvSfPRPPEIVlr41Gfuht-byGGLp0LjVF2osyvPyk9-_rW5fR6O51BxBiNKnMjRqSFQ5bth0zbPlERPTNaqu34jfM2RjV_-gUqk3rXrX0cegBGOEH3YE9k6DuWLuGMGGRuVJAJkdcKShNh3chGdYntx0rmPi01Nn3m6K_z-5vtm5Chwi3RJwNxowQRxwb2yZf1MpeSzAAoV1Ltx8qjKr1vO67sVsDj_oIuxAtJGm5m_VewpQRTtpmFGATmqEIb-QiSRUFvXeKQPZ2Gb_G004JuERbOlxKGyWmTY8PZOwtQ1tOXvYLp8RNd9dYbnI2O1tSfNR-E0nz5eKjWKkihfYxMGDZH53NA6N0QggsOmDwwU98u3CxqyDYwwptGivkwM2wGYrIb00WJQ0TTJHoSMUPW-re3I-85iSV_cCO_R1vtlzHuoFTt_hxs9hEyajdn3U6k_WwU-4BZIq3OQl6LYmR2o5IlVslpcaM8A7S0reXabTsDAbqaHpYPWRW9vpdBkMC32VH2-BMFJzbJo8iUT0_QSbxEgtxphi-vYX6i-LtOOIvfg3UvPtaAcmLlgJQ3f0fSVvJrWm0fX1BI8e5AsjlT8eqfikahwt5iRAEqFg7CJRNPJdGIo6YNhaZaXWWWLmGLa1P2zRG2hys80Wxen625tF4kv18wuyKiXtxtr4M6xTMKxdFwG5ggJcuXOvDrgGb7_ou6XhZqF61wre2V7lPT5NNNskkTKObEjtTJCkLTyXtShaeLm4ct_EaCV0AlaPj9nZF8n0WcdRFA0bofq71sFMN_J_LkZ9wasxlg4eRgk346tfRmF_AhC5jan3Jpus7wCKClwmejDCvlMesxCat5wY5bx7m5X1nkNniZI5h0-jSbZGl3RR6_2AzSnQMiOQt1PLS46rZGsZQ092dmT3OqqC_rCRG_8OLeYE8-wGZ_EIqnEx_9y7U8NhpHt00n__ZWpDvfFbgm-Qz9XlaFS4yw8_Q7S24qtTXS6r7mUbQolZ72f_jnuzUmR3dR0gDnIRiD_E92lSd-YCz1WXWePLhzzdyPPPqI7W49bh2XCWh7UtH-qRp3BsllBNG6fsEJxKJDnQHpJaRkiVf8hZREM07qQvx2643jOJ2w3wMsvtI4c&sai=AMfl-YTgdQ3kwlBaGcaHNGjbAdTOoPJLW8EneN07RL5f8ZOovyr2Rq_4-ENilNMrjOTvD-OoFQi2ItIcn89IoeK2L-J0eApN-Glh-fIZFBOGXJayGMmPxMeQQijjgV7l3YFyRMOnsyJTZEcVMRQJUBTnBb8x8OaJ-elFtuXiKIuU2jwlR0vCS7jjHxKKIvkc901skv27buo_rjpLgrNVxKHMngc2&sig=Cg0ArKJSzAudLW8Y7zE1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=135&cisv=r20220707.62528&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 11 Jul 2022 13:41:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		373 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126951
x-xss-protection
0
expires
Mon, 11 Jul 2022 13:41:58 GMT
NoktaPlayer.js
c1.imgiz.com/player_others/html5/ 		399 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
944a55aa3921673c00bb33ef32fc71a0f66e5c3638c2e6251a032ff5fc1e2747

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 10:36:04 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
expires
Mon, 18 Jul 2022 13:41:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 744B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 13:50:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Jul 2023 13:50:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F6E2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
65992
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 19:22:06 GMT
etag
48472445140208031
expires
Mon, 11 Jul 2022 19:22:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 744B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09f0e552f722d86e1d67ea3bc8b09c8ea9777f73521641caabf57b26ba7a8b93

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESELZPw-3kVJaa3ULrx9upZEs&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjFmZjQ4NzMtYzNmZi00NWUyLTg4MjMtMDU1YTk5NjU5MGVh&google_gid=CAESELZPw-3kVJaa3ULrx9upZEs&google_cver=1&google_push=AehlK4Df...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjFmZjQ4NzMtYzNmZi00NWUyLTg4MjMtMDU1YTk5NjU5MGVh&google_gid=CAESELZPw-3kVJaa3ULrx9upZEs&google_cver=1&google_push=AehlK4Dforz5NAEtAKdu5Cbw8Nq-9GAe_wSD_QJf-YFzkwO8tmQVXIGbnrpxc3cTO6WTBI-7riKL4d1-GZ90ryUuBSCwizAV2iBkyWDI61M0Yd9GhKsx1c3EkqVvE5hyfY9N63M-UKzLx3c
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=MjFmZjQ4NzMtYzNmZi00NWUyLTg4MjMtMDU1YTk5NjU5MGVh&google_gid=CAESELZPw-3kVJaa3ULrx9upZEs&google_cver=1&google_push=AehlK4Dforz5NAEtAKdu5Cbw8Nq-9GAe_wSD_QJf-YFzkwO8tmQVXIGbnrpxc3cTO6WTBI-7riKL4d1-GZ90ryUuBSCwizAV2iBkyWDI61M0Yd9GhKsx1c3EkqVvE5hyfY9N63M-UKzLx3c
date
Mon, 11 Jul 2022 13:41:58 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M_PW-LzIQ0i-FZaCQBgKBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M_PW-LzIQ0i-FZaCQBgKBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BD6th_DWITk2a0ulZuxMcinqDXWFCRiSxEp9jVlD2xjM312_meOTgh4Nfnd7kezVsdBjEphWRqdaAaAzM_K8iy2H3k58zEkgspIyNBdCHLm9ZV5PRdXcn53zGkX1u1UyQdUCxMeLw
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M_PW-LzIQ0i-FZaCQBgKBg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4BD6th_DWITk2a0ulZuxMcinqDXWFCRiSxEp9jVlD2xjM312_meOTgh4Nfnd7kezVsdBjEphWRqdaAaAzM_K8iy2H3k58zEkgspIyNBdCHLm9ZV5PRdXcn53zGkX1u1UyQdUCxMeLw
date
Mon, 11 Jul 2022 13:41:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEFduEOl2AFqx4XapZfdnQhg&google_cver=1&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9R...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESEFduEOl2AFqx4XapZfdnQhg%26google_cver%3D1%26google_push%3DAehlK4A-k9juhfg9P5bC9QXV...
  • https://rtb2-useast.torchad.com/sync?adkuid=A692093370687054872&exchange=309&google_gid=CAESEFduEOl2AFqx4XapZfdnQhg&google_cver=1&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTY5MjA5MzM3MDY4NzA1NDg3Mg&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTY5MjA5MzM3MDY4NzA1NDg3Mg&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9RYsmclumyrOpDYCFHPXbQxgwpjUxQR2oAiLd1EKhfQkFTa7ELkZOesidv88l1w
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTY5MjA5MzM3MDY4NzA1NDg3Mg&google_push=AehlK4A-k9juhfg9P5bC9QXVEoCejzSS_A0ExI4gcEvHGHszddeDuzz8tkvA6LnvjXRLsGcWdNRDgVIL9RYsmclumyrOpDYCFHPXbQxgwpjUxQR2oAiLd1EKhfQkFTa7ELkZOesidv88l1w
Date
Mon, 11 Jul 2022 13:41:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBbGBPTkK4E25clr3lSgANQ&google_cver=1&google_push=AehlK4DNXJUI_l4kNQDEaceDVvOHAnUDjhGzDAIr-d8bUk0gCtd38ymrafsIO3BkwIJtZ1fsEmMk9x...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DNXJUI_l4kNQDEaceDVvOHAnUDjhGzDAIr-d8bUk0gCtd38ymrafsIO3BkwIJtZ1fsEmMk9xdLXNz4qQCUKHXpihL_48PQg8fvkEvX2fLDmHpJxLAwg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DNXJUI_l4kNQDEaceDVvOHAnUDjhGzDAIr-d8bUk0gCtd38ymrafsIO3BkwIJtZ1fsEmMk9xdLXNz4qQCUKHXpihL_48PQg8fvkEvX2fLDmHpJxLAwgU2a2GXnlLPPocP5YUz8D40&google_hm=ODIzNTE5ODkzNjgyNzM5MzM1Mw%3D%3D
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4DNXJUI_l4kNQDEaceDVvOHAnUDjhGzDAIr-d8bUk0gCtd38ymrafsIO3BkwIJtZ1fsEmMk9xdLXNz4qQCUKHXpihL_48PQg8fvkEvX2fLDmHpJxLAwgU2a2GXnlLPPocP5YUz8D40&google_hm=ODIzNTE5ODkzNjgyNzM5MzM1Mw%3D%3D
date
Mon, 11 Jul 2022 13:41:58 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEAUA9z5iHpYUzY7-Gm0FJJI&google_cver=1&google_push=AehlK4DwZzvB34EsgBhaVc0nSgJMWWLF73EDFA_j45ZtI6CWR1hCPnQ2zM9WQUp9F6-MAnb6WUS_snD3BkZQncu4MxmUxz-pXSGrb...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DwZzvB34EsgBhaVc0nSgJMWWLF73EDFA_j45ZtI6CWR1hCPnQ2zM9WQUp9F6-MAnb6WUS_snD3BkZQncu4MxmUxz-pXSGrbfYHKYXWIATNC_F0XV2nQy6tOEbTL4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DwZzvB34EsgBhaVc0nSgJMWWLF73EDFA_j45ZtI6CWR1hCPnQ2zM9WQUp9F6-MAnb6WUS_snD3BkZQncu4MxmUxz-pXSGrbfYHKYXWIATNC_F0XV2nQy6tOEbTL4GPE9Bn6WjhZA&google_hm=aeb3cc2c800fefeb2c2bc5f85f4007f7
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DwZzvB34EsgBhaVc0nSgJMWWLF73EDFA_j45ZtI6CWR1hCPnQ2zM9WQUp9F6-MAnb6WUS_snD3BkZQncu4MxmUxz-pXSGrbfYHKYXWIATNC_F0XV2nQy6tOEbTL4GPE9Bn6WjhZA&google_hm=aeb3cc2c800fefeb2c2bc5f85f4007f7
date
Mon, 11 Jul 2022 13:41:58 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESENDe-n3m7-Mvh0sH1ltnvOk&google_cver=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C41k4om...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESENDe-n3m7-Mvh0sH1ltnvOk&google_cver=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=7xA8EyzJR2Oc3QO8g3mUEA==&no_redirect=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=7xA8EyzJR2Oc3QO8g3mUEA==&no_redirect=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C41k4omabjphaQAZq5-izT391Dv8sDqtyHqcTVg35r_E0U3h5xyxXbgX4Hh0x9sdY8pF0GHx90
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=7xA8EyzJR2Oc3QO8g3mUEA==&no_redirect=1&google_push=AehlK4Dwm_2NGvXnd2veAXJ5LnHLzRZ3HZBfzyMV9gfTKFCWFkGcGzmAnjxObPrRyv4y3C41k4omabjphaQAZq5-izT391Dv8sDqtyHqcTVg35r_E0U3h5xyxXbgX4Hh0x9sdY8pF0GHx90
date
Mon, 11 Jul 2022 13:41:59 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame C187
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEENNMiCzolA-EpS97Oxdjmo&google_cver=1&google_push=AehlK4AtaPIJ8SU8iZUzvAeET4SLiAaSCYLl2vcc9YUr47zqxQLZFRJAO9_2hcTj76dr73fG7Q74AVgeiXJ59pVQa...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWQ0N2M2ZjYtOWY1MS00NTk3LWJkODAtZmI0Y2ZmZTZmNDdh&google_push=AehlK4AtaPIJ8SU8iZUzvAeET4SLiAaSCYLl2vcc9YUr47zqxQLZFRJAO9_2hcTj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWQ0N2M2ZjYtOWY1MS00NTk3LWJkODAtZmI0Y2ZmZTZmNDdh&google_push=AehlK4AtaPIJ8SU8iZUzvAeET4SLiAaSCYLl2vcc9YUr47zqxQLZFRJAO9_2hcTj76dr73fG7Q74AVgeiXJ59pVQaQ0vOK0R86PfssLhv7fZ-6mVs8aRqJApYNG4PWoxzZQ44aaZprUqA4w
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWQ0N2M2ZjYtOWY1MS00NTk3LWJkODAtZmI0Y2ZmZTZmNDdh&google_push=AehlK4AtaPIJ8SU8iZUzvAeET4SLiAaSCYLl2vcc9YUr47zqxQLZFRJAO9_2hcTj76dr73fG7Q74AVgeiXJ59pVQaQ0vOK0R86PfssLhv7fZ-6mVs8aRqJApYNG4PWoxzZQ44aaZprUqA4w
date
Mon, 11 Jul 2022 13:41:58 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame C187 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO6CcOCOXGvSuEv_py8ZZCH1oUMYt5UyG6R_rfBnFx9x-Co1SF8oy0fQNI3zpf-onFPZdBbc0
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5B87 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
98192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 10:25:26 GMT
expires
Mon, 10 Jul 2023 10:25:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESELf30i1xbavsTXcZbLAMetg&google_cver=1&google_push=AehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBa...
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8l...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBaLOv5WArGeuEsnKOC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBaLOv5WArGeuEsnKOCHA-ExxtglPXZczJ2IXKY1TTM&google_cver=1&google_gid=CAESELf30i1xbavsTXcZbLAMetg&google_hm=UTcxMDgzMzMxODE4NjI0NzI5NTQ=
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 11 Jul 2022 13:41:59 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AehlK4A5HAk4ac9A8L_UZg56ITeaEu10onNZOB17ghGxQMOU9jN1VjwAYjHmnSxQmCL8lRvP2MPDIqfXRxIQT4BZK3CONL5hMnyqmWBaLOv5WArGeuEsnKOCHA-ExxtglPXZczJ2IXKY1TTM&google_cver=1&google_gid=CAESELf30i1xbavsTXcZbLAMetg&google_hm=UTcxMDgzMzMxODE4NjI0NzI5NTQ=
Cache-Control
max-age=67467
Connection
keep-alive
Content-Type
text/html
Content-Length
154
i.match
s.tribalfusion.com/z/ Frame F6E2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED6z-LA_KdsuQuO8MHKlrbs&google_cver=1&google_push=AehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRA...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6z-LA_KdsuQuO8MHKlrbs&google_cver=1&google_push=AehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1W...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6z-LA_KdsuQuO8MHKlrbs&google_cver=1&google_push=AehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7291f5b42a077139-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
346
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7291f5b348b07139-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6z-LA_KdsuQuO8MHKlrbs&google_cver=1&google_push=AehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Boolx7RJLcxIhAQ0V1-vlWa1QNdYsm7AxvzXqt5hn1B3RK4zeur7LPrKGvP5xrRA_tqEAAMVfCf4x-5oDPP8Z6ufW_G1WRAnxRvwRZILToomPhaoNI4ZCV0xUpx4n1OHITpPv8UZQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEFAyyHRZd7rZ_c_RpU4BqKg&c_param1=AehlK4C9VHFocb_XQKboxuOdPvkRlmf0B2apIarUYYTP9mraMjhBa93E_OmmW_gJIPPm3gnE9Zb0qcVVg5hNP-GVkM7adB0pj2opObhzKR6Bwiq5BrK...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4C9VHFocb_XQKboxuOdPvkRlmf0B2apIarUYYTP9mraMjhBa93E_OmmW_gJIPPm3gnE9Zb0qcVVg5hNP-GVkM7adB0pj2opObhzKR6Bwiq5BrK7t6snVlpgoov0M8Sgx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4C9VHFocb_XQKboxuOdPvkRlmf0B2apIarUYYTP9mraMjhBa93E_OmmW_gJIPPm3gnE9Zb0qcVVg5hNP-GVkM7adB0pj2opObhzKR6Bwiq5BrK7t6snVlpgoov0M8SgxfSCPBQTN77u
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AehlK4C9VHFocb_XQKboxuOdPvkRlmf0B2apIarUYYTP9mraMjhBa93E_OmmW_gJIPPm3gnE9Zb0qcVVg5hNP-GVkM7adB0pj2opObhzKR6Bwiq5BrK7t6snVlpgoov0M8SgxfSCPBQTN77u
date
Mon, 11 Jul 2022 13:41:59 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBqVDOjTKBqsuhJIIua345w&google_cver=1&google_push=AehlK4BnXRc5W9d8YDIlytAZcWcZj7Zn52x4Yf41G5B94-ZvB1k-StBpoS-2LbUDXWpBBPEIcms-1K6Lp-5M5j...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzZjNGU2NzFjMzQ0NGZmZjY1MjUyNmU1NjU5NTU0MWI=&google_push=AehlK4BnXRc5W9d8YDIlytAZcWcZj7Zn52x4Yf41G5B94-ZvB1k-StBpoS-2Lb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzZjNGU2NzFjMzQ0NGZmZjY1MjUyNmU1NjU5NTU0MWI=&google_push=AehlK4BnXRc5W9d8YDIlytAZcWcZj7Zn52x4Yf41G5B94-ZvB1k-StBpoS-2LbUDXWpBBPEIcms-1K6Lp-5M5jPYFj8qaGwsp2l_1xzesEryi5ZQEVlp13-q1fPnINAteC3ZfwFb2_nNU-BG
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtNzZjNGU2NzFjMzQ0NGZmZjY1MjUyNmU1NjU5NTU0MWI=&google_push=AehlK4BnXRc5W9d8YDIlytAZcWcZj7Zn52x4Yf41G5B94-ZvB1k-StBpoS-2LbUDXWpBBPEIcms-1K6Lp-5M5jPYFj8qaGwsp2l_1xzesEryi5ZQEVlp13-q1fPnINAteC3ZfwFb2_nNU-BG
date
Mon, 11 Jul 2022 13:41:58 GMT
server
Chocolate Cookie Sync Powered by Vdopia
content-length
0
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEATfg1QgyMvs9UdivM3JXCo&google_cver=1&google_push=AehlK4CaGVXGKDCmn6qNxgQa3n12xWRRa1zDxcQNIGeFb8itzgd1hPGwxLkmh_HCFk4AIFVZB2Lf2Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4CaGVXGKDCmn6qNxgQa3n12xWRRa1zDxcQNIGeFb8itzgd1hPGwxLkmh_HCFk4AIFVZB2Lf2Z6jKGPV1AadYKUvPbcOGwXdIqDp3Yy-UdJljmZUwwfXA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4CaGVXGKDCmn6qNxgQa3n12xWRRa1zDxcQNIGeFb8itzgd1hPGwxLkmh_HCFk4AIFVZB2Lf2Z6jKGPV1AadYKUvPbcOGwXdIqDp3Yy-UdJljmZUwwfXAnCJpV3Cr4YsT9R0yo7S00mE&google_hm=NjM4OTYwNzU5NTE3MDQyODIwMw%3D%3D
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AehlK4CaGVXGKDCmn6qNxgQa3n12xWRRa1zDxcQNIGeFb8itzgd1hPGwxLkmh_HCFk4AIFVZB2Lf2Z6jKGPV1AadYKUvPbcOGwXdIqDp3Yy-UdJljmZUwwfXAnCJpV3Cr4YsT9R0yo7S00mE&google_hm=NjM4OTYwNzU5NTE3MDQyODIwMw%3D%3D
date
Mon, 11 Jul 2022 13:41:58 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMBlY81h5gQCU5MbPCHJTLs&google_cver=1&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQ...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMBlY81h5gQCU5MbPCHJTLs%26google_cver%3D1%26google_push%3DAehlK4Ao7Iv3K7cfIfW7Km...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1193109803054947163&exchange=193&google_gid=CAESEMBlY81h5gQCU5MbPCHJTLs&google_cver=1&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExOTMxMDk4MDMwNTQ5NDcxNjM&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExOTMxMDk4MDMwNTQ5NDcxNjM&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQF1AHXDSfU3eK8VGWFEOvTj1Fw_755n5WTNqVXrLf-rXgqTBPqEtiTuPlsVPhojtX
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTExOTMxMDk4MDMwNTQ5NDcxNjM&google_push=AehlK4Ao7Iv3K7cfIfW7Km3OlX6o5dULKVz4URVTEe9O91KFUWy-YS3Aott_6G0xK68GUaFbLjoUquVQF1AHXDSfU3eK8VGWFEOvTj1Fw_755n5WTNqVXrLf-rXgqTBPqEtiTuPlsVPhojtX
Date
Mon, 11 Jul 2022 13:41:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELYGLvw2rvtivYwTNAudXWc&google_cver=1&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkG...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELYGLvw2rvtivYwTNAudXWc&google_cver=1&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkG...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naW9ObXBCRTJ1RUpmdlE0ajRpUmRNU0E0OC5XZmMwM35B&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0Ja...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naW9ObXBCRTJ1RUpmdlE0ajRpUmRNU0E0OC5XZmMwM35B&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkGJFSkp72PgRiATcb9wxMlD2nofSFMigCtG73KUpzFtOUwdc7jBYeDicGQdGGgOTU5zfBU3d
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1naW9ObXBCRTJ1RUpmdlE0ajRpUmRNU0E0OC5XZmMwM35B&google_push=AehlK4D3BEFuAzqefjobDFDa1jFE7YdSGEFjV_LciTllapY8qc5tWT0JaOsYokSEvqN8lfhjkGJFSkp72PgRiATcb9wxMlD2nofSFMigCtG73KUpzFtOUwdc7jBYeDicGQdGGgOTU5zfBU3d
date
Mon, 11 Jul 2022 13:41:59 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame F6E2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ifm45QcR3k3ULYC4XZ4pmPXfgURl-FItY26NNDIClvtZMV1qM9TIhTFvPRWruceFvwuMtRGt0
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:58 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 85D1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:39:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
129764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 01:39:14 GMT
css
fonts.googleapis.com/ Frame 9A32 		721 B
373 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oxygen:wght@400;700&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff2c9a302dc1f3bcefe0605a7fe38a85e7c712e40bd960ca5e38f93d6d3c18ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 12:24:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 13:41:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 13:41:58 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
googbase_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:13 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9A32 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 06:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Jul 2022 06:32:22 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwdid.min.1.0.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdid.min.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1125
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b13e741205ab4bcc7f3295fede5490d55e9389e5331990284bb334ddade0a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1468
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/11856161459572530504/ Frame 9A32 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11856161459572530504/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:39:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Fri, 18 Mar 2022 13:49:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 11 Jul 2023 09:39:14 GMT
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 5B87 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:39:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
129764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 01:39:14 GMT
5f3500e7e4b08a6a3a8f374f
ng2.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng2.virgul.com/tck/imp/5f3500e7e4b08a6a3a8f374f?scm=240000&g=1&t=google_banner&sdr=https&tp=&r=153439@site_geneli@finanswebde:site_geneli&l=&info=&os=&mt=1657546915305&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:41:59 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=3062165373676821&bg=!9vWl9bHNAAaYcLjmuHA7ACkAdvg8WjG8NLHXomVEutpp0qg-hXIXKfPfNA2WXnfVXmoKBSdDRG6VAwIAAABpUgAAAAJoAQcKAO34YKjWMlSCKRDdRiq69EUOwu6awSSx5gIuZbXV4QJDvDFumUtvOy27oGLtCMIdhFc9SDnub4loh5IK4Kf1d0fn5d4_GgCL-tiYI2en4ElDwPJ4cy--8Ol0GdxPJxt065HgRGLLlKyjf719pyW67IDxwvqsneOoQmPPdbLFrfpkp6Ve0zYgQPalIzvcHb4iVWswR7hTSeNPvgNnTBScQVeOiuowh17D68eaJ1Wybanqnmd57d3DkGB_o75H4dik7qq1_DvKwhxKAl9PUoyvf34oo3xLZ54GJpsvlxGOY5hsEG0k64pKRjxjZ31DYG2ZApdeXdgCQ7ihUHYeVIB5shAqwQKv3acMieTrQEOeTRlz5rCJO1BTr-FYtc84pp32F2zCwiEJ8yYU-5cgDYP9sterC7Pnd00j4PMGL1PPUNrvDTnVmyJoKSJvu5v5DweCvcTNxlMpP5T4cWinPClxkHkfsVQ9FU_de-Ckzq8NJ_LETH0WHWBjcvGooowiungb8Hjv9HcV7Of-vLPjXDtsT97DrDaColx-UixqKQsVJX_l79h7bj3tx7K1A6h8rM1OiivXFz0RQYiAXP1hRvlmauRJ5iWWJkIwgLvqmaNZCGl-qpk-MS9OJZLS6Q2GY5XKXa46fFGo0WDLm4POjYbczOK7VdJeOptM1j25iL95rHAyCPtUOc3kt9gHAgTjmX9gLesZ0I0vytpgrNXHjnFVe0N5haPv-mrIY-9XfDoaPwzxAAKUev6h63BMst-93zhoV4ozBMBS7X5H9F7vvIbFuMJV4plrRZ_mi845SiD-vv9yBJf7L2VCgoXKQh88avh5p1lpG98y_rbjn10axj0agZ-hOfKY26OC1YzmkMmDvAxm9mbVYn1cEVJVFT8vdWKnJPkj7XlzudbZE7Lsci3iNubdkyfcmS9Eypp-v1Ec-JgksiG6UpthrgsAfrVWA-Ckfy5hgQHL-X6SzWTwN_pOXHSNK_IHhSAT17lKgImue75MQUfTIdW1rPK_ELAzwEGz-nFA0whyl9x5WXvHgxcO1cnE3Q9thiJ0fN3G45P98HFIRAOuTeTVjub_Gs1XYZswqojgM9ghF0lTmzNwgWTxx70lcc1vFRfQoKRzYwtiyGa1WT-oE9ubqD5AOtPeZb__yDD4fE6sRRGHFVS2rYuPjI3KiX7x6EUYJfQ_sFF-ZCexiCm7W4baRx0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ Frame 9A32 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 21:10:37 GMT
x-content-type-options
nosniff
age
577882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16348
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 21:10:37 GMT
970x250.html
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/ Frame 6557 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.html
Requested by
Host: am.contobox.com
URL: https://am.contobox.com/v3/frontend/creatives/getcode.js?ph_id=cbox_ph_2337164&zone_id=127256&nomraid=false&lid=%7B%22a%22%3A%22DBM%22%2C%22c%22%3A%2217375687515%22%2C%22e%22%3A%221%22%2C%22s%22%3A%22192392219329%22%2C%22d%22%3A%22%22%7D&sourceUrl=https%253A%252F%252Ffinanswebde.com%252Femtia%252Faltin&ifr=1&isSF=nosf&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCsbA0pijMYrm-BYyZoPMPg9Gl-AWOp9GQa6mF1ZqHEPCBka3TKRABIMCygmtgyYb_h_Cj7BLIAQmoAwGqBOoBT9A_hu5cTdn2CDmunrqmOCAyycGM83DWyyUDKRbqyY481gEE_gHa7Vfa00Ig_k7PJSgUO-kU8XfQXE5sTh1fZSDlivB5xRA70hxdx4SGy9H9Fufaji6OXR4ijFvwAinwCNJ2HyRakqcllgyAzVgVPEg0liFWo-ZPpE3NFtzauzIWp6zACZJAe_jaBHZC7w-1jUO4-EGcv26wcidoJOfqaNkiMS4KcTPuUAarpTqtgqVF_zLAGHIX1h5Ad4W-1OhhYRe4Wnwbrnzj4_c1oPyHCfB_6RL-q56u_ELZ4IgSQY36nKCI4LlWgQG3wAS2msDRjQTgBAOQBgGgBk2AB9y_mMcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA5gLAcgLAYAMAbAT55W8D9ATANgTCogUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24%2526sig%253DAOD64_3RhKB0V8yYRI1d8K2Ih6vL1-arHw%2526client%253Dca-pub-7983651257838282%2526dbm_c%253DAKAmf-BtLgFpjdPs_k8VN6MUsc1HTWLxoXybr_C3zVaakSGmTQ9DdMiA0OHZf6roMKgsQhqRFEMDB7IuYWFZjYfXdFONvBCMFB4Hak8fIxxWytlmvp42PzXeagFJuxFpmoXykdVyAEtm4VzI19UrB4Hrk6GwVMM_8w%2526dbm_d%253DAKAmf-Ao8BEedrTorD1NaJDn7iIa2kfEX3HzHzmRguuK5wmJKb10NoukunCcjrKkbJp5uRJuu8OuDEx31ojC8eSoBzi5nwGjVF0qQ7ttCame1zt3jgyfz2fsGIyGAFEE2ywnLmN1JvV8Ae1J-chImJvnDysPMTmmBa-NwKLLy-wwZ-n8x-7a44Dg1rd8ZfuO3s9AI6IUxkW8FhJzJThTWmVt1dXRdYqZU9vAovq1L_53RVHjbFjz9VTTBuUEEde5hSOZ8bDPR7GNRvFb7oshm_RHDg-YcZh1ET521dIhSVaw3iCq-wJdfaC9WDs5bI-N2I3yljSBL4bFVvWgoTPCmj8-61o8rkswh0mFd9KtTJFeLdfYuRQaXS0Rsk3XEsSk4afL8K-4vTDUVTLoBoiboDp-HLOX9GrjvwJCxmXB_zemBs_SEH73fieNLOB9Kibza-YIFC4bIm5t63O8ehh65A--6AmftqGyaFJwvSWfPpEVvDyGFYLRTQI%2526adurl%253D&fromurl=https%3A%2F%2F9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Ffinanswebde.com%2F&dyno_tag_params=%7B%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8c03bc576696be28c37930887598b9e4fb9597fb3660dcf12504248e0b017707

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
4384
Content-Type
text/html
Date
Mon, 11 Jul 2022 13:42:00 GMT
ETag
"257a1f58ad51f058006691c1c4f32b49"
Last-Modified
Thu, 21 Apr 2022 09:07:07 GMT
Server
AmazonS3
x-amz-id-2
XRjN0iMHjlBV+JFF6Nyhve1Xoz8jV3RT67pOrRUePdUZ08qikvAJo+AFeV0DMe2140YcgGV7QxM=
x-amz-request-id
D2PNT230W983EW3G
ITCAvantGardeStd-Bk.woff
am.contobox.com/cbdata/fonts/ITCAvantGardeStd/ Frame 12A9 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/cbdata/fonts/ITCAvantGardeStd/ITCAvantGardeStd-Bk.woff?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c819469813278fbc167f463ca207cddb2d28974196157b17c0e644a4cf549859

Request headers

Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
Origin
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 af5807423e63373c39657bd443d29550.cloudfront.net (CloudFront)
last-modified
Thu, 05 Mar 2020 19:12:51 GMT
server
AmazonS3
x-amz-cf-pop
ATL51-C1
etag
"56752380510ef8cd498e97adb083d398"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
29564
x-amz-cf-id
uO4bb1LoehXdQMMxbUodTWz0UoYMJJiRJEyFNAvRNMY4WxPFw5V8qg==
viewload.js
am.contobox.com/v3/frontend/creatives/ Frame 12A9 		87 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/frontend/creatives/viewload.js?ad_id=137014&campaign_id=17375687515&cookie_id=QwQhhyjfs9Ss&domain=finanswebde.com&dsp=DBM&event_type=impression&exchange_id=1&rd_iframe=iframe&ip_address=149.56.153.178&l_type=2&rule_id=25475&sid=76d89f3b4a714f98bbc6b968e2d1d718&site_id=192392219329&zone_id=127256&fromurl=https%3A%2F%2F9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&cboxid=137014&lid=a_DBM_!!_c_17375687515_!!_e_1_!!_s_192392219329&layout=desktop&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCsbA0pijMYrm-BYyZoPMPg9Gl-AWOp9GQa6mF1ZqHEPCBka3TKRABIMCygmtgyYb_h_Cj7BLIAQmoAwGqBOoBT9A_hu5cTdn2CDmunrqmOCAyycGM83DWyyUDKRbqyY481gEE_gHa7Vfa00Ig_k7PJSgUO-kU8XfQXE5sTh1fZSDlivB5xRA70hxdx4SGy9H9Fufaji6OXR4ijFvwAinwCNJ2HyRakqcllgyAzVgVPEg0liFWo-ZPpE3NFtzauzIWp6zACZJAe_jaBHZC7w-1jUO4-EGcv26wcidoJOfqaNkiMS4KcTPuUAarpTqtgqVF_zLAGHIX1h5Ad4W-1OhhYRe4Wnwbrnzj4_c1oPyHCfB_6RL-q56u_ELZ4IgSQY36nKCI4LlWgQG3wAS2msDRjQTgBAOQBgGgBk2AB9y_mMcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA5gLAcgLAYAMAbAT55W8D9ATANgTCogUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24%2526sig%253DAOD64_3RhKB0V8yYRI1d8K2Ih6vL1-arHw%2526client%253Dca-pub-7983651257838282%2526dbm_c%253DAKAmf-BtLgFpjdPs_k8VN6MUsc1HTWLxoXybr_C3zVaakSGmTQ9DdMiA0OHZf6roMKgsQhqRFEMDB7IuYWFZjYfXdFONvBCMFB4Hak8fIxxWytlmvp42PzXeagFJuxFpmoXykdVyAEtm4VzI19UrB4Hrk6GwVMM_8w%2526dbm_d%253DAKAmf-Ao8BEedrTorD1NaJDn7iIa2kfEX3HzHzmRguuK5wmJKb10NoukunCcjrKkbJp5uRJuu8OuDEx31ojC8eSoBzi5nwGjVF0qQ7ttCame1zt3jgyfz2fsGIyGAFEE2ywnLmN1JvV8Ae1J-chImJvnDysPMTmmBa-NwKLLy-wwZ-n8x-7a44Dg1rd8ZfuO3s9AI6IUxkW8FhJzJThTWmVt1dXRdYqZU9vAovq1L_53RVHjbFjz9VTTBuUEEde5hSOZ8bDPR7GNRvFb7oshm_RHDg-YcZh1ET521dIhSVaw3iCq-wJdfaC9WDs5bI-N2I3yljSBL4bFVvWgoTPCmj8-61o8rkswh0mFd9KtTJFeLdfYuRQaXS0Rsk3XEsSk4afL8K-4vTDUVTLoBoiboDp-HLOX9GrjvwJCxmXB_zemBs_SEH73fieNLOB9Kibza-YIFC4bIm5t63O8ehh65A--6AmftqGyaFJwvSWfPpEVvDyGFYLRTQI%2526adurl%253D&http_referrer=https%3A%2F%2F9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com%2F&ltype=2&resolution_width=1600&resolution_height=1200&env_type=iframe&position=above&ifr=1&iframe=yes
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
438db98ea37cf29579c0998d75bba2102e1c2779af550b0e39e93923e90aebc0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:59 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
ATL51-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-headers
Authorization,Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
87
x-amz-cf-id
piZJUbJLM8dn-XJMIVTlxDyq1KlwJM5_sL2EeSbxauOwf3liawSufA==
truncated
/ Frame 12A9 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
970x250_cta.png
cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/ Frame 12A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/970x250_cta.png?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
204ab7a437dbeefdcc721653cff54c182f3cbca19127df7737a9a426e8e42f60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 16:06:22 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 13:48:44 GMT
server
AmazonS3
age
77738
etag
"741170e0db45cba17a89aaab95536d16"
x-cache
Hit from cloudfront
x-amz-version-id
W5aOo8ePlVB1D1oufI1JhsjLFWUOoXSl
x-amz-cf-pop
ATL51-C1
accept-ranges
bytes
content-type
image/png
content-length
1615
x-amz-cf-id
aKMaNRilQCNKTJRf6N0FD9BIwk_E7hrbj6Xa2xZR_TvV2Xz-aRLvng==
970x250_logo.png
cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/ Frame 12A9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/970x250_logo.png?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1168a1dc381728630114f0ec6fff057f0fe9dc5da9117f4c8433a4c3f3b83f52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 16:06:22 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 13:48:45 GMT
server
AmazonS3
age
77738
etag
"f2ac21f8a099e0aa565612a91141c9b4"
x-cache
Hit from cloudfront
x-amz-version-id
Vm_AYvlICxEZwBtUlyBYr3lPjcnIkShw
x-amz-cf-pop
ATL51-C1
accept-ranges
bytes
content-type
image/png
content-length
6855
x-amz-cf-id
jJ649KMsuhoyWPQOBDNCktpXJoDddtAlteeCfhxEFuKi_f_wr9M0RA==
970x250_bg.png
cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/ Frame 12A9 		953 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/970x250_bg.png?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9664481ddfd7b49070c84a0a36eea1924443305a2c4a4d2fd3911a8a1df3002

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:47:12 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 13:48:44 GMT
server
AmazonS3
age
129288
etag
"e69f8dd5132ab01e6155dbf0f034ae84"
x-cache
Hit from cloudfront
x-amz-version-id
8U4dRl0UzzZ6v.eHLcwfPsBA6gJYFb5V
x-amz-cf-pop
ATL51-C1
accept-ranges
bytes
content-type
image/png
content-length
953
x-amz-cf-id
XYsX3NT9zm3aMvuXkNofnuNqdVlCXPi31Nln_o0Dns_FFTi97atT1w==
970x250_text_v1.png
cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/ Frame 12A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/970x250_text_v1.png?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ff30daedab1b3e0811cee697f521bebd7f08a77eca5ebd83f0910768bbffa43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 04:57:07 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 13:48:45 GMT
server
AmazonS3
age
31493
etag
"56e1150a593c9572deb8d72d8cf18e19"
x-cache
Hit from cloudfront
x-amz-version-id
i4DypeWWPKaLp7SPB.7oqgYY22kM9Z33
x-amz-cf-pop
ATL51-C1
accept-ranges
bytes
content-type
image/png
content-length
2612
x-amz-cf-id
aQyPqyIdKeW16JY5ZI44oM9YGG3iBp9ByOlV7pNPjblwHAVF8cmzmw==
970x250_image1_v1.jpg
cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/ Frame 12A9 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/970x250_image1_v1.jpg?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9463443c25d529a4d17e51acca3e56b8a17e4464035026dd0f696848bc218a01

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 21:14:27 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 13:48:44 GMT
server
AmazonS3
age
59253
etag
"16424386d4f0cdd49b43d56ae4b2b5ca"
x-cache
Hit from cloudfront
x-amz-version-id
U4LKT6X6G37HBU4zdQMzh4siNDi3bnN_
x-amz-cf-pop
ATL51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
48111
x-amz-cf-id
vl-YDTdoZTxDb7Er0jokOrlOX8v0wfhAqULwCLKx02p1pz3dvUKsPw==
970x250_image2_v1.jpg
cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/ Frame 12A9 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbmedia2.contobox.com/cbox_themes_v3/gaf_roofing_q2_2022/images/970x250_image2_v1.jpg?ac=1651525269
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb78fc1e999c09a38e858f909fa389c204c2e49e6b13afbfc0e354e09acb17c4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 21:14:27 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 13:48:45 GMT
server
AmazonS3
age
59253
etag
"a125a8c48dc84bba807a493d101d7d9d"
x-cache
Hit from cloudfront
x-amz-version-id
QnfqDnh1re_XP_ayGsDvU1indLh7fCxs
x-amz-cf-pop
ATL51-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
66047
x-amz-cf-id
0ttd4YF0ypg43nmUOegScXY1WZYUZzvvaRgKub0vTkbwwaadKxIWng==
view
googleads4.g.doubleclick.net/pcs/ Frame 744B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssaUtVZPnjoUsWKYnwVRekEh_3pg-5vomvxIRkZSE4DSqbDyiyKpIvy2t1mHnATLBqMJNkMDNYIj-eG3EgAbf7sziEzx9g8sn3VYxyN7dTneaQsmiy-DtMI2Xm0yYUrapYud_ItSvSfPRPPEIVlr41Gfuht-byGGLp0LjVF2osyvPyk9-_rW5fR6O51BxBiNKnMjRqSFQ5bth0zbPlERPTNaqu34jfM2RjV_-gUqk3rXrX0cegBGOEH3YE9k6DuWLuGMGGRuVJAJkdcKShNh3chGdYntx0rmPi01Nn3m6K_z-5vtm5Chwi3RJwNxowQRxwb2yZf1MpeSzAAoV1Ltx8qjKr1vO67sVsDj_oIuxAtJGm5m_VewpQRTtpmFGATmqEIb-QiSRUFvXeKQPZ2Gb_G004JuERbOlxKGyWmTY8PZOwtQ1tOXvYLp8RNd9dYbnI2O1tSfNR-E0nz5eKjWKkihfYxMGDZH53NA6N0QggsOmDwwU98u3CxqyDYwwptGivkwM2wGYrIb00WJQ0TTJHoSMUPW-re3I-85iSV_cCO_R1vtlzHuoFTt_hxs9hEyajdn3U6k_WwU-4BZIq3OQl6LYmR2o5IlVslpcaM8A7S0reXabTsDAbqaHpYPWRW9vpdBkMC32VH2-BMFJzbJo8iUT0_QSbxEgtxphi-vYX6i-LtOOIvfg3UvPtaAcmLlgJQ3f0fSVvJrWm0fX1BI8e5AsjlT8eqfikahwt5iRAEqFg7CJRNPJdGIo6YNhaZaXWWWLmGLa1P2zRG2hys80Wxen625tF4kv18wuyKiXtxtr4M6xTMKxdFwG5ggJcuXOvDrgGb7_ou6XhZqF61wre2V7lPT5NNNskkTKObEjtTJCkLTyXtShaeLm4ct_EaCV0AlaPj9nZF8n0WcdRFA0bofq71sFMN_J_LkZ9wasxlg4eRgk346tfRmF_AhC5jan3Jpus7wCKClwmejDCvlMesxCat5wY5bx7m5X1nkNniZI5h0-jSbZGl3RR6_2AzSnQMiOQt1PLS46rZGsZQ092dmT3OqqC_rCRG_8OLeYE8-wGZ_EIqnEx_9y7U8NhpHt00n__ZWpDvfFbgm-Qz9XlaFS4yw8_Q7S24qtTXS6r7mUbQolZ72f_jnuzUmR3dR0gDnIRiD_E92lSd-YCz1WXWePLhzzdyPPPqI7W49bh2XCWh7UtH-qRp3BsllBNG6fsEJxKJDnQHpJaRkiVf8hZREM07qQvx2643jOJ2w3wMsvtI4c&sai=AMfl-YTgdQ3kwlBaGcaHNGjbAdTOoPJLW8EneN07RL5f8ZOovyr2Rq_4-ENilNMrjOTvD-OoFQi2ItIcn89IoeK2L-J0eApN-Glh-fIZFBOGXJayGMmPxMeQQijjgV7l3YFyRMOnsyJTZEcVMRQJUBTnBb8x8OaJ-elFtuXiKIuU2jwlR0vCS7jjHxKKIvkc901skv27buo_rjpLgrNVxKHMngc2&sig=Cg0ArKJSzAudLW8Y7zE1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=569&vt=11&dtpt=426&dett=3&cstd=135&cisv=r20220707.62528&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:41:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9A32 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7573def4c6058422e96f9998b9e95d07ddcb2ede4330b273f57b137bae210280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5837
x-xss-protection
0
23929287_20220303063109354_Logo.svg
s0.2mdn.net/ads/richmedia/studio/23929287/ Frame 9A32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23929287/23929287_20220303063109354_Logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5e30983e240508587941ff5cd02b3427418c884c69c48587b9390eb4a2fd43e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1004
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 09:37:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Jul 2022 09:19:58 GMT
23929287_20220315074513530_Awareness4.jpeg
s0.2mdn.net/ads/richmedia/studio/23929287/ Frame 9A32 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23929287/23929287_20220315074513530_Awareness4.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b92736323542c51b714890a8146f18df9eb8e6b6b4feb31e0933339e25e3491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:37:31 GMT
x-content-type-options
nosniff
age
14668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1314467
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 14:45:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Jul 2022 09:37:31 GMT
970x250.css
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/ Frame 6557 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d83d34589d360c8e750c07791e4b920ca902c7bc748ef0990a986df211124834

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:07:06 GMT
Server
AmazonS3
x-amz-request-id
D2PVGXNANTVJDH1C
ETag
"c6727aeb8cab03436730472d711183be"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7780
x-amz-id-2
R8mwizL/hg9RsFK6FFqW9hgMrv5VM3hyQmcEmSgmmGCcxw+TVCVGJCf9vBVRdqvSro9hktRFi/o=
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9A32 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 11 Jul 2022 13:41:59 GMT
970x250_bg.png
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_bg.png
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
94a1fc1332185dc1630e817a59540c1374a2eccd4a3dc03f53e4d57955a7d9d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:23 GMT
Server
AmazonS3
x-amz-request-id
D2PNMR37PAC8RWCA
ETag
"010249bfe7f965524a28e20fd669a5e3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
794
x-amz-id-2
uCNFeceGPdfzR4nEAMdUicwQiw9bKyNv8AJMV1tVAL5aHCG/7visNYnz8p9O3onvD4fdGan5JHk=
970x250_image1.jpg
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_image1.jpg
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
93dfec65350e0dea92dfaa369dc0e29e33ac21445f5144d6ece37776bfa1de7d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:24 GMT
Server
AmazonS3
x-amz-request-id
D2PQM6SFBFJEMF8N
ETag
"b8af6f39d8d114dfa9a2c1626d2190a7"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
86621
x-amz-id-2
j5ppjPcImzG6w1bhzVXreMKoKMHJ6hijlOXNJfknizJeyJvUlvf5R51dHXjG3TT7wdyNCeOUm7Y=
970x250_image2.jpg
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_image2.jpg
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0d250e62106677c7efcbe429beb6798adb3331bad9f6cd94c1a398cf5708ee8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:25 GMT
Server
AmazonS3
x-amz-request-id
D2PJ1BMNMM3J7C0H
ETag
"4e127221eef6a71c4af61120d337e70e"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
75836
x-amz-id-2
61hrt/yQcMAtWOZGzDwnUFcwgSSI4utZ6guRZ+8nTg90rZLGI8ZP0fPOCHLrji3RWl85wjIJYkk=
970x250_product_logo.png
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_product_logo.png
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bdd0e8253ff76403a26501a1acac9e14a4adfb36aed71463a752f9791524a590

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:27 GMT
Server
AmazonS3
x-amz-request-id
D2PV7CNTRAVHYYRW
ETag
"2b3ba5d4d49cf4b17e7ab6735f1a19a6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4369
x-amz-id-2
p4vtFFqItSeLhJ+Pq3o8xdLIp8tcg5vxg46RJ8t8WzOGmp3DW5+v1lg/THfAbwa2t+ek/vFLaik=
970x250_logo.png
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_logo.png
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a986177a9e544078e4a8eea6fa7333dab5923daba8aedc4d986b18f9fa3a9ac8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:26 GMT
Server
AmazonS3
x-amz-request-id
D2PZQF7W9FJC69AH
ETag
"5e3ac41d3a7d6359a7d6b9e8b80a7882"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4385
x-amz-id-2
EK4DEfMr0nWkDDtz409gbHfAiPd7VWp0c0/qeXs8RkV9IlJOy8C303i+e7kbDF7J/zIVzYpT4VY=
970x250_text.png
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_text.png
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
da0076846712b460dc7f14f542f48c2608fdc0c85b938564dc06fede6de2f262

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:29 GMT
Server
AmazonS3
x-amz-request-id
D2PKXBGV5SC9FP5Z
ETag
"c99ea77a9af3f30d8e10fd8bf06f480a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2292
x-amz-id-2
v1K4mSD2Ley1M+FkFfJFYNKeZG95ep2PSZu+1lSNMiFmzF8ajTkogRCx8xmFDtlxO4adGU1ex10=
970x250_avai_at.png
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_avai_at.png
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
49360ebcccaa0891b08809593714b3d9c1ffefd3647fb529a40baa873ccaa8ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:22 GMT
Server
AmazonS3
x-amz-request-id
D2PZFZ0Z2Q69TS1Q
ETag
"a27cccc87c4558c5f2850be9bb8e272c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2240
x-amz-id-2
uTve+oLBOstwuS3htpP5Ie9B6sGTdp6RxOJD+suAkv1gx5QtYOV6N0L1maCMhxhjjDRVyNqxr3M=
970x250_cta.png
contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/ Frame 6557 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/images/970x250_cta.png
Requested by
Host: contobox-data.s3.amazonaws.com
URL: https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.171.249 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
943598fbb2e4c9e00098e2814c1b99e85ec1824e48fb0a9d003b684950966745

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contobox-data.s3.amazonaws.com/cbox_banners/gaf_q2_2022/hdz/970x250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Last-Modified
Thu, 21 Apr 2022 09:06:23 GMT
Server
AmazonS3
x-amz-request-id
D2PZDHJ0PW6ZBQ9W
ETag
"8dca631ccd29eebac1b67d6f3afbf51b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
930
x-amz-id-2
5EN1coN3lkko4ZMczWCaIcX3FVGX0ZiUkhwfYCASTw/78h8pnyBjvNaZtdOkGkcfZufzh+pihug=
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85D1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYIxLpijMYrysIcuToPMPnaut6AsAAAAAOAHgBAI&bg=!NDelN3PNAAaYcLjmuHA7ACkAdvg8Wj2kCzgXKiuXY4PbbG2HiG92OC-gBPAhT5vVLIROZ2lTvbKwLQIAAAFsUgAAAANoAQcKAHXB16NWElPuxdKnljCJ6bTvAGSSP_sSkU-2LmkbOD3DlgTSsQ_mVhIqjfX--SC15APlMMYknsIrbkjG7FqKIzsVu26oADiZ6nkU-pfp7FVFNiyIadZgal-V7zWDfDB_0Wh6o5CjHWqda4eTYxlaF47a4IOarIuZAukzllX0e1CG-7MKq15SakEW50eU4wxIeY6NuESu7dRk3Tra8s7kkLWi65PEopMlT8X9FWv_MigHZEMO1dzVin_wmJon8xRVCbO7VNSP7INDMxsfSPzqkhrkj9TzALcegTRwduxEqpEuxWGZ_N5n7yULrBmE9XnzW1tLxVOQTtKykV80dQadCRpMkFRRB16LfivBnRjja0VRuqgByzJCiQQFzqOSxJI9-IH9Vr53hLKeugaGisgnZqNigTMTGlhedp8eQE8upup44C7447eIpLfjhxAm1ImEXIhk9DR-Q4hrnhs7Y4EmG9Er3XnDjnUSFtnXiRnCBhqnNknys5zz-kOSLC9IeddleBP2o5WEKStMLzYu9IkLElYCurc47cEvX2jwFqZ0dfXA0MSPuEy3Uji-ikZIb48Hsr8TRbrINz3hNZcOcOt5spBkUoOp3BD5krC4NLTr72BzghwmYQSJAO3Q76D14iJufjNLDejybc1LAnc2__gzYNWPdMydAsFMals8Jb5FdcA7poOpg65SktJG30I05Vir7GIJfKhmRV4exo1NYh6yG_-j8PSTLC6Z7ZvKJfBDYnMkPuPoZ2SJNcv2KWIIc25l_c4uijDHDc_42znOfoZnaXIKApWgDLi3vlK0JoANhSQJjhNn68xNPVdJkAy7WGxYAxJG2YTFtNLRGsgsTAKc3n_rPVxjWJpRVXqALxvwXtKXHHWeLi25u5rdhi9Fifeg1R1kJYonCPSDwjRie5Dy2n6u4qJww4tryh2gPr3xlX3P-PgdAnvThBYOQ2gCMOca00W-dEGXb4UcbvZ2Sf5nI70ub0KCdvgz2rO9TxD33iCFUDxHW7dNLWhLThFTZyedytiQyLVe6u17UiMj2FSMqrhQiObgtu67mGoO_cYmwVQyH87UpdxapTrQegnzHs2Z9LbQAkY2DzY3BMoQt8ZTigf0ABYBpT9H9mkCN8FTkDkBEkHlBNBErcy6vW3CjrFybZfD
Requested by
Host: 9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
URL: https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B87 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg38qpijMYpXfH8GF_gSm6qDAAQAAAAA4AeAEAg&bg=!6Oul66_NAAaYcLjmuHA7ACkAdvg8WpaRYfp1WF9rM4zqGhK2eG90OUQ1LggstlwI0DlDNbBoUzTdugIAAAEoUgAAAANoAQeZAurPvpAtdhFQTSurnUpvPd_rm-BTw0xgW3L-HdYmVB9WrZyIBRDStFSM2G5bC8h1xpxJ8YkIiBozKgpCrM7VEWIEaj92kv6a6aqoL1-D_LbCsQa4qlZbdDerYE5Q68cogeYTIAVnpnsgK9jwrFAQ5P1RQOpyDpmDFfdVBb_yHz676pjXHNgyZdt0lQz6n25qwdQrUTZvvEDyYKSTJHapQAJWs7k1lEvgp90fcQBHR_PpwoS1_Sic33ssV6K8mse-isNYtaFj0xQS1RqolHfhrnY3KmTs8TdSV9VBoBPQHI5SBYno0ivpVW1PBuiPT3xgBv15ghFi6fuT6Bo2JDHOAnCH3Zk6WW-tvWTB0sCfR-fbw5X8HCmqwxSq0mY279yqMZW8gRX1JwoLDbB9eut2tWiJxladVKw11SC7la_ZWlaTp-biwVn_KQjaH4v-lncmtpKDuChbAcmFIITvQNfB0zqCW49HDZCv7IwyopY1hOUZuyUFMmK-NI2udAezo_fZ5Y5ftMmEoA-sL9h81UxQNNfqFAg5Qxc9yt_qsDFyK033F2ovuD-gAuzh6PzD_-SXkvQX9_-87l4M1zREkooaiJLqy_BT5sIPKy523QFh1_sPhBcbjxWYzupr9vPdnBDjhRr_01Tc7rItioZJz7ubHhVqEHOBNrLzTPvuNEYntnKKe1S599KXxnMuV3hA8u_etbx8OLP3KlyLtVvDHpKXPaj7uoX0AGg5sBiBnqb7dmZ2lGTnEmyr5-tSasoLgWEa3DJ4eXZv_tR2jPK63fcRciVOKvhZpiwqETQ8IBrg5wtoTZJwqCbGUm_aRmhoJuqTSiLDqvLp6JtDzOhzUg5nHnPYxiWwp6aG6a9EJrzhnLxxQBqNSJeTJlF5UdKALERsI2A7kO6zsY3UItc-GUXA_t_DEZSAMYyHqIkCl7UFb4SaVRF_xHfLwaIXXBgRtr6Boc69Omd4U0S4OB2MydwIpl1LZP6J868niJ4nTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
23929287_20220315074513530_Awareness4.jpeg
s0.2mdn.net/ads/richmedia/studio/23929287/ Frame 9A32 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23929287/23929287_20220315074513530_Awareness4.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b92736323542c51b714890a8146f18df9eb8e6b6b4feb31e0933339e25e3491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11856161459572530504/index.html?e=69&leftOffset=0&topOffset=0&c=tVgWo5T5s1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 09:37:31 GMT
x-content-type-options
nosniff
age
14668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1314467
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 14:45:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Jul 2022 09:37:31 GMT
truncated
/ Frame 9A32 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
pagead2.googlesyndication.com/bg/ Frame 9A03 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 10 Jul 2022 01:39:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
129765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Jul 2023 01:39:14 GMT
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame 36D3 		95 B
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/png
date
Mon, 11 Jul 2022 13:41:59 GMT
server
nginx/1.14.2
bridge3.520.0_tr.html
imasdk.googleapis.com/js/core/ Frame C99E 		632 KB
204 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.520.0_tr.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15b61724545edabc7b4c696a4dd73be21ba569681f394e2fc2c596f8331645cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
71004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209210
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Jul 2022 17:58:35 GMT
expires
Mon, 10 Jul 2023 17:58:35 GMT
last-modified
Wed, 29 Jun 2022 19:20:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Jul 2022 13:41:59 GMT
10487510
panel.izlesene.com/api/player/npm_finanswebde/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://panel.izlesene.com/api/player/npm_finanswebde/10487510
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.7.176.4 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
nginx/1.4.4 /
Resource Hash
acc769c1dee8b3abd469691e21661eacc7c20754c1ea5511765876e388bddda1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:00 GMT
Content-Encoding
gzip
Server
nginx/1.4.4
Age
0
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json
Via
1.1 varnish
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
X-Varnish
4240384645
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
643
Expires
Sat, 26 Jul 1997 05:00:00 GMT
favicon-32x32.png
finanswebde.com/static/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://finanswebde.com/static/img/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.122.228 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.122.201.195.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
f38ab134ffcf8f1521b461973c3db993098f7915161c5d79627d3fc4ee4056fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/emtia/altin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:41:59 GMT
Last-Modified
Sun, 15 Aug 2021 06:13:38 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"429-17b4871bbde"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1065
Expires
Tue, 11 Jul 2023 13:41:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F393 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssStJFR0Eg5Yup3Ufe81IhAJKZgofF3JSxc5Eeb7ELZ_nzkPvUaNCO7JzgzVhoLSmRtDX6l4pb0eL9OYTJOStuk2yVx84nQ2utfec7RHSYqUcY2c_IFK8fn-7_XiDrx&sai=AMfl-YTPXeDlcKhiz7iYO5XILOAF3mGYb2bGXxNAxr9CvIfxEHC0VzA5gUVtIhRtYGSOMXmwjDj7VfWUtULLmriun2DkQigYbAVvtbZBjd5lxTw2NrimmvrmjKkNABSj&sig=Cg0ArKJSzN-7T_bsS2n8EAE&cid=CAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24&id=lidar2&mcvt=1000&p=159,315,409,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1971925398&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657546918476&rpt=204&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 744B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAfGFWdDROOFuYiP0fZeJ14SRsNJu_nXvxxQnke0PIhvOzmo8yvI6M_IyXK1g9WQ7fK09Bvc4y_ZvMrN8rBwoyJwh9U2EDgGqTS_yLVSXc4eJr5QTFHIKTfCDQBRsIXBMVJNWr7LeARw&sai=AMfl-YTChLVTlOKmQs8JfPPsqYV6bgejBib43rqvQtw8lfFTrE5FWXDstxUsRlyDwKsW2qf1qwB3XcT5FhFmkpSGX8Z7T9My3-YoZctwzoX95N5iYNoheoLT2eS3rS3s&sig=Cg0ArKJSzKc4s6CCHuodEAE&cid=CAASJeRo--w7IHix1ZmU0PpZ2M36AG8BajdHPstsAUSFBWAH38GXmbo&id=lidar2&mcvt=1000&p=901,196,991,924&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=384010672&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657546918396&rpt=426&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:41:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5f8590cde4b081a63b5265de
ng.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/5f8590cde4b081a63b5265de?scm=https&g=1&t=cpc_annotation&sdr=240000&tp=&r=153492@site_geneli@finanswebde:site_geneli&l=&info=&os=&mt=1657546915305&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:41:59 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5f34da2ce4b08a6a3a8f36ff
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5f34da2ce4b08a6a3a8f36ff?l=&r=153435@site_geneli@finanswebde:site_geneli&cs=1657546920150&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:42:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5f3500e7e4b08a6a3a8f374f
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5f3500e7e4b08a6a3a8f374f?l=&r=153439@site_geneli@finanswebde:site_geneli&cs=1657546920151&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:42:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
5f8590cde4b081a63b5265de
ng.virgul.com/tck/i_vb2/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/i_vb2/5f8590cde4b081a63b5265de?l=&r=153492@site_geneli@finanswebde:site_geneli&cs=1657546920151&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:42:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
zoneview
ng.virgul.com/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1657546920209&v=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&r=153927:finanswebde&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.7822634148921432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:42:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
viewstart.js
am.contobox.com/v3/frontend/creatives/ Frame 12A9 		84 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://am.contobox.com/v3/frontend/creatives/viewstart.js?ad_id=137014&campaign_id=17375687515&cookie_id=QwQhhyjfs9Ss&domain=finanswebde.com&dsp=DBM&event_type=time-attention&exchange_id=1&rd_iframe=iframe&ip_address=149.56.153.178&l_type=2&rule_id=25475&sid=76d89f3b4a714f98bbc6b968e2d1d718&site_id=192392219329&zone_id=127256&fromurl=https%3A%2F%2F9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&cboxid=137014&lid=a_DBM_!!_c_17375687515_!!_e_1_!!_s_192392219329&layout=desktop&clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCsbA0pijMYrm-BYyZoPMPg9Gl-AWOp9GQa6mF1ZqHEPCBka3TKRABIMCygmtgyYb_h_Cj7BLIAQmoAwGqBOoBT9A_hu5cTdn2CDmunrqmOCAyycGM83DWyyUDKRbqyY481gEE_gHa7Vfa00Ig_k7PJSgUO-kU8XfQXE5sTh1fZSDlivB5xRA70hxdx4SGy9H9Fufaji6OXR4ijFvwAinwCNJ2HyRakqcllgyAzVgVPEg0liFWo-ZPpE3NFtzauzIWp6zACZJAe_jaBHZC7w-1jUO4-EGcv26wcidoJOfqaNkiMS4KcTPuUAarpTqtgqVF_zLAGHIX1h5Ad4W-1OhhYRe4Wnwbrnzj4_c1oPyHCfB_6RL-q56u_ELZ4IgSQY36nKCI4LlWgQG3wAS2msDRjQTgBAOQBgGgBk2AB9y_mMcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA5gLAcgLAYAMAbAT55W8D9ATANgTCogUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAASJeRoFfxfHkxtXkYiFBIgbKzN11MKBhqQJ0TkfNlUMGjIYRd3V24%2526sig%253DAOD64_3RhKB0V8yYRI1d8K2Ih6vL1-arHw%2526client%253Dca-pub-7983651257838282%2526dbm_c%253DAKAmf-BtLgFpjdPs_k8VN6MUsc1HTWLxoXybr_C3zVaakSGmTQ9DdMiA0OHZf6roMKgsQhqRFEMDB7IuYWFZjYfXdFONvBCMFB4Hak8fIxxWytlmvp42PzXeagFJuxFpmoXykdVyAEtm4VzI19UrB4Hrk6GwVMM_8w%2526dbm_d%253DAKAmf-Ao8BEedrTorD1NaJDn7iIa2kfEX3HzHzmRguuK5wmJKb10NoukunCcjrKkbJp5uRJuu8OuDEx31ojC8eSoBzi5nwGjVF0qQ7ttCame1zt3jgyfz2fsGIyGAFEE2ywnLmN1JvV8Ae1J-chImJvnDysPMTmmBa-NwKLLy-wwZ-n8x-7a44Dg1rd8ZfuO3s9AI6IUxkW8FhJzJThTWmVt1dXRdYqZU9vAovq1L_53RVHjbFjz9VTTBuUEEde5hSOZ8bDPR7GNRvFb7oshm_RHDg-YcZh1ET521dIhSVaw3iCq-wJdfaC9WDs5bI-N2I3yljSBL4bFVvWgoTPCmj8-61o8rkswh0mFd9KtTJFeLdfYuRQaXS0Rsk3XEsSk4afL8K-4vTDUVTLoBoiboDp-HLOX9GrjvwJCxmXB_zemBs_SEH73fieNLOB9Kibza-YIFC4bIm5t63O8ehh65A--6AmftqGyaFJwvSWfPpEVvDyGFYLRTQI%2526adurl%253D&http_referrer=https%3A%2F%2F9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com%2F&ltype=2&resolution_width=1600&resolution_height=1200&event_target=1&time_spent=0&event_action=inview&label=Time%20to%20completion%20(s)&event_component=Tab%3A%20banner&event_component_id=369320&event_component_order=0&tab_id=369320&tab_name=Tab%3A%20banner&event_label=Time%20to%20completion%20(s)&event_value=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-26.atl51.r.cloudfront.net
Software
fasthttp /
Resource Hash
bb3e18ab6e3d5ac17fa51a98a362e4f4582eaa33d0218a629bca0bb1fcd9054d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 232f5c3426d4feccb763368882e92f28.cloudfront.net (CloudFront)
server
fasthttp
x-amz-cf-pop
ATL51-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-headers
Authorization,Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
content-length
84
x-amz-cf-id
DoyQYT2noDAMKXnY7755YTr_GoIJ92mLtREAXfYOygIiZV5QL8ZsDg==
/
hde.tynt.com/deb/ Frame C466
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
7f75dde298670f0251b5c17b629516e3ebf5cbf5ac3bc54c83a56da9e7129053

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1521
content-type
text/html
date
Mon, 11 Jul 2022 13:42:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 11 Jul 2022 13:42:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=infoLoad&g=m&r=npm_finanswebde:13::10487510&o=0-100&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:01 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
usync.html
eus.rubiconproject.com/ Frame FB30
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:00 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Jul 2022 13:42:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
u.4dex.io/ Frame C466
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1657546920690.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=119247657947133
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=119247657947133
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=119247657947133
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C466
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=the33across&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968625780200756773&expires=30&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=2a4a299e-ac66-4131-8227-6fe993cf126f
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2a4a299e-ac66-4131-8227-6fe993cf126f&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2a4a299e-ac66-4131-8227-6fe993cf126f&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=2a4a299e-ac66-4131-8227-6fe993cf126f&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C466
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1657546920690.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=833a62cc-28a8-4400-9b6f-8592905e9c76
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=833a62cc-28a8-4400-9b6f-8592905e9c76
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 11 Jul 2022 13:42:00 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x51 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=833a62cc-28a8-4400-9b6f-8592905e9c76
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 11 Jul 2022 13:41:59 GMT
match
events-ssc.33across.com/ Frame C466
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-NaCAFoNE2uHvbPFXV7LeJDIKvWBxjI2q~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-NaCAFoNE2uHvbPFXV7LeJDIKvWBxjI2q%7EA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-NaCAFoNE2uHvbPFXV7LeJDIKvWBxjI2q%7EA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-NaCAFoNE2uHvbPFXV7LeJDIKvWBxjI2q%7EA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C466
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=70a922e7defe08ef&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAADLT1XaEAsGAMZ8C1lAAAAAAA&expiration=1657633320&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADLT1XaEAsGAMZ8C1lAAAAAAA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADLT1XaEAsGAMZ8C1lAAAAAAA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAADLT1XaEAsGAMZ8C1lAAAAAAA&ts=1657546920&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame C466
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1660138920%26external_user_id%3D8bf691ed-cd25-49cd-9719-a63df514c4e4
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660138920&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660138920&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1660138920&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=adDataLoad&g=m&r=npm_finanswebde:preroll:100&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:01 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
zoneview
ng.virgul.com/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/zoneview?c=&mt=1657546920767&v=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&r=153511:finanswebde&userId=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.11313000844100873
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:42:00 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
truncated
/ 		1016 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
10487510-480_2-170k.mp4
istr-n23.nktcdn.com/data/videos/10487/
Redirect Chain
  • https://istr.izlesene.com/data/videos/10487/10487510-480_2-170k.mp4?token=y8Nl9gx9jtzzrhvY9QJGPQ&ts=1657636920&playername=npm_finanswebde
  • https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=cMQZD-vQ_yf5bRfN3gHKWg&ts=1657633322
1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=cMQZD-vQ_yf5bRfN3gHKWg&ts=1657633322
Protocol
H2
Server
185.7.176.223 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:03 GMT
Content-Range
bytes 0-5715147/5715148
last-modified
Tue, 13 Oct 2020 09:26:52 GMT
server
openresty/1.15.8.3
Content-Length
5715148
content-type
video/mp4

Redirect headers

date
Mon, 11 Jul 2022 13:42:02 GMT
server
openresty/1.15.8.3
location
https://istr-n23.nktcdn.com/data/videos/10487/10487510-480_2-170k.mp4?playername=npm_finanswebde&token=cMQZD-vQ_yf5bRfN3gHKWg&ts=1657633322
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=0
content-length
151
expires
Mon, 11 Jul 2022 13:42:02 GMT
usync.js
eus.rubiconproject.com/ Frame FB30 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 17:17:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=82257
content-type
text/html; charset=UTF-8
content-length
9458
expires
Tue, 12 Jul 2022 12:32:57 GMT
match
events-ssc.33across.com/ Frame FB30
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L5GSMYYL-1A-6KSM
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L5GSMYYL-1A-6KSM
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5GSMYYL-1A-6KSM&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5GSMYYL-1A-6KSM&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:00 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L5GSMYYL-1A-6KSM&ts=1657546921&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
rid
match.adsrvr.org/track/ 		108 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
71b66d91bd6c55180e0bde3b2a624af687fc04c331a103773bc7ac05414472c2

Request headers

Referer
https://finanswebde.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://finanswebde.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 10 Aug 2022 13:42:01 GMT
pbjs
sync.quantumdex.io/usersync/ Frame 7DAC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
617c2753bae14028457cbe821066950c6011b7f950387cf99674205e8b087ba1

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7291f5c03b3dece6-YUL
content-encoding
gzip
content-type
text/html
date
Mon, 11 Jul 2022 13:42:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.60.4.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-4-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163664
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 13 Jul 2022 11:09:45 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8EF3 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:00 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E651 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13442375
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
fd73d75eb4dee51c435c9e09ff67a2813afc7743658da807104ada60eb810409

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
4888
Content-Type
text/html
Date
Mon, 11 Jul 2022 13:42:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 149F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid6.24.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
32593
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 11 Jul 2022 13:42:01 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 06 Jul 2022 04:38:38 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 91961
X-Served-By
cache-lga21941-LGA, cache-yul12826-YUL
X-Timer
S1657546921.015505,VS0,VE0
v1
ads.yahoo.com/cms/ Frame FB30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GSMYYL-1A-6KSM&sigv=1&esig=2~c3a91bb8f6a49f1f1041bbbc443399847f929780
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GSMYYL-1A-6KSM&sigv=1&esig=2~c3a91bb8f6a49f1f1041bbbc443399847f929780
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5GSMYYL-1A-6KSM&sigv=1&esig=2~c3a91bb8f6a49f1f1041bbbc443399847f929780
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FB30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzQyNjZiMWRjYzQzYjRlNzRiYzJiZWU0ZDc1YWRmZjUxYmI4NTFmNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzQyNjZiMWRjYzQzYjRlNzRiYzJiZWU0ZDc1YWRmZjUxYmI4NTFmNg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzQyNjZiMWRjYzQzYjRlNzRiYzJiZWU0ZDc1YWRmZjUxYmI4NTFmNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame FB30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GSMYYL-1A-6KSM
0
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GSMYYL-1A-6KSM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 45893978716A485780D30FB74DB959DE Ref B: YTO01EDGE0508 Ref C: 2022-07-11T13:42:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjh7dv0hm3gFf//T+axw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5GSMYYL-1A-6KSM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FB30
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHU01ZWUwtMUEtNktTTQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHU01ZWUwtMUEtNktTTQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVHU01ZWUwtMUEtNktTTQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
esync
token.rubiconproject.com/ Frame FB30
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FB30
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NZwlUhoYSRG92nBHwItd1w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NZwlUhoYSRG92nBHwItd1w
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NZwlUhoYSRG92nBHwItd1w
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q1KXAX4DFJJZHSW1J8K0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=NZwlUhoYSRG92nBHwItd1w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FB30
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oT8rDdaeRjWIV6JbTp6cNA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oT8rDdaeRjWIV6JbTp6cNA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oT8rDdaeRjWIV6JbTp6cNA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N7N3FM21PQ6TM497KHZ2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oT8rDdaeRjWIV6JbTp6cNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FB30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAzGUWNJCKG6lSI4r9ykSVE&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAzGUWNJCKG6lSI4r9ykSVE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAzGUWNJCKG6lSI4r9ykSVE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8EF3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 17:17:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=82256
content-type
text/html; charset=UTF-8
content-length
9458
expires
Tue, 12 Jul 2022 12:32:57 GMT
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=42aae90a-9e06-c990-57fe-c43e7eabc578
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=42aae90a-9e06-c990-57fe-c43e7eabc578
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c25da3ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=42aae90a-9e06-c990-57fe-c43e7eabc578
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=1ddfae83
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=1ddfae83
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c18cc2ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 f42ffbcae499c78a2420149a88d4dd98.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ATL52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=1ddfae83
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
dcyifXaVNF39HpiqZl8V9kLJdWx3FXvXQZECA52H4FFnaTQYjX0NEg==
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4359RdpE2uHJ8IR2KEfmRAtg3LUBEvcvvOx0HE0-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4359RdpE2uHJ8IR2KEfmRAtg3LUBEvcvvOx0HE0-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c12c5aece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4359RdpE2uHJ8IR2KEfmRAtg3LUBEvcvvOx0HE0-~A
date
Mon, 11 Jul 2022 13:42:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOky993OjHh7daGX2LF2I8Y27eNC13jnodnrn4JA
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOky993OjHh7daGX2LF2I8Y27eNC13jnodnrn4JA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c35e76ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOky993OjHh7daGX2LF2I8Y27eNC13jnodnrn4JA
date
Mon, 11 Jul 2022 13:42:01 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6194901517463905172
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6194901517463905172
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c0fc21ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
34c2a884-895b-4ac2-94a7-c1a50d3397ea
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6194901517463905172
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E9T1uBZH6n51xHEpQK-Jzp2M
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E9T1uBZH6n51xHEpQK-Jzp2M
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c1ace9ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 11 Jul 2022 13:42:01 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=E9T1uBZH6n51xHEpQK-Jzp2M
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d47c6f6-9f51-4597-bd80-fb4cffe6f47a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d47c6f6-9f51-4597-bd80-fb4cffe6f47a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c12c59ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d47c6f6-9f51-4597-bd80-fb4cffe6f47a
date
Mon, 11 Jul 2022 13:42:01 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=1a8d6075-da75-53c0-b5b6-58b7d77a701e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=1a8d6075-da75-53c0-b5b6-58b7d77a701e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c1dd0fece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=1a8d6075-da75-53c0-b5b6-58b7d77a701e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 7DAC
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3005485211454630000V10
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3005485211454630000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c1fd4cece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 11 Jul 2022 13:42:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3005485211454630000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Mon, 11 Jul 2022 13:42:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CF64 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.60.4.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-4-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163664
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 13 Jul 2022 11:09:45 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame D56A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689b2bf9329865e2b06c7d232924c1d12f7036b697df26d7615c8162c1dfbc53

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7291f5c0bbcf54bb-YYZ
content-encoding
br
content-type
text/html
date
Mon, 11 Jul 2022 13:42:01 GMT
dropped-udsids
241|39|230|73|57|18|5|218
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsyhf%2BQlsF8mAw4vLVlFpgMT2QOQEkphex1jgSTb6M6H6ItToEga99dzcAAzPHrocY0tf5Uzb9SxvHC4rqKK%2B4A3wC5P2Gt9Q7urLgW78t2bxg7FJBqVQjeTpumgChZjC0OsbZ%2BCqiS%2Bug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame A3D4 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 0DAD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:01 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Jul 2022 13:42:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
pbsync
usermatch.targeting.unrulymedia.com/ Frame 3BC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 11 Jul 2022 13:42:01 GMT
async_usersync
ib.adnxs.com/ Frame 149F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f0f536de-9ba6-4563-875d-94d4340c5d57
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 09F6 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82777650&p=159432&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
189021cbb7e9c2efc52e81e05517f10568600f26108c205e97fe3edb7a3c4684

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:41:59 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1657546921009&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=3A9F3ACFC9154E91B5311C1A60034D6F
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=3A9F3ACFC9154E91B5311C1A60034D6F
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 11 Jul 2022 13:42:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=3A9F3ACFC9154E91B5311C1A60034D6F
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 10 Jul 2022 13:42:01 GMT
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=Gib7Ry8m9zpbJtKqGnOh&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=Gib7Ry8m9zpbJtKqGnOh&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=Gib7Ry8m9zpbJtKqGnOh&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT, Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1657546921252
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2316654642
  • https://sync.1rx.io/usersync/tradedesk/8bf691ed-cd25-49cd-9719-a63df514c4e4
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc259a-ad73-4226-accf-e14e7c369d62-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-0afc259a-ad73-4226-accf-e14e7c369d62-005
  • https://ce.lijit.com/merge?pid=56&3pid=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=56&3pid=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
Date
Mon, 11 Jul 2022 13:42:01 GMT
Connection
keep-alive
Content-Type
text/html
ETag
RX0afc259aad734226accfe14e7c369d62005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=a941c98b-954d-4487-9ce7-5764e6939bfe&expires=1&user_group=5&ssp=fmx&bsw_param=2a4a299e-ac66-4131-8227-6fe993cf126f
  • https://ce.lijit.com/merge?pid=26&3pid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=
Date
Mon, 11 Jul 2022 13:42:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=UVZFvszzqWOq&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=UVZFvszzqWOq&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=UVZFvszzqWOq&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-57cd67f859-5qjwg
expires
-1
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame E651 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
reporting
ap.lijit.com/dsp/google/ Frame E651
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RTlUMXVCWkg2bjUxeEhFcFFLLUp6cDJN&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=3Jc0HNidNkbHkWVNj8N6G9vDYUzHkTZJ0sFfQOUK
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=3Jc0HNidNkbHkWVNj8N6G9vDYUzHkTZJ0sFfQOUK
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=3Jc0HNidNkbHkWVNj8N6G9vDYUzHkTZJ0sFfQOUK
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=968625780200756773
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=968625780200756773
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=968625780200756773
Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=6194901517463905172&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=6194901517463905172&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
80a25e39-d467-4228-97d8-29063a99819a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=6194901517463905172&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=E9T1uBZH6n51xHEpQK-Jzp2M&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:47cc0f51c742ab4c9a2fb927ebba91b9
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:47cc0f51c742ab4c9a2fb927ebba91b9
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 11 Jul 2022 13:42:01 GMT
server
Aorta/20220620.4208e54c
location
https://ce.lijit.com/merge?pid=84&3pid=c:47cc0f51c742ab4c9a2fb927ebba91b9
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
980d0a5ba699
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=ef103c13-2cc9-4763-9cdd-03bc83799410
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=ef103c13-2cc9-4763-9cdd-03bc83799410
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=ef103c13-2cc9-4763-9cdd-03bc83799410
date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D4cd1a7...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=16&3pid=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pixel
cm.g.doubleclick.net/ Frame E651
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RTlUMXVCWkg2bjUxeEhFcFFLLUp6cDJN&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RTlUMXVCWkg2bjUxeEhFcFFLLUp6cDJN&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 11 Jul 2022 13:42:01 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RTlUMXVCWkg2bjUxeEhFcFFLLUp6cDJN&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=L5GSMYYL-1A-6KSM&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=L5GSMYYL-1A-6KSM&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=L5GSMYYL-1A-6KSM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=E9T1uBZH6n51xHEpQK-Jzp2M&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 11 Jul 2022 13:42:00 GMT
epx.gif
px.owneriq.net/fr/ Frame E651
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/fr/epx.gif
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/fr/epx.gif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
23.217.162.245 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-162-245.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
max-age=253694
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 14 Jul 2022 12:10:15 GMT

Redirect headers

Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://px.owneriq.net/fr/epx.gif
Cache-Control
max-age=80983
Connection
keep-alive
Content-Type
text/html
Content-Length
154
merge
ce.lijit.com/ Frame E651
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=L5GSMYYL-1A-6KSM&gdpr=0
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=L5GSMYYL-1A-6KSM&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=L5GSMYYL-1A-6KSM&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
merge
ce.lijit.com/ Frame 96E4
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=7091436072324207667&gdpr=0&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=7091436072324207667&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 11 Jul 2022 13:42:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Mon, 11 Jul 2022 13:42:01 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=7091436072324207667&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 75C2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.60.4.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-4-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163664
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 13 Jul 2022 11:09:45 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EEC6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.60.4.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-4-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163664
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 13 Jul 2022 11:09:45 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame DEB3 		759 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13442375
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
2f57956555aa023f50567f16ea5000931a18e1cff7d8b1514ae3a53af345b6b8

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
469
content-type
text/html
date
Mon, 11 Jul 2022 13:42:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 0DAD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 17:17:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=82256
content-type
text/html; charset=UTF-8
content-length
9458
expires
Tue, 12 Jul 2022 12:32:57 GMT
dcm
s.amazon-adsystem.com/ Frame D56A 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YswopvRNebm77TagTrJF1QAAAeAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YQ6DMV1D7JC0WGHEPVDT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D56A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4&expiration=1660138921&gdpr=0&gdpr_consent=
43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4&expiration=1660138921&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7291f5c1ed3ca1fe-YYZ
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qranTNAUE7EEesULnMmn3HKgXwgNxFlYtVXUayvLuxsFR4e1rlAJv6q7DgRFw5AmNzjivomnwmAzJmCi5qGe2JCAUyixj5T2uwyQ2PTqa1GErVGsahL9kvVBkqtT8KQXNcdt7hQyAZDPWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bf691ed-cd25-49cd-9719-a63df514c4e4&expiration=1660138921&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame D56A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YswopvRNebm77TagTrJF1QAAAeAAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJFig9LjrDodgeOTj-1ZYE8&google_cver=1
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJFig9LjrDodgeOTj-1ZYE8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7291f5c22d2254bb-YYZ
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8eEvDkxCiAEDETNa3J6ZtGAnP9EtUiXQjUd69SRHvryR%2Fc4sEEg146XcvCsfuA37Jg3ehQgHLq%2BbuS7J0mo0d3u6JPPWMbakGuoitfY7j%2BR66dLtYNV95zteanRvRaHgcZTAiR0Oxo3pg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJFig9LjrDodgeOTj-1ZYE8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YswopvRNebm77TagTrJF1QAAAeAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D56A 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YswopvRNebm77TagTrJF1QAAAeAAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:90a3:294f:189a:c958 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame D56A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625780200756773
43 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625780200756773
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7291f5c20d6da1fe-YYZ
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sk5gJf8bY1l17F6tRXMCYgB0vJpt0rdVQaL0sA2arjnplucC%2FzJbmqX3jebDRGj4BREosqR4T1sOzEhRvIPMbnhnz16ueXu9LqcD52ioioDcn%2FFSJ68xPrKLDeJIMfeP7cDo31PjAVYOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625780200756773
Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame D56A
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673444521&external_user_id=2f0bd56f-b916-4612-bdb7-39f10a857788
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673444521&external_user_id=2f0bd56f-b916-4612-bdb7-39f10a857788
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7291f5c28e0aa1fe-YYZ
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nD2Rcnmln4fbKj5JdRwXJif1hDPjkV8qReoyr3wEFOdptzjfYFFAR5UY5cR3Sb2Bd5YQw8lRmqfArjChlGqOOV0q9puu6OyvEchZ%2F8xftWm8KY%2Bd09FV2YWRJb%2BdCMnRomDAyMVzfL9%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673444521&external_user_id=2f0bd56f-b916-4612-bdb7-39f10a857788
date
Mon, 11 Jul 2022 13:42:01 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
ix
ad4m.at/ad/sim/ Frame D56A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
demconf.jpg
dpm.demdex.net/ Frame D56A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YswopvRNebm77TagTrJF1QAA%26480?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YswopvRNebm77TagTrJF1QAA%26480
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YswopvRNebm77TagTrJF1QAA%26480
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v033-0cb5dc5be.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ijm8ORnOQhM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v033-04756ef44.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ShytSwxMSus=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YswopvRNebm77TagTrJF1QAA%26480
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
sync.quantumdex.io/ Frame D56A 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YswopvRNebm77TagTrJF1QAAAeAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7291f5c1dd12ece6-YUL
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame F588
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06
35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 11 Jul 2022 13:42:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 11 Jul 2022 13:42:01 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=33F3D6F8-BCC8-4348-BE15-968240180A06
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B33B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YswoqQAPhODTGgA2&gdpr=0&gdpr_consent=&_test=YswoqQAPhODTGgA2
1 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YswoqQAPhODTGgA2&gdpr=0&gdpr_consent=&_test=YswoqQAPhODTGgA2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 13:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 11 Jul 2022 13:42:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YswoqQAPhODTGgA2&gdpr=0&gdpr_consent=&_test=YswoqQAPhODTGgA2
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12831-YUL
x-timer
S1657546921.310781,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 8FC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 02:05:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 11 Jul 2022 13:42:01 GMT
Expires
Mon, 11 Jul 2022 13:42:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4475 c1dc35a master ord-pixel-x58 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:833a62cc-28a8-4400-9b6f-8592905e9c76&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A989
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEeHdFN0ZtRkVBQUE4b0ZnV3VuQQ&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABSJk7FmFEAABLfOoZ8lw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSJk7FmFEAABLfOoZ8lw
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSJk7FmFEAABLfOoZ8lw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABSJk7FmFEAABLfOoZ8lw
strict-transport-security
max-age=2592000; includeSubDomains
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=M_PW-LzIQ0i-FZaCQBgKBg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
23.60.4.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-4-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=163664
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 13 Jul 2022 11:09:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 09F6
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=33F3D6F8-BCC8-4348-BE15-968240180A06
  • https://pippio.com/api/sync?pid=5324&it=1&iv=06905393e18ff9a26a8b7d71ec1b7d9b30dd674cdfd434d3aabb037ee2254c30791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwNjkwNTM5M2UxOGZmOWEyNmE4YjdkNzFlYzFiN2Q5YjMwZGQ2NzRjZGZkNDM0ZDNhYWJiMDM3ZWUyMjU0YzMwNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwNjkwNTM5M2UxOGZmOWEyNmE4YjdkNzFlYzFiN2Q5YjMwZGQ2NzRjZGZkNDM0ZDNhYWJiMDM3ZWUyMjU0YzMwNzkxNDI2YjU0MTdkY2UyMRAAGgwIqdGwlgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=31a3d8d9-2693-44f9-ba93-71b09696f163
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=31a3d8d9-2693-44f9-ba93-71b09696f163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=31a3d8d9-2693-44f9-ba93-71b09696f163
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=833a62cc-28a8-4400-9b6f-8592905e9c76
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=833a62cc-28a8-4400-9b6f-8592905e9c76
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 11 Jul 2022 13:42:01 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=833a62cc-28a8-4400-9b6f-8592905e9c76
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 11 Jul 2022 13:42:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzNGM0Q2RjgtQkNDOC00MzQ4LUJFMTUtOTY4MjQwMTgwQTA2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMgb-eBsdTrY0XxPkFu1hPk&google_cver=1
42 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMgb-eBsdTrY0XxPkFu1hPk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMgb-eBsdTrY0XxPkFu1hPk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 11 Jul 2022 13:42:01 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 10 Jul 2022 13:42:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7236114210353484851&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7236114210353484851&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7236114210353484851&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8bf691ed-cd25-49cd-9719-a63df514c4e4
42 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8bf691ed-cd25-49cd-9719-a63df514c4e4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8bf691ed-cd25-49cd-9719-a63df514c4e4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
33F3D6F8-BCC8-4348-BE15-968240180A06
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 09F6 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/33F3D6F8-BCC8-4348-BE15-968240180A06?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:90a3:294f:189a:c958 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 09F6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=33F3D6F8-BCC8-4348-BE15-968240180A06&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rVSbS1pE2uUQ6QUmFMhzhzMc3pxdQwk-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rVSbS1pE2uUQ6QUmFMhzhzMc3pxdQwk-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rVSbS1pE2uUQ6QUmFMhzhzMc3pxdQwk-~A&gdpr=0&gdpr_consent=
date
Mon, 11 Jul 2022 13:42:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ss-pbs.quantumdex.io/ Frame 0DAD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression&khaos=L5GSMYYL-1A-6KSM
  • https://sync.quantumdex.io/setuid?bidder=rubicon&uid=L5GSMYYL-1A-6KSM
  • https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L5GSMYYL-1A-6KSM
86 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L5GSMYYL-1A-6KSM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
H2
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
7291f5c28dd0ece6-YUL
expires
0

Redirect headers

date
Mon, 11 Jul 2022 13:42:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
location
https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=L5GSMYYL-1A-6KSM
cf-ray
7291f5c20d55ece6-YUL
content-length
43
merge
ce.lijit.com/ Frame DEB3 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=81f83228-0113-44b4-9492-d8e43c7674a2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DEB3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=7452286992467268659&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7452286992467268659&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7452286992467268659&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame DEB3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YswoqQAPhgLTIAA2
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YswoqQAPhgLTIAA2&_test=YswoqQAPhgLTIAA2
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YswoqQAPhgLTIAA2&_test=YswoqQAPhgLTIAA2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657546921.314227,VS0,VE0
x-served-by
cache-yul12831-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YswoqQAPhgLTIAA2&_test=YswoqQAPhgLTIAA2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
79d18aac-7b0b-ecf0-e2f9-78b7bb9086b9
pr-bh.ybp.yahoo.com/sync/openx/ Frame DEB3 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/79d18aac-7b0b-ecf0-e2f9-78b7bb9086b9?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:90a3:294f:189a:c958 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame DEB3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=ed16ece8-eba7-7eb9-d32e-6e4244c74bf0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bf691ed-cd25-49cd-9719-a63df514c4e4&ttd_puid=ed16ece8-eba7-7eb9-d32e-6e4244c74bf0&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bf691ed-cd25-49cd-9719-a63df514c4e4&ttd_puid=ed16ece8-eba7-7eb9-d32e-6e4244c74bf0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bf691ed-cd25-49cd-9719-a63df514c4e4&ttd_puid=ed16ece8-eba7-7eb9-d32e-6e4244c74bf0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame DEB3 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzE3OTNmMjItMjJkMC0yMDFkLWM2Y2UtMzRmYjhlMjU4NTkw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DEB3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGGhYPbXbSLz4Y2QdbQBeVM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=6194901517463905172
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=6194901517463905172
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:01 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:01 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3e1dc814-71c1-47d8-99fa-265f7ec4f6b7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=6194901517463905172
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
buster.min.js
static.virgul.com/theme/mockups/adcode/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.virgul.com/theme/mockups/adcode/buster.min.js?t=11-7-2022
Requested by
Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19184
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
fe3299538ac2fd9918bb082f6e60411811c958bc1bd59a0dda68231e9836bf3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:02 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 19:47:00 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
async_usersync
ib.adnxs.com/ Frame 149F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:02 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0e880e76-3f85-41ab-8de4-aab32dc88840
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame DF21
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:02 GMT
etag
"402b2-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 11 Jul 2022 13:42:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame DF21 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:02 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 17:17:26 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=82255
content-type
text/html; charset=UTF-8
content-length
9458
expires
Tue, 12 Jul 2022 12:32:57 GMT
setuid
u.4dex.io/ Frame DF21
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=L5GSMYYL-1A-6KSM
  • https://u.4dex.io/setuid?bidder=rubicon&uid=L5GSMYYL-1A-6KSM
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=L5GSMYYL-1A-6KSM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:02 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=L5GSMYYL-1A-6KSM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 09F6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159432&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 06:03:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5109 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.60.4.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-60-4-197.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163662
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 13:42:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 13 Jul 2022 11:09:45 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 5109 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=765490&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b9016d4450b5defe27a58fcc7adfe684b16bef1874348f3b4a805f1927c4135d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:02 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
141
match.deepintent.com/usersync/ Frame 501C 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
usersync.aspx
widget.us.criteo.com/dis/ Frame E4BD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 13:42:03 GMT
expires
Mon, 11 Jul 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
655091
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0

Redirect headers

content-length
0
date
Mon, 11 Jul 2022 13:42:02 GMT
location
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server
Kestrel
server-processing-duration-in-ticks
279905
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 262A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3f5080b8-011f-11ed-8a48-7928c69fc35f
42 B
267 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3f5080b8-011f-11ed-8a48-7928c69fc35f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 11 Jul 2022 13:42:03 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=3f5080b8-011f-11ed-8a48-7928c69fc35f
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-2
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 3BCB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sPtn5R41RshEyzTAZGtoS5U4mbI
42 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sPtn5R41RshEyzTAZGtoS5U4mbI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 11 Jul 2022 13:42:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sPtn5R41RshEyzTAZGtoS5U4mbI
Pug
simage2.pubmatic.com/AdServer/ Frame C345
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005&rndcb=4716396657
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=2a4a299e-ac66-4131-8227-6fe993cf126f&google_hm=MmE0YTI5OWUtYWM2Ni00MTMxLTgyMjctNmZlOTkzY2Yx...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEIDxlcTd630idq92mDetg6c&google_cver=1&ssp=adconductor&bsw_param=2a4a299e-ac66-4131-8227-6fe993cf126f
  • https://sync.1rx.io/usersync/bidswitch/2a4a299e-ac66-4131-8227-6fe993cf126f?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-0afc259a-ad73-4226-accf-e14e7c369d62-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
42 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 11 Jul 2022 13:42:03 GMT
ETag
RX0afc259aad734226accfe14e7c369d62005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 31E1
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=805fc764-8f73-4e95-9f82-0f3fbf33c7b2&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=33F3D6F8-BCC8-4348-BE15-968240180A06
42 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.219.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-219-41.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Mon, 11 Jul 2022 13:42:03 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 11 Jul 2022 01:50:36 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=33F3D6F8-BCC8-4348-BE15-968240180A06
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 3EB7
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=679997214942
42 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=679997214942
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 05:00:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=679997214942
Pug
simage2.pubmatic.com/AdServer/ Frame 4ADA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZuvqWjKQ1OaTFN5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZuvqWjKQ1OaTFN5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 11 Jul 2022 13:42:03 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ZuvqWjKQ1OaTFN5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0c2c8268c6f69c4e1@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
a.tribalfusion.com/ Frame EFEA 		43 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7291f5cfed617138-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame C966
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7108333181862472954P
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7108333181862472954P
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=24453
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 11 Jul 2022 13:42:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7108333181862472954P
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame EFFD
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b957b40a-62f4-44a9-bb5f-7db7febc4d49-tuct9c5ae2b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b957b40a-62f4-44a9-bb5f-7db7febc4d49-tuct9c5ae2b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 11 Jul 2022 13:42:03 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12832-YUL
x-timer
S1657546924.600515,VS0,VE179

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 11 Jul 2022 13:42:03 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b957b40a-62f4-44a9-bb5f-7db7febc4d49-tuct9c5ae2b&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12829-YUL
x-timer
S1657546924.519690,VS0,VE20
x-vcl-time-ms
20
Pug
image2.pubmatic.com/AdServer/ Frame 95BB
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=R2AE12GeCIG9umgLrCjMYg
42 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=R2AE12GeCIG9umgLrCjMYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 11 Jul 2022 13:42:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 13:42:04 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=R2AE12GeCIG9umgLrCjMYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame B9BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.172.54.161.5.clients.your-server.de
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 11 Jul 2022 13:42:03 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame E469 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 11 Jul 2022 13:42:03 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-a6d5019e61b8@version_1.518v3
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF5
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 13:42:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7291f5d018434bca-YUL
content-length
0
date
Mon, 11 Jul 2022 13:42:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
cloudflare
Pug
image2.pubmatic.com/AdServer/ Frame FEE2
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=21ff4873-c3ff-45e2-8823-055a996590ea
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=21ff4873-c3ff-45e2-8823-055a996590ea
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 11 Jul 2022 13:42:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=21ff4873-c3ff-45e2-8823-055a996590ea
strict-transport-security
max-age=15724800; includeSubDomains
usersync
match.bnmla.com/ Frame 616B 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BBD3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 13:42:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Mon, 11 Jul 2022 13:42:03 GMT
expires
Sun, 10 Jul 2022 13:42:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A518C75AD8BD4C4691B88EDD6F63B837
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
setuid
u.4dex.io/ Frame 192F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 11 Jul 2022 13:42:03 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
33141
tags.bluekai.com/site/ Frame 5109
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=33F3D6F8-BCC8-4348-BE15-968240180A06
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9cc618793616bd9e/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=27b3192b52b861e5e228ea0e5bc9425d&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=8bf691ed-cd25-49cd-9719-a63df514c4e4&icm&gdpr=0&gdpr_consent=&cver
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=215b39d8d5b7f2180a89c51cdd897b24&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://pixel.onaudience.com/?partner=252&mapped=y-JfeDgDdE2pQky.cygrgNYVWAIaP7WIAdSA--~A&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=5d472fba4d9be7e2
62 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=5d472fba4d9be7e2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-195-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=5d472fba4d9be7e2
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=33F3D6F8-BCC8-4348-BE15-968240180A06&addseg=12,35,41
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=33F3D6F8-BCC8-4348-BE15-968240180A06&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 11 Jul 2022 13:42:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=33F3D6F8-BCC8-4348-BE15-968240180A06&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 5109
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=33F3D6F8-BCC8-4348-BE15-968240180A06&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=33F3D6F8-BCC8-4348-BE15-968240180A06&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=33F3D6F8-BCC8-4348-BE15-968240180A06&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:03 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:03 GMT
Frontend-ID
2
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=33F3D6F8-BCC8-4348-BE15-968240180A06&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 5109 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.120.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-120-127.atl51.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:03 GMT
via
1.1 58b9776352e2e025574a76c904f9c024.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
ATL51-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
4lwQBYocSc1YfeTd3XwZWK-b4SsDqe1BSbuhcPdAS8__VIesnKz9SQ==
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5109 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.38.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-38-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3f4b8054-011f-11ed-bf3e-6f7d5681965a&gdpr=0&gdpr_consent=
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3f4b8054-011f-11ed-bf3e-6f7d5681965a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3f4b8054-011f-11ed-bf3e-6f7d5681965a&gdpr=0&gdpr_consent=
Date
Mon, 11 Jul 2022 13:42:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
3f4b8055-011f-11ed-bf3e-6f7d5681965a
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=56b66a6069408f1&is_secure=true&networkId=17100&version=1&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADLOJkUyIcjwMj9KYQAAAAAAA&expiration=1657633323&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&...
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADLOJkUyIcjwMj9KYQAAAAAAA&expiration=1657633323&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADLOJkUyIcjwMj9KYQAAAAAAA&expiration=1657633323&nuid=33F3D6F8-BCC8-4348-BE15-968240180A06&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6194901517463905172&gdpr=0&gdpr_consent=
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6194901517463905172&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:03 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fc4cbb05-644f-42ef-84ab-ad41be6d6963
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6194901517463905172&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
42 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=2a4a299e-ac66-4131-8227-6fe993cf126f
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=2a4a299e-ac66-4131-8227-6fe993cf126f
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=5920572e-52ce-4898-be7b-d1f94c830691
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 11 Jul 2022 13:42:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 5109
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_F2D9DC0D_292AD50B&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
204.2.255.233 Fort Lauderdale, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-340533723; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:03 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-340533723; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 11 Jul 2022 13:42:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4187505635242364082
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4187505635242364082
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4187505635242364082
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B997DFDAAF
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B997DFDAAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 11 Jul 2022 13:42:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000B997DFDAAF
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6194901517463905172
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6194901517463905172
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 11 Jul 2022 13:42:03 GMT
X-Proxy-Origin
149.56.153.178; 149.56.153.178; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4a325d1-2c15-4d55-bf4e-4f832eb78648
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6194901517463905172
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5109
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3666fb0e-1f8a-4dfd-8568-910f852545f3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3666fb0e-1f8a-4dfd-8568-910f852545f3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3666fb0e-1f8a-4dfd-8568-910f852545f3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 11 Jul 2022 13:42:03 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=initBufferFull&g=h&r=npm_finanswebde:n:10487510&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:03 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=start&g=m&r=npm_finanswebde:n:13::10487510&o=vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf:44:2900-3000::&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:03 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=adRequest&g=m&r=npm_finanswebde:preroll&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:03 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
integrator.js
adservice.google.fr/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=finanswebde.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=finanswebde.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jul 2022 13:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ 		985 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
ads
pubads.g.doubleclick.net/gampad/ Frame C99E 		94 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21728129623%2C36563801%2Fweb_finanswebde_preroll&description_url=http%3A%2F%2Ffinanswebde.com&env=vp&correlator=2498180953626614&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x360&unviewed_position_start=1&cust_params=site%3Dfinanswebde%26env%3Dweb%26mt%3D1657546915305%26r%3D153511%40site_geneli%40finanswebde%3Asite_geneli%26info%3D%26targetCtr%3D0%26viewable%3D2%26site%3Dfinanswebde%26pid%3Dvnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf%26targetCr%3D0%26Mobile%3Dfalse%26env%3Dweb%26webmAd%3D1%26overlay%3D1%26rc%3D0%26datasave%3D0&sdkv=h.3.520.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1699890163&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.520.0&sid=965135F7-EC18-4B0B-A108-8C47DAAEADB5&nel=0&eid=44752711%2C44754420%2C44760950%2C44761692%2C44762904&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&dlt=1657546913748&idt=6061&dt=1657546923782&cookie=ID%3Df3555c9e15b848d1%3AT%3D1657546918%3AS%3DALNI_MbzQL2Q50dOZhw84TnoEdyR90Nt2A&scor=2978739278098578&ged=ve4_td10_tt4_pd10_la10000_er508.1055.661.1355_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_tr.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
c84222f7c430afe12c25da3c178c58d3c4967d78b44f4450293adbabe498caee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18660
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CF64 		529 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=56042944&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fc9dd7b47ae4590ebf5c8af090a37431907c7c460626b6a49bcd8546eab68642

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
529
content-type
text/html; charset=UTF-8
setuid
sync.quantumdex.io/ Frame 025D 		43 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7291f5d45853ece6-YUL
content-length
43
content-type
image/gif
date
Mon, 11 Jul 2022 13:42:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
io.narrative.io/ Frame CF64
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:33F3D6F8-BCC8-4348-BE15-968240180A06
  • https://io.narrative.io/?io.narrative.guid.v2=3fbb5910-011f-11ed-8084-0a02ecc458dd&companyId=673&id=pubmatic_id:33F3D6F8-BCC8-4348-BE15-968240180A06
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=3fbb5910-011f-11ed-8084-0a02ecc458dd&companyId=673&id=pubmatic_id:33F3D6F8-BCC8-4348-BE15-968240180A06
Protocol
HTTP/1.1
Server
3.227.107.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-107-207.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:04 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=3fbb5910-011f-11ed-8084-0a02ecc458dd&companyId=673&id=pubmatic_id:33F3D6F8-BCC8-4348-BE15-968240180A06
Date
Mon, 11 Jul 2022 13:42:04 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame CF64 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=33F3D6F8-BCC8-4348-BE15-968240180A06&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.37.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-37-99.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.44.70
content-type
image/gif
content-length
49
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame CF64 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.236.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-236-147.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:04 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 75C2 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53459544&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame EEC6 		47 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59924623&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
csi
csi.gstatic.com/ Frame C99E 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l5gsn0qa&c=7521003121647&slotId=3760501560823.5&qqid=CNaj4bz78PgCFUwDcQod-J8KQQ&gqid=qyjMYq3PMZ2sNbDns6AB&fb=ima_html5-lima&sdkv=h.3.520.0&mrd=10&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44752711%2C44754420%2C44760950%2C44761692%2C44762904&met.4=ghmsh_s.l5gsn474~ghmsh_s.l5gsn475&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=9Galhk6BkUjCPJP_
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_tr.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C99E 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6593523210010154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.520.0_tr.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:17:46 GMT
x-content-type-options
nosniff
age
1458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Jul 2022 14:07:46 GMT
EwR_egr98Ft99f60IRf85IeEjJkQm8EE-Dc0JnyKK-XNsG24doIKWF3pgqzAqMdO4TE91PznVg=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C99E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/EwR_egr98Ft99f60IRf85IeEjJkQm8EE-Dc0JnyKK-XNsG24doIKWF3pgqzAqMdO4TE91PznVg=s48-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e89b3c3134ebc05bb94be0f2c767c48b50053d06b5a7240df27cdc1136977799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:04 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="channels4_profile.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2220
x-xss-protection
0
expires
Tue, 12 Jul 2022 13:42:04 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQ68LqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBP4BT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8yKh_JHDyEohHSsurKtlth03LMxv076xdR2OafPpK4VqK6prxw1i69_C4Il9xU5jABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNpoJS2h0dHBzOi8vd3d3LnBhcmFtb3VudHBsdXMuY29tL3Nob3dzL3ZpZGVvL29kNUZiYzZYeGVtZFpsT3BmWHVpSUxKa2RabEVGdnhyL7EJXenW8ZAxb2qACgPICwHQCw_gCwG4DAHYEwLQFQGYFgH4FgGAFwE&sigh=TTYI6l0C6g4&label=show_ad&sdkv=h.3.520.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2ODA2MjA3MTQ5NjIMNjA4ODA1ODQ3NjM5QO8DUiMQDyUA4A1FKAE6C0o5Umd1SmlGYzhRQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C99E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CFv8vqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBPsBT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8kKnNYvNDTghl2HZguvWXFx9z-H1BDI9DTeeTUuKLT4nsX3NW1HSiSB4wDqXABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ4_iEB6gIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA8gLAcITBhiR3rvaA9gTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=QC0yN-X2kXw&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.520.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2ODA2MjA3MTQ5NjIMNjA4ODA1ODQ3NjM5QO8DUiMQDyUA4A1FKAE6C0o5Umd1SmlGYzhRQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 71E3 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 11 Jul 2022 13:42:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~l5gsn04m&c=7521003121647&slotId=3760501560823.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr2---sn-apaapm4g-apae.googlevideo.com/
Redirect Chain
  • https://rr1---sn-t0a7ln7d.googlevideo.com/videoplayback?expire=1657575724&ei=rCjMYs_kC9HOhwbY6Jr4DA&ip=149.56.153.178&id=27d460b8988573c4&itag=22&source=youtube&requiressl=yes&mh=-5&mm=31&mn=sn-t0a...
  • https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1657575724&ei=rCjMYs_kC9HOhwbY6Jr4DA&ip=149.56.153.178&id=27d460b8988573c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=ye...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1657575724&ei=rCjMYs_kC9HOhwbY6Jr4DA&ip=149.56.153.178&id=27d460b8988573c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=2270.911&lmt=1657328705493698&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAN2x-plRUqsfyxd6VIINUltgtjQS7r3tcitQAgUlWfeHAiB6ZqzYBHadENZCmrrUA15nT13JpAdXw-jh8E0Oa5MpVQ==&cpn=9Galhk6BkUjCPJP_&redirect_counter=1&rm=sn-t0al7e&req_id=8654050fb9d336e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=-5&mip=2607:5300:60:7867::6&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1657546643&mv=m&mvi=2&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALwG1dpkNHzfCe3l9RNbAaC_UV8f_KvriGuY-IKdGi9eAiA_FTNpRw74nUZKMWV-zyfwqzE0eb64ML-g4E1RieOZUQ%3D%3D
Protocol
HTTP/1.1
Server
2a00:ba61:0:126::d , France, ASN35625 (EURAFIBRE-AS, FR),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 11 Jul 2022 13:42:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 09 Jul 2022 01:05:05 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-119082478/119082479
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
119082479
Expires
Mon, 11 Jul 2022 13:42:04 GMT

Redirect headers

Date
Mon, 11 Jul 2022 13:42:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr2---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1657575724&ei=rCjMYs_kC9HOhwbY6Jr4DA&ip=149.56.153.178&id=27d460b8988573c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=2270.911&lmt=1657328705493698&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAN2x-plRUqsfyxd6VIINUltgtjQS7r3tcitQAgUlWfeHAiB6ZqzYBHadENZCmrrUA15nT13JpAdXw-jh8E0Oa5MpVQ==&cpn=9Galhk6BkUjCPJP_&redirect_counter=1&rm=sn-t0al7e&req_id=8654050fb9d336e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=-5&mip=2607:5300:60:7867::6&mm=31&mn=sn-apaapm4g-apae&ms=au&mt=1657546643&mv=m&mvi=2&pl=32&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALwG1dpkNHzfCe3l9RNbAaC_UV8f_KvriGuY-IKdGi9eAiA_FTNpRw74nUZKMWV-zyfwqzE0eb64ML-g4E1RieOZUQ%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Mon, 11 Jul 2022 13:42:04 GMT
merge
ce.lijit.com/ Frame 1BDB 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=33F3D6F8-BCC8-4348-BE15-968240180A06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 11 Jul 2022 13:42:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
setuid
u.4dex.io/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adagio&user_id=ebd1d762-e57b-4967-89e4-be3f547f5f96
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dadagio
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dadagio
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=9ecd3041-af2e-4db4-884d-e53342792098&ssp=adagio
  • https://u.4dex.io/setuid?bidder=bidswitch&uid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&us_privacy=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=bidswitch&uid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:04 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Location
//u.4dex.io/setuid?bidder=bidswitch&uid=2a4a299e-ac66-4131-8227-6fe993cf126f&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 11 Jul 2022 13:42:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQ68LqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBP4BT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8yKh_JHDyEohHSsurKtlth03LMxv076xdR2OafPpK4VqK6prxw1i69_C4Il9xU5jABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNpoJS2h0dHBzOi8vd3d3LnBhcmFtb3VudHBsdXMuY29tL3Nob3dzL3ZpZGVvL29kNUZiYzZYeGVtZFpsT3BmWHVpSUxKa2RabEVGdnhyL7EJXenW8ZAxb2qACgPICwHQCw_gCwG4DAHYEwLQFQGYFgH4FgGAFwE&sigh=TTYI6l0C6g4&label=video_ad_loaded&sdkv=h.3.520.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2ODA2MjA3MTQ5NjIMNjA4ODA1ODQ3NjM5QO8DUiMQDyUA4A1FKAE6C0o5Umd1SmlGYzhRQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame C99E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.520.0_tr.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 16:03:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 05 Jul 2023 16:03:52 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C99E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CFv8vqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBPsBT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8kKnNYvNDTghl2HZguvWXFx9z-H1BDI9DTeeTUuKLT4nsX3NW1HSiSB4wDqXABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ4_iEB6gIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA8gLAcITBhiR3rvaA9gTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi03OTgzNjUxMjU3ODM4MjgyGOrBbQ&sigh=QC0yN-X2kXw&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.520.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
B28094759.339917159;dc_pre=CLqtxL378PgCFQ0KDAod2ZYLwQ;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=54776349780021...
ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/ Frame C99E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/B28094759.339917159;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/B28094759.339917159;dc_pre=CLqtxL378PgCFQ0KDAod2ZYLwQ;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/B28094759.339917159;dc_pre=CLqtxL378PgCFQ0KDAod2ZYLwQ;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=5477634978002161174;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?
Protocol
H3
Server
142.250.81.230 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N485401.2805603GOOGLEPREFERRED-Y/B28094759.339917159;dc_pre=CLqtxL378PgCFQ0KDAod2ZYLwQ;dc_trk_aid=531934584;dc_trk_cid=173902328;ord=2067891852;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=5477634978002161174;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cw-cPqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBPsBT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8kKnNYvNDTghl2HZguvWXFx9z-H1BDI9DTeeTUuKLT4nsX3NW1HSiSB4wDqXABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA8gLAdgTAtAVAZgWAfgWAYAXAQ&sigh=GRWf-gzPUjc&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925367%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1657546924312&sdkv=h.3.520.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2ODA2MjA3MTQ5NjIMNjA4ODA1ODQ3NjM5QO8DUiYQDyUA4A1FKAE6C0o5Umd1SmlGYzhRQglnb29nbGVhZHNInAhQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGQBILCAO1x3pUYwCsO7zA-85loyPPgcC9bSv-bSP1h8pVy2zoXsTTgoJHfzzYtctzZICpV2Zw0bgmg0KcOZJMsin-QEcwYUHS4qdpKKGiLNQ8Xc0swKlkShsCr3WcUQ75oquuF0cmKrUCqt0ELAnt2NQaXh-oZs4oWZ95&sai=AMfl-YQTT0dZHNDL3zFy9zQfUQN9xIdh3UZ77EBBHZxKCjVs3J5gJ7RLKJ0FafSJ5-LfsFVhj6Rn3O8UsH9VTwNJ3qvnLRxJw8IT_5eFv8TOB62WNWak7Ye3M0m3y8DU&sig=Cg0ArKJSzC9U7Fwf4EEYEAE&cid=CAASJeRoZyH_IAC8SckBC1dKCblecQyv33CxdQ5Amv0V3cwcgo_HB4U&id=lidarv&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925368%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=5477634978002161174&acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925368%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5477634978002161174;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3...
ade.googlesyndication.com/ddm/activity_ext/ Frame C99E 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5477634978002161174;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D929%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925368%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cw-cPqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBPsBT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8kKnNYvNDTghl2HZguvWXFx9z-H1BDI9DTeeTUuKLT4nsX3NW1HSiSB4wDqXABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA8gLAdgTAtAVAZgWAfgWAYAXAQ&sigh=GRWf-gzPUjc&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925370%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312&sdkv=h.3.520.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2ODA2MjA3MTQ5NjIMNjA4ODA1ODQ3NjM5QO8DUiYQDyUA4A1FKAE6C0o5Umd1SmlGYzhRQglnb29nbGVhZHNInAhQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5477634978002161174;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame C99E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5477634978002161174;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D929%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925370%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C99E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cw-cPqyjMYpaiNMyGxAP4v6qIBLL83vJqyKWNmcQQ4-SDpa4kEAEg5rSCa2DJhv-H8KPsEqABkd672gPIAQXgAgCoAwGYBACqBPsBT9DX--Gij8xBOUJFJUFauxXyxeae0IgTpxayL_ZQrSarQdJc1QTnUcZOwUAnEkk2YfRX7DpBIYdCbtOU3JfqCF4R2h95g64AK8bhef_a9kss4j4re5hNNoJPWNjOch9tIb3hdECaEKLI6XVf3vQf1Ar49C6wrzoBpI5iIKmAx76a_g5WgE8z5Gra9jVeWsgrUunVvS-BYRRJqLlTQtC_j3P81wCw0IZ_Letma_6f-N5qKjyn38m0S4HD2eajxwShyhf2RCxzMrg7WGjpi4E8kKnNYvNDTghl2HZguvWXFx9z-H1BDI9DTeeTUuKLT4nsX3NW1HSiSB4wDqXABMHRyo37A-AEAaAGVIAH16HEJagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tODM4NTE1ODY3Mjc5MzMyNoAKA8gLAdgTAtAVAZgWAfgWAYAXAQ&sigh=GRWf-gzPUjc&cmd=Ch1jYS12aWRlby1wdWItNzk4MzY1MTI1NzgzODI4MhAAGAI&label=admute&ad_mt=0&acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos%3D0,0,0,0,0%26mcvt%3D15%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D15%26dfvs%3D15%26dvpt%3D15%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925377%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312&sdkv=h.3.520.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2ODA2MjA3MTQ5NjIMNjA4ODA1ODQ3NjM5QO8DUiYQDyUA4A1FKAE6C0o5Umd1SmlGYzhRQglnb29nbGVhZHNInAhQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=5477634978002161174;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos...
ade.googlesyndication.com/ddm/activity_ext/ Frame C99E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=5477634978002161174;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D929%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D508,1055,748,1482%26tos%3D15,0,0,0,0%26mtos%3D15,15,15,15,15%26amtos%3D0,0,0,0,0%26mcvt%3D15%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D15%26pst%3D-1%26dur%3D2270865%26vmtime%3D-1%26dvs%3D15%26dfvs%3D15%26dvpt%3D15%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4551%26femvt%3D0%26emc%3D7%26emuc%3D0%26emb%3D6,0,0,0,0%26avms%3Dexc%26qi%3D19640727%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1657546919016%26ptlt%3D1657546925377%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1657546924312?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5f859a0ee4b081a63b52661f
ng.virgul.com/tck/imp/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng.virgul.com/tck/imp/5f859a0ee4b081a63b52661f?pai=1&r=153511@site_geneli@finanswebde:site_geneli&info=10487510@50@50@13:30@@&t=linear:preroll:cl10o0&cs=1657546925382&v=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://finanswebde.com
date
Mon, 11 Jul 2022 13:42:05 GMT
access-control-allow-credentials
true
expires
Tue, 04 Jan 2022 10:49:40 GMT
server
openresty/1.15.8.3
content-length
0
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
count
logger.virgul.com/ 		0
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://logger.virgul.com/count?m=adStart&g=m&r=npm_finanswebde:preroll:4600-4700&o=&iv=&wVID=&info=10487510@50@50@13:30@@&os=windows&dt=desktop
Requested by
Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=7/11/2022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jul 2022 13:42:05 GMT
server
openresty/1.15.8.3
content-length
0
access-control-allow-methods
GET, POST
content-type
image/jpeg
setuid
u.4dex.io/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=6e7d3cb0-00ac-4087-bdf4-da023a64d0af
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=6e7d3cb0-00ac-4087-bdf4-da023a64d0af
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=6e7d3cb0-00ac-4087-bdf4-da023a64d0af
date
Mon, 11 Jul 2022 13:42:05 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame E0C9 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
8443
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 11:21:22 GMT
expires
Tue, 11 Jul 2023 11:21:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame E0C9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 02:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
40568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Jul 2023 02:25:57 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 5109 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
playback
s.youtube.com/api/stats/ Frame C99E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44752711%2C44754420%2C44760950%2C44761692%2C44762904&el=adunit&cpn=9Galhk6BkUjCPJP_&docid=J9RguJiFc8Q&visitordata=CgtsOGhCRUZSS3lPRQ%253D%253D&ver=2&cmt=0.205&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Ffinanswebde.com%2F&len=2270.865&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=103.0.5060.53&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.520.0&bgai=B-RTLqyjMYpaiNMyGxAP4v6qIBAAAAAA4AboFEwjt0N68-_D4AhUdVg0KHbDzDBQ&bg=!qKulq-_NAAaYcLjmuHA7ACkAdvg8WqSmZiR8E2jriyC6YhP7yU8UjvJStSQ9e48wzTgUXzpFMek8wQIAAACoUgAAAAJoAQcKAMwtkrxg6_7JH9tvYcCKnb0xGpIGtOTksFDbo_okA5aStUoG-hH1YpD50bbIIWqUm1M5VOSOHy6orvW-PUWvt693BspVojIZZDzYCgiFuvEldI7Zv0P7DpOmJUmSNaTenMvDqLk90fET4TPOlFIw8ZS4iqrpdjioN0-JXZnwxEgHXULpY_KED6-gLLfoA3E8tgP16OtuCNIQy6UYU9N5tKJj8wbYAWI-CXwDPNj0y-S9RxennXcjDefR6-KTXrx1qttZ2lToA9pGW4tEGMqZAkAtCVLd90ObQvob-x9ZGRc02N_3Qg1eyZ0rArZSXPEMraxOwMI6IVbCM4UuPpSsDqknHldTKsKqNbMK2JY45dPWjRYdTtEVmxiuCvwE2M_czamjvcc-n_yT1q-2hInMYGqW3YmIW_rkPamIBD52J1tL2nnDmr14AGMBO0Lj5K1WzsFKL29r8BQC99znqBXbj9yKaN0-6edYqcA3c6vZvYn5znziE4RK93stRzr791gXuQvPI7pvumXtPQspChqOmM6LxPxM989f6vwkX1qp4G6JbV1ifxFD1nraJ_SzMr-50xVeHpGF6l0zcD5kmZ-1w_kzwE-0HREpEtApDvcvOysJcIvJZ4AkOQp3P0J5d3woriyfW6IwgNCvIHVDKi9tUVYZ6rgD4wSQKTQOiOjjdpk4VaPdSO6eejGeit-qCXzMmnC44Z6ZBYESTi2-JZpYrE9BqKjI9Fz7gUCvyXGktba1xMiLyLrfaF8D581mfZdjgc5SwjU6SlA8M5Zl89sjVfh34_JnGdWc9n84izE3sbUTq88NgirhkTgs7vHuF6ZPPAH4BJ64GiXO6J08-BI1PTWMWndoQCC34odT01IiLGqSG8eBKbb9d1c1vWFoHXmaCLZb6wrrPxJi0vu8AudtNGKYHkYymYFO1F0jOCZUNPoKV2ltwdpEXXB21Ij4YHduCS6hUJffBVAJ6RDws36H2n4cZEo6CRuqM--cVViwWW7U26xVn3N1cnjGsHCAB3-4noqSWIhoBpqJ_wf1nrCmKe8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924247547/?random=1657546925799&cv=9&fst=1657546925799&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa760&sendb=1&ig=1&data=event%3Dsmall%3Bevent_category%3Dduration%3Bevent_label%3D10&frm=0&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tiba=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2aee39cfabeb4706c662f0ab7e6b5f0a696403a6889dbb54279bb6175d12273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1077
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1922024537&t=event&_s=2&dl=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&ul=en-us&de=UTF-8&dt=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=duration&ea=small&el=10&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=783307744.1657546914&tid=UA-49264185-15&_gid=1898217932.1657546914&gtm=2ou760&z=1250294894
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Jul 2022 22:16:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55540
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/924247547/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/924247547/?random=1657546925799&cv=9&fst=1657544400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa760&sendb=1&data=event%3Dsmall%3Bevent_category%3Dduration%3Bevent_label%3D10&frm=0&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tiba=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&async=1&fmt=3&is_vtc=1&random=1013269397&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/924247547/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/924247547/?random=1657546925799&cv=9&fst=1657544400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa760&sendb=1&data=event%3Dsmall%3Bevent_category%3Dduration%3Bevent_label%3D10&frm=0&url=https%3A%2F%2Ffinanswebde.com%2Femtia%2Faltin&tiba=Ons%20Yorum%20ve%20Analizi%20%5BFinansCepte%5D&async=1&fmt=3&is_vtc=1&random=1013269397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://finanswebde.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame CF64 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 13:42:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ssbsync.smartadserver.com/api/ Frame 0FBB 		511 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: finanswebde.com
URL: https://finanswebde.com/emtia/altin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
fefff9ab72f5b09396bc4b3e06968665a9fedfb31c45b77a0b561d4241f6fa85

Request headers

Referer
https://finanswebde.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
511
content-type
text/html
date
Mon, 11 Jul 2022 13:42:06 GMT
setuid
u.4dex.io/ Frame 0FBB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=6389607595170428203&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
genericusersync.ashx
sync.tidaltv.com/ Frame 0FBB 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 0FBB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=8bf691ed-cd25-49cd-9719-a63df514c4e4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
299
redir
rtb-csync.smartadserver.com/ Frame 0FBB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABSJk7FmFEAABLfOoZ8lw&gdpr=0
Date
Mon, 11 Jul 2022 13:42:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
rtb-csync.smartadserver.com/redir/ Frame 0FBB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=sjcN-rY9D6CpMVyr4WND_bVjWKqpMQ-vvGHwCo7T
43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=sjcN-rY9D6CpMVyr4WND_bVjWKqpMQ-vvGHwCo7T
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.204 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 11 Jul 2022 13:42:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=sjcN-rY9D6CpMVyr4WND_bVjWKqpMQ-vvGHwCo7T
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| noktaScript object| noktaad object| chunkedScripts object| google_tag_manager object| webpackJsonp object| FontAwesomeCdnConfig string| cssUrl object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| hdn boolean| useIntersectionObserver object| disabledRefreshZones boolean| showingPage string| virgulRedirect boolean| userTookAction string| virgulRefreshFunc boolean| pageHasAdBlock boolean| chSiFfoLoaded object| betterAds boolean| fullscreenAdStarted boolean| adProtectionLoaded object| virgulStopperTimer object| virgulInactiveTimer number| virgulReqInter object| adVis object| adMVis object| obsrvArr undefined| scrpts undefined| x undefined| srct undefined| getParameterByName undefined| prm function| showPageChk function| scrChange function| stopVirgulRefresh function| callInactiveAds object| firstTLDs object| secondTLDs boolean| usePrebidUser function| removeSubdomain object| noktaGSlts object| noktaGBckSlts object| noktaDfpSlots object| noktaCuSlts object| noktaDisabledGids object| nogrt boolean| ngcr boolean| hasCrite object| checkDomainsForCriteo object| noktaHeaderBidding object| virgulGoogleDisplayed object| googletag object| gads object| node object| newstyle string| noktaLogMode object| abdf string| nst function| makeNoktaInitialRequest function| addPrebidJs function| noktaFallbackAds function| isElVisible function| getElVisibility function| elVisibilityCheck function| loadPlayerAds function| requestPlayerZoneviews function| virgulUserClicked function| showVirgulSplash function| showVirgulFullscreen function| removePageskin function| displayPageskin function| checkAndSendViewabilityReq function| visibilityCheck function| adblockCheck function| skipAd function| closeRoadBlock function| addBuster function| loadVirgulBusterEvents string| eventMethod function| pageFallbackResponse object| empowerad function| checkEmpowerConsent function| refreshGoogle function| needVirgulRefresh function| displayGoogleAd object| pbjs object| PWT boolean| initAfterLoad number| noktaInitDelay undefined| noktaAutoCheckZones string| virgulNamespace string| noktaSite function| setUpAgknTag string| csr number| bchck object| comingAds boolean| empowerConsentLoaded object| apstag boolean| apstagLOADED object| __NEXT_P object| __core-js_shared__ object| __NEXT_DATA__ object| next object| __NEXT_REDUX_STORE__ object| pbjsChunk object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| _SOCKET object| virgulAdIntervals object| virgulPageAds function| setPgCode boolean| empowerEnableNovatiq object| noktaHeaderBiddingSettings boolean| virgulEnableSingleRequest function| getPPID boolean| sendGoogleRefreshStarted boolean| dfpCodePushed boolean| noktaScriptLoaded boolean| noktaPlayerLoaded object| noktaPlayer function| noktaPlayerApiLoadHandler function| closeAdVideo function| noktaPlayerReadyHandler string| mm function| Tapad boolean| pageskinstarted function| postDisplayPageskin function| removeNoktaPageskin function| noktaAdsResults function| addNoktaPageskin object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS function| playerAdEvent function| playerAdImpression object| noktaPlayerCollection function| parseNoktaPlayerContainer object| NoktaNpmPlayerApi object| _google_rum_ns_ number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| google_image_requests function| Hls function| NoktaPlayer function| EmpowerPlayer object| closure_lm_61799 object| closure_lm_337056 function| busterEvent function| getCookie object| jQuery

223 Cookies

Domain/Path Name / Value
finanswebde.com/socket.io Name: io
Value: j-taIQX-ykXVX-65AESH
.finanswebde.com/ Name: _ga
Value: GA1.2.783307744.1657546914
.finanswebde.com/ Name: _gid
Value: GA1.2.1898217932.1657546914
.finanswebde.com/ Name: _gat_gtag_UA_49264185_15
Value: 1
.finanswebde.com/ Name: _gcl_au
Value: 1.1.616232316.1657546914
finanswebde.com/ Name: uuid
Value: 183nxvrufj5l5gsmvh7_1657546912987
finanswebde.com/ Name: utoken
Value: 895bab99ba222dc3b556c58b305723bc
finanswebde.com/ Name: pId
Value: vnet1137539b-1a86-4cd3-a1b5-9bee5a17c5cf
finanswebde.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.finanswebde.com/ Name: _pubcid
Value: 8e8b5408-13bb-470a-a77d-a2ccb74655fa
.quantumdex.io/ Name: uid
Value: 591a9d3b-172e-4dcc-a502-e6a64fd92928
.lijit.com/ Name: ljt_reader
Value: E9T1uBZH6n51xHEpQK-Jzp2M
.rubiconproject.com/ Name: khaos
Value: L5GSMYYL-1A-6KSM
.doubleclick.net/ Name: IDE
Value: AHWqTUnSSBCmR7OCTk1_nZzU9q_mMVAyafIv2-iY3iCa-8Mc-VKa8iCAJk0MKgIQLuo
.finanswebde.com/ Name: __gads
Value: ID=f3555c9e15b848d1:T=1657546918:S=ALNI_MbzQL2Q50dOZhw84TnoEdyR90Nt2A
.finanswebde.com/ Name: __gpi
Value: UID=00000642d7788b23:T=1657546918:RT=1657546918:S=ALNI_MZY1mq6ArDVYcqbIVjlWF0MYUccXQ
.casalemedia.com/ Name: CMID
Value: YswopvRNebm77TagTrJF1QAA
.casalemedia.com/ Name: CMPS
Value: 480
.casalemedia.com/ Name: CMPRO
Value: 480
.adnxs.com/ Name: uuid2
Value: 6194901517463905172
.openx.net/ Name: i
Value: 3ebad3b1-4220-414e-89f8-a6aa20e0780d|1657546918
.teads.tv/ Name: tt_viewer
Value: 032119a1-e914-466c-8453-9c25c5a11ba7
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>6iHMm*!]tbPl1M>e)ZlrFUfJ+tGXxo]CH-1UMsBt@_DB/[Eyo)2Y9I0.aaTQ2+qFq63If)y3KL9D3I?+FBWc=A
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 27b3192b52b861e5e228ea0e5bc9425d
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDJPMja0NEoyNUqyMDNMNU01MrJITTRINU1KtjQxMk1hAIKkMxrLQDQE8Dx58VGXcWURw39GRoa%2Bt5u0YOxNfwphzGeL57DA2OeOHmKGsb9vnAIX373vsgBM%2FDCS%2BtXrn3LDxCefUIcx3y1BGNmLEAYAMZM%2BDg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIOqOxDEhBACMDZ%2FBFIBMAK9gDKw%3D%3D"
.sharethrough.com/ Name: stx_user_id
Value: 1d47c6f6-9f51-4597-bd80-fb4cffe6f47a
.adingo.jp/ Name: ID
Value: aeb3cc2c800fefeb2c2bc5f85f4007f7
.owneriq.net/ Name: si
Value: Q7108333181862472954P
.owneriq.net/ Name: gguuid
Value: 1
.inmobi.com/ Name: idsp_c
Value: 21ff4873-c3ff-45e2-8823-055a996590ea
.yahoo.com/ Name: A3
Value: d=AQABBKYozGICECtP1hUAi-OecibDoDjNZ5UFEgEBAQF6zWLWYgAAAAAA_eMAAA&S=AQAAAr3uOg4ZkBMZjoS0QGtDph8
.mfadsrvr.com/ Name: tuuid
Value: ef103c13-2cc9-4763-9cdd-03bc83799410
.mfadsrvr.com/ Name: c
Value: 1657546918
.contobox.com/ Name: ContoboxGetCode
Value: QwQhhyjfs9Ss
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 33F3D6F8-BCC8-4348-BE15-968240180A06
.smartadserver.com/ Name: pid
Value: 6389607595170428203
.adkernel.com/ Name: ADKUID
Value: A692093370687054872
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A1193109803054947163
.torchad.com/ Name: ADK_EX_309
Value: 1
.torchad.com/ Name: ADKUID
Value: A692093370687054872
cs.chocolateplatform.com/ Name: choco_cookie
Value: cp-76c4e671c3444fff652526e56595541b
.mfadsrvr.com/ Name: tuuid_lu
Value: 1657546919
.uuidksinc.net/ Name: jcsuuid
Value: 4RNGPEVGw269Lr8NoIKT
finanswebde.com/ Name: watchID
Value: 37a13e08-dbf5-4423-bf8b-3cd32003fd5c
finanswebde.com/ Name: userID
Value: 51a582b7-78bb-47c5-afd9-a83393a12bc7
.33across.com/ Name: 33x_ps
Value: u%3D119247657947133%3As1%3D1657546920495%3Ats%3D1657546920495
.tynt.com/ Name: uid
Value: YNMEMmLMKKiH32E4TLLa5w==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1657546920690%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1657546920690%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1657546920690%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1657546920690%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1657546920690%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1657546920690%7D%5D
.adsrvr.org/ Name: TDID
Value: 8bf691ed-cd25-49cd-9719-a63df514c4e4
.bidswitch.net/ Name: tuuid
Value: 2a4a299e-ac66-4131-8227-6fe993cf126f
.bidswitch.net/ Name: c
Value: 1657546920
.bidswitch.net/ Name: tuuid_lu
Value: 1657546920
.mathtag.com/ Name: uuid
Value: 833a62cc-28a8-4400-9b6f-8592905e9c76
finanswebde.com/ Name: -unifiedid
Value: %7B%22TDID%22%3A%228bf691ed-cd25-49cd-9719-a63df514c4e4%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-06-11T13%3A42%3A01%22%7D
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjSzMDMyNbcwMDIwMDc1Mzc3FuIz1HXPcfZwL3N3tkgvMgYAzf-l1SQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjSzMDMyNbcwMDIwMDc1Mzc3FuIz1HXPcfZwL3N3tkgvMgYAzf-l1SQAAAA
.rlcdn.com/ Name: rlas3
Value: sRBeEVy2qmKOGwJsE3H8ydjGk28x1tSijWpriQn9YA0=
.lijit.com/ Name: ljtrtbexp
Value: eJxd0DsSgEAIA9C7bG1hWCHg1Rzv7q%2BRlG%2FJhB2OgbEjnDHnNCzDXiY9%2FOHsJLqxdm%2BSh9QxPsPBx1XFvv9%2BSemI7tSdJXP5Q25iF2s%2Fu036XPOy3745vVa8%2Bew2%2Fm9wXmRfTA4%3D
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 1a8d6075-da75-53c0-b5b6-58b7d77a701e
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMST
Value: YswoqWLMKKkA
.casalemedia.com/ Name: CMRUM3
Value: 4962cc28a905a0&0562cc28a905a00&2762cc28a90b40&e662cc28a92760&f162cc28a905a0&da62cc28a92760&3962cc28a905a0&1262cc28a905a0&2d62cc28a605a0CAESEIjt0ZAEZpP56LCYtBUTpQI
.smaato.net/ Name: SCM
Value: 1ddfae83
.smaato.net/ Name: SCMp
Value: 1ddfae83
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1657546921!google,1657546919
.betweendigital.com/ Name: ut
Value: YswoqQAC3mDATmY118hDJ_32EJHb4du9w1YLEg==
.openx.net/ Name: pd
Value: v2|1657546921|vMgahEkWgyiK
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0f20bd45-055d-48d0-89c3-6d216e96b32e"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2661:u=1:x=1:i=1657546921:t=1657633321:v=2:sig=AQHU3TA9kaCmCei5Dccp4PRnSdrNsCLN"
.media.net/ Name: visitor-id
Value: 3005485211454630000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADvEyGtoZmpuamJmaWRoaG7wC5lvZGq8igWJb2BsCQDpgCnwMAAAAA
.contextweb.com/ Name: V
Value: UVZFvszzqWOq
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ew8|7dW.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e587012b4c550649
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~25yd:190u~25yd:192w~25yd:18z8~25yd"
.quantserve.com/ Name: mc
Value: 62cc28a9-422ef-d1f63-4a68d
.rlcdn.com/ Name: pxrc
Value: CKnRsJYGEgUI6EcQABIGCJC8KxAA
.simpli.fi/ Name: suid
Value: A518C75AD8BD4C4691B88EDD6F63B837
.adform.net/ Name: C
Value: 1
.bidr.io/ Name: bitoIsSecure
Value: ok
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YswoqQAPhgLTIAA2
.adform.net/ Name: uid
Value: 4187505635242364082
.disqus.com/ Name: zeta-ssp-user-id
Value: 42aae90a-9e06-c990-57fe-c43e7eabc578
.bidr.io/ Name: bito
Value: AABSJk7FmFEAABLfOoZ8lw
.company-target.com/ Name: tuuid
Value: 2f0bd56f-b916-4612-bdb7-39f10a857788
.company-target.com/ Name: tuuid_lu
Value: 1657546921
.openx.net/ Name: univ_id
Value: 537072971|8bf691ed-cd25-49cd-9719-a63df514c4e4|1657546921327813
.pippio.com/ Name: did
Value: 5-_wxuxyz5nZst7N
.pippio.com/ Name: didts
Value: 1657546921
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMgb-eBsdTrY0XxPkFu1hPk&KRTB&22987-CAESEMgb-eBsdTrY0XxPkFu1hPk&KRTB&23025-CAESEMgb-eBsdTrY0XxPkFu1hPk&KRTB&23386-CAESEMgb-eBsdTrY0XxPkFu1hPk
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:A518C75AD8BD4C4691B88EDD6F63B837
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.quantumdex.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMNUdTTVlZTC0xQS02S1NNIiwiZXhwaXJlcyI6IjIwMjItMDctMjVUMTM6NDI6MDEuMzg5MDY4WiJ9fSwiYmRheSI6IjIwMjItMDctMTFUMTM6NDI6MDEuMzg5MDNaIn0=
.turn.com/ Name: uid
Value: 7091436072324207667
.casalemedia.com/ Name: CMTS
Value: 096
.creativecdn.com/ Name: u
Value: Gib7Ry8m9zpbJtKqGnOh
.creativecdn.com/ Name: ts
Value: 1657546921
.technoratimedia.com/ Name: tads_uid
Value: D043410C87734F828FE9851467175A02
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220711094201-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: tads_uidp_73
Value: AABSJk7FmFEAABLfOoZ8lw
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0afc259a-ad73-4226-accf-e14e7c369d62-005%22%7D
.id5-sync.com/ Name: id5
Value: 54c81a20-eb31-4fe5-84ff-0595ee165ea1#1657546921328#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.pippio.com/ Name: pxrc
Value: CKnRsJYGEgQIAhAAEgYI7OsBEAA=
.lijit.com/ Name: _ljtrtb_1
Value: 7091436072324207667
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABSJk7FmFEAABLfOoZ8lw
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:833a62cc-28a8-4400-9b6f-8592905e9c76&KRTB&16736-uid:833a62cc-28a8-4400-9b6f-8592905e9c76&KRTB&23019-uid:833a62cc-28a8-4400-9b6f-8592905e9c76&KRTB&23208-uid:833a62cc-28a8-4400-9b6f-8592905e9c76
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YswoqQAPhODTGgA2&KRTB&22978-YswoqQAPhODTGgA2&KRTB&23194-YswoqQAPhODTGgA2&KRTB&23209-YswoqQAPhODTGgA2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-8bf691ed-cd25-49cd-9719-a63df514c4e4&KRTB&22918-8bf691ed-cd25-49cd-9719-a63df514c4e4&KRTB&22926-8bf691ed-cd25-49cd-9719-a63df514c4e4&KRTB&23031-8bf691ed-cd25-49cd-9719-a63df514c4e4
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7236114210353484851&KRTB&23150-7236114210353484851
.lijit.com/ Name: _ljtrtb_10
Value: 968625780200756773
.lijit.com/ Name: _ljtrtb_87
Value: ef103c13-2cc9-4763-9cdd-03bc83799410
.demdex.net/ Name: demdex
Value: 21586354596142298852101152281283851328
.nrich.ai/ Name: _nauid
Value: a941c98b-954d-4487-9ce7-5764e6939bfe
.lijit.com/ Name: _ljtrtb_76
Value: 81f83228-0113-44b4-9492-d8e43c7674a2
.linksynergy.com/ Name: rmuid
Value: 31a3d8d9-2693-44f9-ba93-71b09696f163
.linksynergy.com/ Name: icts
Value: 2022-07-11T13:42:01Z
.lijit.com/ Name: _ljtrtb_49
Value: UVZFvszzqWOq
.lijit.com/ Name: _ljtrtb_43
Value: 3Jc0HNidNkbHkWVNj8N6G9vDYUzHkTZJ0sFfQOUK
.lijit.com/ Name: _ljtrtb_2
Value: 3A9F3ACFC9154E91B5311C1A60034D6F
.amazon-adsystem.com/ Name: ad-id
Value: A-Xhgt-cdEOCtRo7XEtU4nQ
.lijit.com/ Name: _ljtrtb_85
Value: AABSJk7FmFEAABLfOoZ8lw
.lijit.com/ Name: _ljtrtb_56
Value: RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
.dpm.demdex.net/ Name: dpm
Value: 21586354596142298852101152281283851328
.lijit.com/ Name: _ljtrtb_86
Value: Gib7Ry8m9zpbJtKqGnOh
.lijit.com/ Name: _ljtrtb_27
Value: 8bf691ed-cd25-49cd-9719-a63df514c4e4
.sitescout.com/ Name: ssi
Value: 4cd1a787-5340-4401-8d2a-40627adea6a8#1657546921689
.lijit.com/ Name: _ljtrtb_12
Value: 6194901517463905172
.lijit.com/ Name: _ljtrtb_26
Value: 2a4a299e-ac66-4131-8227-6fe993cf126f
.lijit.com/ Name: _ljtrtb_80
Value: L5GSMYYL-1A-6KSM
.lijit.com/ Name: _ljtrtb_84
Value: c:47cc0f51c742ab4c9a2fb927ebba91b9
.lijit.com/ Name: _ljtrtb_3
Value: 833a62cc-28a8-4400-9b6f-8592905e9c76
.tapad.com/ Name: TapAd_TS
Value: 1657546921919
.tapad.com/ Name: TapAd_DID
Value: e878de4a-0b9d-4501-899a-9d831a84e5e4
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.lijit.com/ Name: _ljtrtb_16
Value: 4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341
.lijit.com/ Name: _ljtrtb_83
Value: L5GSMYYL-1A-6KSM
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHFFJ7t/lnGW+1WuCoMxA8a+JUixCbOKdr2BWgowoujdHKBbCMnFTE8yf+AXwxlToTlYzUZZy/ny+CAnekPgJibGhlQUEHNO9bQD5U7tEfUTQ==
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.quantserve.com/ Name: d
Value: EJoBEgHLJvijDejbEA
.onaudience.com/ Name: cookie
Value: 9cc618793616bd9e
.onaudience.com/ Name: done_redirects104
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1NzU0NjkyMzUyMSwiNCI6MTY1NzU0NjkyMTcxNywiNDgiOjE2NTc1NDY5MjE3MTcsIjM5IjoxNjU3NTQ2OTIxNzE3fQ
.deepintent.com/ Name: CDIUSER
Value: di_8a23a8edd30243b79ebb9
.taboola.com/ Name: t_gid
Value: b957b40a-62f4-44a9-bb5f-7db7febc4d49-tuct9c5ae2b
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1&KRTB&19420-4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1&KRTB&22979-4McZMeTNG2v7wUhgs5NXNueTTGH7wRtk7pEAAVt1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-4cd1a787-5340-4401-8d2a-40627adea6a8-62cc28a9-4341
.fiftyt.com/ Name: fifid
Value: 06c339ab-9f8b-4a84-547d-06de59e8aca4
.fiftyt.com/ Name: cs
Value: MTY1NzU0NjkyM3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fAH2ileJ2PVNGlpk7lWhog45fT5wq5QoFirLsZTDra6U
.acuityplatform.com/ Name: auid
Value: 679997214942
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQHsvbXGUmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUB7L21xlI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b0fb67e5-1e35-46c8-44cb-34c0646b684b.asFCZii7R1zrCHMe98jJBMAzaxcoX4SUHAHuDTqmN6Y
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AsPtn5R41RshEyzTAZGtoS5U4mbI.b8qmvmNT1c8qgnVgf3hfDMOQVFZNg3%2FDyp5leuIjlPM
.w55c.net/ Name: wfivefivec
Value: ZuvqWjKQ1OaTFN5
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7108333181862472954P&KRTB&22521-Q7108333181862472954P
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6194901517463905172&KRTB&23339-6194901517463905172&KRTB&23388-6194901517463905172
.dotomi.com/ Name: DotomiTest
Value: 56b66a6069408f1
.ipredictive.com/ Name: cu
Value: 3f4b8054-011f-11ed-bf3e-6f7d5681965a|1657546923588
.tribalfusion.com/ Name: ANON_ID
Value: aAnvJOqO2c9U2OqnvibDriqMBcDAcxEnp5yUq8acoytyPeW8DRQSnKCtQ2K6VRrQVfy0syKsbGOXBxdZda9uf4MpHVda0WMbr4nDAAEPd7TmZdJp8UZbvAMet3b
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4187505635242364082&KRTB&23263-4187505635242364082
.w55c.net/ Name: matchpubmatic
Value: 5
.onaudience.com/ Name: done_redirects147
Value: 1
.adgrx.com/ Name: ADGRX_UID
Value: 3f5080b8-011f-11ed-8a48-7928c69fc35f
.semasio.net/ Name: SEUNCY
Value: 8D2C3DEECAB6DB68
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-805fc764-8f73-4e95-9f82-0f3fbf33c7b2&KRTB&23340-805fc764-8f73-4e95-9f82-0f3fbf33c7b2
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIiN-sp6XT8ToQBRgBIAEoAjILCIadneu70_E6EAU4AVoHeGtzdzlsYWAC
.fiftyt.com/ Name: fppm
Value: 20220711134203
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A9bvD3VwBlLdmNboIgWgwSuOz3PX0f5iy
.csync.loopme.me/ Name: viewer_token
Value: b73d908f-8288-4abf-9920-f62955b96f9f
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-679997214942
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-sPtn5R41RshEyzTAZGtoS5U4mbI
ads.playground.xyz/ Name: connect.sid
Value: s%3A-9e5uVa66bVp5e7Dlm-tL0DU-PxqCM5V.oF9TCcMkQxhtFeXvN6bWwkrA%2FH9tzvRMhLl8GDTVN9M
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 74cfc30a-2009-4b06-b8e5-745f5e2fb472
beacon.lynx.cognitivlabs.com/ Name: ss
Value: pVT4FTRqwnfryZA2aXxsOLYq6MBsZG%2BlxVgsTmkg0xHih8tsAbZHMmxy5uhuJE8cnXqpr13pF%2Ff5R6vlJXs3FA%3D%3D
.resetdigital.co/ Name: ckbk
Value: 000000B997DFDAAF
.fg8dgt.com/ Name: tuuid
Value: 5920572e-52ce-4898-be7b-d1f94c830691
.fg8dgt.com/ Name: c
Value: 1657546923
.fg8dgt.com/ Name: tuuid_lu
Value: 1657546923
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-3f4b8054-011f-11ed-bf3e-6f7d5681965a&KRTB&23011-3f4b8054-011f-11ed-bf3e-6f7d5681965a&KRTB&23355-3f4b8054-011f-11ed-bf3e-6f7d5681965a
.mxptint.net/ Name: mxpim
Value: R1B341_F2D9DC0D_292AD50B.1.000000000000000062CC28AB
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:ZuvqWjKQ1OaTFN5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0afc259a-ad73-4226-accf-e14e7c369d62-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAADLOJkUyIcjwMj9KYQAAAAAAA&KRTB&22713-AAADLOJkUyIcjwMj9KYQAAAAAAA&KRTB&22715-AAADLOJkUyIcjwMj9KYQAAAAAAA
.onaudience.com/ Name: done_redirects252
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-3f5080b8-011f-11ed-8a48-7928c69fc35f&KRTB&23275-3f5080b8-011f-11ed-8a48-7928c69fc35f
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000000B997DFDAAF&KRTB&23175-000000B997DFDAAF
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_F2D9DC0D_292AD50B&KRTB&23092-R1B341_F2D9DC0D_292AD50B
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-0afc259a-ad73-4226-accf-e14e7c369d62-005&KRTB&17107-RX-0afc259a-ad73-4226-accf-e14e7c369d62-005
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-2a4a299e-ac66-4131-8227-6fe993cf126f
.adsby.bidtheatre.com/ Name: __kuid
Value: 3666fb0e-1f8a-4dfd-8568-910f852545f3.426760923
.pubmatic.com/ Name: DPSync3
Value: 1658707200%3A228_197_236_245_221_226_201_219%7C1658102400%3A164%7C1657584000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1662681600%3A69%7C1657929600%3A216%7C1658793600%3A35%7C1658707200%3A13_220_165_5_176_222_22_234_71_3_7_81_96_57_189_104_8_55_233_204_56_240_54_166_239_243_238_21_99_48_178_231%7C1658361600%3A63%7C1658102400%3A15_2_223_38%7C1660089600%3A224
.c.appier.net/ Name: _auid
Value: R2AE12GeCIG9umgLrCjMYg
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 137711:4
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-R2AE12GeCIG9umgLrCjMYg&KRTB&23130-R2AE12GeCIG9umgLrCjMYg
.pubmatic.com/ Name: PugT
Value: 1657546924
io.narrative.io/ Name: io.narrative.guid.v2
Value: 3fbb5910-011f-11ed-8084-0a02ecc458dd
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1657568524349
.lijit.com/ Name: ljtrtb
Value: eJx1kstuGzEMRf%2FF6xKQSIoUs3Me48B2bDTPJjuNZoSmbtoGKVLURf%2B91Ad0JYE8FK8u%2BWcRcXGykGhsIaaoLGTBT1x8WCTx1PUnCKVVTFagTErAiAKl1gZz5FkriU2CEELyEuwlWLig2eyUCHCkCBlRQdpsRrVFlOZs7CzXKRbNCok4AHNwdsICHAS1THORkkGwVszFgImjV7J55d390%2FD%2Bdjy%2BPuxfe2f1WB6bWJwnqBMmYKsTmEaDIjS1FLnyzL2zoxosMklQJGQMKqL9Fc%2FQ0gZang1nFhNfWDxNFONZXEoIxOcyOEa9F1HpwsCV5a48gI3SICdDt3C2quJoDs5u0%2Brm6vFxC3EJsrm56nH6T5w9Xk9Yaw0uuSpjGblawTYa6jyOxeJonUxOLpenN%2BuDDi%2FDhV%2B3bf%2F9KX%2F91bPd3dXzqNe%2F84sdf4zrn5vX1bf95%2F7%2FrskkCybNAUPQJKrUne2qaF3D5e552h3Gy8PD%2Fe5L3snK3s8f746Xh9undXgb2sf93cZ57V1ybJkQM4QYfT94ZPB1QpjyzOQuqK9DV9QnNLcYqDrmzvk8VQh8ShMEGmsmNWMX9%2FcfbIGiFw%3D%3D
.lijit.com/ Name: _ljtrtb_71
Value: 33F3D6F8-BCC8-4348-BE15-968240180A06
.lijit.com/ Name: _ljtrtb_58
Value: 33F3D6F8-BCC8-4348-BE15-968240180A06
ads.avct.cloud/ Name: uuid
Value: 9ecd3041-af2e-4db4-884d-e53342792098
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjItMDctMTFUMTM6NDE6NTcuMjg5MjY2NjYyWiIsImFwcG5leHVzIjoiMjAyMi0wNy0xMVQxMzo0MTo1Ny4yODkyNjkwNjNaIiwiYmlkc3dpdGNoIjoiMjAyMi0wNy0xMVQxMzo0MTo1Ny4yODkzMjEzMThaIiwiaW1wcm92ZWRpZ2l0YWwiOiIyMDIyLTA3LTExVDEzOjQxOjU3LjI4OTMzOTM2MVoiLCJpbmRleGV4Y2hhbmdlIjoiMjAyMi0wNy0xMVQxMzo0MTo1Ny4yODkyNTkxOTRaIiwib25ldGFnIjoiMjAyMi0wNy0xMVQxMzo0MTo1Ny4yODkyNTUzNTdaIiwicHVibWF0aWMiOiIyMDIyLTA3LTExVDEzOjQxOjU3LjI4OTMxNTcwMVoiLCJyaWNoYXVkaWVuY2UiOiIyMDIyLTA3LTExVDEzOjQxOjU3LjI4OTI2MjE1WiIsInJ1Ymljb24iOiIyMDIyLTA3LTExVDEzOjQxOjU3LjI4OTI3MzU4N1oiLCJzbWFydCI6IjIwMjItMDctMTFUMTM6NDE6NTcuMjg5MzUzMTIxWiJ9LCJ1aWRzIjp7IjMzYWNyb3NzIjp7InVpZCI6IjExOTI0NzY1Nzk0NzEzMyIsImV4cGlyZXMiOiIyMDIyLTA5LTA5VDEzOjQyOjAwLjgzMDI0OTczMloifSwiYWRhZ2lvIjp7InVpZCI6ImViZDFkNzYyLWU1N2ItNDk2Ny04OWU0LWJlM2Y1NDdmNWY5NiIsImV4cGlyZXMiOiIyMDIyLTA5LTA5VDEzOjQxOjU3LjI4ODIyNDkwMVoifSwiYXBwbmV4dXMiOnsidWlkIjoiNjE5NDkwMTUxNzQ2MzkwNTE3MiIsImV4cGlyZXMiOiIyMDIyLTA5LTA5VDEzOjQyOjAxLjQ1OTkxMjA2N1oifSwiYmlkc3dpdGNoIjp7InVpZCI6IjJhNGEyOTllLWFjNjYtNDEzMS04MjI3LTZmZTk5M2NmMTI2ZiIsImV4cGlyZXMiOiIyMDIyLTA5LTA5VDEzOjQyOjA0LjY0MTk2OTQ3N1oifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJZc3dvcHZSTmVibTc3VGFnVHJKRjFRQUFBZUFBQUFJQiIsImV4cGlyZXMiOiIyMDIyLTA5LTA5VDEzOjQxOjU4Ljg0OTAyNTgxNFoifSwicHVibWF0aWMiOnsidWlkIjoiMzNGM0Q2RjgtQkNDOC00MzQ4LUJFMTUtOTY4MjQwMTgwQTA2IiwiZXhwaXJlcyI6IjIwMjItMDktMDlUMTM6NDI6MDMuNTQyMjczMDk3WiJ9LCJydWJpY29uIjp7InVpZCI6Ikw1R1NNWVlMLTFBLTZLU00iLCJleHBpcmVzIjoiMjAyMi0wOS0wOVQxMzo0MjowMi45MTA1MzYyODZaIn19LCJiZGF5IjoiMjAyMi0wNy0xMVQxMzo0MTo1Ny4yODgwMjg1OTRaIn0=
.pubmatic.com/ Name: SPugT
Value: 1657546924

2 Console Messages

Source Level URL
Text
network error URL: https://s0.2mdn.net/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
9d11022f4cdf7b731a05ff279ada4b3b.safeframe.googlesyndication.com
a.svtrd.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.fr
adx.adform.net
am.contobox.com
aorta.clickagy.com
ap.lijit.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
c1.imgiz.com
cbmedia2.contobox.com
cc.adingo.jp
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
contobox-data.s3.amazonaws.com
core.iprom.net
creativecdn.com
cs.chocolateplatform.com
csi.gstatic.com
csync.loopme.me
cuneytekinci.ghost.io
d.turn.com
data.adsrvr.org
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
finans.apipara.com
finanscepte-xuoe622gjknvdey.stackpathdns.com
finanswebde.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
io.narrative.io
istr-n23.nktcdn.com
istr.izlesene.com
loada.exelator.com
loadm.exelator.com
logger.virgul.com
m.fg8dgt.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mp.4dex.io
mweb.ck.inmobi.com
ng.virgul.com
ng2.virgul.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pandg.tapad.com
panel.izlesene.com
pghub.io
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rr1---sn-t0a7ln7d.googlevideo.com
rr2---sn-apaapm4g-apae.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rtb2-useast.torchad.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s.uuidksinc.net
s.youtube.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spadsync.com
ss-pbs.quantumdex.io
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.virgul.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.resetdigital.co
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
tags.bluekai.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.4dex.io
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
visitor.fiftyt.com
widget.us.criteo.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yt3.ggpht.com
match.bnmla.com
sync.tidaltv.com
104.127.172.242
104.18.18.126
104.36.113.107
104.36.115.114
104.36.115.98
104.45.178.220
107.178.246.49
107.178.254.65
13.249.119.124
13.249.120.127
13.249.120.26
13.249.120.90
132.226.41.106
139.162.117.143
141.95.98.67
142.250.65.194
142.250.65.226
142.250.81.230
142.251.40.162
142.251.40.226
15.197.193.217
15.235.15.221
151.101.2.49
151.101.65.108
151.101.65.44
151.139.245.20
159.203.145.121
162.248.18.10
168.119.79.223
172.217.165.130
173.231.178.77
174.137.133.49
178.250.0.163
178.62.202.251
184.85.195.135
185.167.164.43
185.184.8.90
185.7.176.221
185.7.176.223
185.7.176.4
195.201.122.228
195.201.133.252
195.5.165.20
198.148.27.140
199.127.204.142
199.187.193.179
199.187.193.200
199.187.193.204
199.38.167.129
2001:4998:14:800::1001
204.2.255.233
207.198.113.87
209.54.182.161
216.200.232.253
216.52.2.30
23.200.204.24
23.217.162.245
23.60.1.46
23.60.4.197
2404:6800:4009:820::2003
2600:1f18:4e9:5a07:90a3:294f:189a:c958
2600:9000:21f9:e400:1b:5138:8a40:93a1
2602:803:c002:200::113
2604:9e00:1:129::2:a01
2606:4700:10::6816:2460
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700:3033::6815:3f36
2606:4700:4400::ac40:98f5
2606:4700::6812:372
2606:4700::6813:ad6c
2606:ae80:1471:18::1400
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::8b
2607:f8b0:4006:806::2006
2607:f8b0:4006:807::2001
2607:f8b0:4006:807::2003
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80c::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2004
2607:f8b0:4006:81e::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2002
2607:f8b0:4020:1::6
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a00:ba61:0:126::d
2a04:4e42:400::300
2a04:4e42:600::775
3.209.185.106
3.227.107.207
31.220.27.135
34.102.243.38
34.102.253.54
34.117.239.71
34.149.40.38
34.193.38.230
34.206.232.206
34.234.174.195
34.239.109.150
34.98.64.218
34.98.67.3
35.169.219.41
35.171.226.138
35.179.5.97
35.190.60.146
35.201.96.126
35.207.24.140
35.211.141.197
35.211.178.172
35.241.45.217
37.157.5.142
38.91.45.7
45.35.192.162
5.161.54.172
50.57.31.206
51.222.39.186
51.255.68.171
52.0.156.250
52.2.182.92
52.217.171.249
52.22.197.83
52.36.124.159
52.44.38.45
52.55.236.147
52.7.59.203
52.71.236.56
52.71.37.99
52.95.122.74
54.175.87.114
54.198.189.0
67.202.105.22
67.202.105.31
68.67.160.186
68.67.160.24
69.173.144.165
69.173.151.100
69.90.254.78
74.119.119.150
75.126.248.142
76.13.32.147
8.28.7.81
8.28.7.83
8.39.36.141
96.46.186.57
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09f0e552f722d86e1d67ea3bc8b09c8ea9777f73521641caabf57b26ba7a8b93
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
0fe02731c22e5466827e8f662f13266450cd5cca96f2fbc063331c8014bfb961
0ff30daedab1b3e0811cee697f521bebd7f08a77eca5ebd83f0910768bbffa43
1168a1dc381728630114f0ec6fff057f0fe9dc5da9117f4c8433a4c3f3b83f52
11e623f6cb6978519f97a73de00c8633974b11405e184d292eab0602a0981413
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b61724545edabc7b4c696a4dd73be21ba569681f394e2fc2c596f8331645cd
15f344d6b8c3fd1b310e40fcb9270ae44244be590bc5447439761edc46c92403
165cde84bfc1078b2a026370ce259269f933d25837d1ca9a88ba5e4bccc61ab6
16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189021cbb7e9c2efc52e81e05517f10568600f26108c205e97fe3edb7a3c4684
1a0835e73b15ae32e46d8dec8393664efb55095719033e8a364ee5d88643e483
1c39d4e8ccc4b98243e084f84568247e47f4cc8c806d5dea44b79fe32eb062d2
1caa83c50f1dd66405a1636b78361c6990d98596f07f4ced0df3717b2fac08c9
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
204ab7a437dbeefdcc721653cff54c182f3cbca19127df7737a9a426e8e42f60
2259fd47c8c7d4495d954f079cab5f532a7b6747a358a3e8fd92209348b0a8a8
2490f6d25f36f22b59d07263d7a204027111dc5c7b98e51f6c66c7a01ca34fec
24bf624ed768c1d266c62e624b1244c6990ca161138f9aebcd4dc9c0db7eb033
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29a18daaaccc2896c4f4c22efc02cd69ef78861b9250bf53ea3c9704f285e6d7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2cceac1929e30ad3d0ca4612a3aac4c58a8a097d6b1f9aadf0a141087eb5e66a
2db9402fc3a72ee838132d05171bb8428d9192abe23f1fd90c1e4221d51e6dfa
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f57956555aa023f50567f16ea5000931a18e1cff7d8b1514ae3a53af345b6b8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38097f414378d7437ae11ec8d1779cf09b169d8e5205ff59d83b61c3de0b929e
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
398cc646926f0d5a9e42dfbff55631ebfb6efc42749c2aa80fc108312b32319b
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b92736323542c51b714890a8146f18df9eb8e6b6b4feb31e0933339e25e3491
3b96281a4d7f0a6dd75da09d47fb06e4f8417d743974dcd7a14ba8d5fbea33c9
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e16ddd4d0c636670da74d57c516743d6dd1e3d09c495db05ed1ac50a1c66b6f
3e8a60c033a11d8176b40a7877b84b5f7e2668403eeffc111c5110813e188bb3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432facf1326797b5fbce3e8d76d0da21909b799e4e26473c80c0cc52573bd0cd
435315c3fd117245dd4131a20ebe8362966149e7fcfc8ead72cd4e030848732e
438db98ea37cf29579c0998d75bba2102e1c2779af550b0e39e93923e90aebc0
444574dde191cf15aa333688df4154345b4f1846a8f41f77abb0d3c039e6a5bc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49360ebcccaa0891b08809593714b3d9c1ffefd3647fb529a40baa873ccaa8ee
4b49190da40cbea727ab851832a48c4f26128c8b47f34bb1f07c382c116863c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f3934e9af1ba4a78d3f2d46f9ba361dd1654f77e4f12ab0602b0bbdaca3c21d
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f77143d53a55f7d543e285668bc7092e2aa24b59c95ae5c7ab8a2e512fb6ee9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53476c5323221181886894b7adc76f8b0b7ef6bb4e860d3166ce4641fab24703
539a1e42f6c78424182e755abb7da38f5b27ecfc708f0ce735dc89af65f8eafb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552fa2dd8385f3e002ac62fce69eda85235e5bfc4e397cd69559c2e8416cdea3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5919c1a17b6794226484007c8a28339fb0d2b0b29965ccd42db94f235f7414e3
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5bcebd2ecd1d1dda57aeb2173c4221bcd69cc0a722ee2136269553f9e98cc433
5cdf850156be632a84cb6cddd28dccb96b6e8890a1f44c660396386efa089324
617c2753bae14028457cbe821066950c6011b7f950387cf99674205e8b087ba1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf6bfd6eb621d47669b6c34122e098485baa735cc2510cef7dc57921a060da
662a701e1568bc9c60eb966d8c2200f4441a233d50746596c2cd23ac0240dc62
6823cdc5c5bc297bd4ac06187687fecb2a5c110658ebd5efba820132571fe6a2
689b2bf9329865e2b06c7d232924c1d12f7036b697df26d7615c8162c1dfbc53
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6efe7e4964448fbdd5349e5116703648d6692fc191736eb19b62515e21a7a3d2
70083d81f4abc958e43215542c5543afedd6294b03d1d544934118c5e2ea054b
7086175b8f7a118e076eaeee3b551090649c2c818b7e81b901aa1006a54348c9
71b66d91bd6c55180e0bde3b2a624af687fc04c331a103773bc7ac05414472c2
7573def4c6058422e96f9998b9e95d07ddcb2ede4330b273f57b137bae210280
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
790cc826cae7d0f00bb6730fa124aa3e95471970730e798065d14c06a9d85355
79e3381adccea1f5cadcf8e81b189501b935f79475555dcbd8e8831f53c4b4e5
7f75dde298670f0251b5c17b629516e3ebf5cbf5ac3bc54c83a56da9e7129053
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8960045a0f15851413611eb6f4222e018bc397cf49be3ff0420390e96db405cd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c03bc576696be28c37930887598b9e4fb9597fb3660dcf12504248e0b017707
90c409f1ce2b25d07550d5c00929433fd8acf8f8aed6fd6f128981504d9233d5
93dfec65350e0dea92dfaa369dc0e29e33ac21445f5144d6ece37776bfa1de7d
943598fbb2e4c9e00098e2814c1b99e85ec1824e48fb0a9d003b684950966745
944a55aa3921673c00bb33ef32fc71a0f66e5c3638c2e6251a032ff5fc1e2747
9463443c25d529a4d17e51acca3e56b8a17e4464035026dd0f696848bc218a01
94a1fc1332185dc1630e817a59540c1374a2eccd4a3dc03f53e4d57955a7d9d3
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9a9e4e01ade298b9d0fead5787fc586db5fd430d59bbb014af09b5d01e56f930
9ab0baca7a738a0ed49bd74f042400153d207a444f1675808802a3c2aa923322
9c0083756ceec4dc311e9d1395e4cafda82c4ff1fd361e6d2c20fd4759bd8201
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
9f9a50a811205cf0f7e2cd03d957bfbc963d8cdfd849d476810e701ec7a42a01
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a290abc20f0b59dc02b4f83a189b9830ee4f7c1110318dbdbb6bd8e19cc84407
a2aee39cfabeb4706c662f0ab7e6b5f0a696403a6889dbb54279bb6175d12273
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a986177a9e544078e4a8eea6fa7333dab5923daba8aedc4d986b18f9fa3a9ac8
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acc769c1dee8b3abd469691e21661eacc7c20754c1ea5511765876e388bddda1
afe58ab7af103e3300c88f81a386f06eddefb1f786f94e1c435024ac6c4308c0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b871e28f94a1481e60c8a1d53289e5ef4d603b55063cc67c35ab63db2589ee6a
b9016d4450b5defe27a58fcc7adfe684b16bef1874348f3b4a805f1927c4135d
bab745658ba458848b2d2df5e0557b98b70867124fd5a059fd25f9801e01a87c
bb3e18ab6e3d5ac17fa51a98a362e4f4582eaa33d0218a629bca0bb1fcd9054d
bb921a36ef278f7ff6324a4b8c09f863c5228170a279fd22da62b407e32cdc90
bdd0e8253ff76403a26501a1acac9e14a4adfb36aed71463a752f9791524a590
c038f2f92310db4f32b756ed4de997ef499335657fc351ed95c21f48e91e2fa9
c0d250e62106677c7efcbe429beb6798adb3331bad9f6cd94c1a398cf5708ee8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c650cc89f6ef435f214537ae7eb227a084a465e0270c7896fb224b520829d73b
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c819469813278fbc167f463ca207cddb2d28974196157b17c0e644a4cf549859
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84222f7c430afe12c25da3c178c58d3c4967d78b44f4450293adbabe498caee
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cb78fc1e999c09a38e858f909fa389c204c2e49e6b13afbfc0e354e09acb17c4
d04b3718c0e7c608862910165a3f4becac10f42a7339ddf0876eb08121ccb38d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d3c01b4b2520d761ee7409a2b8339752f7b4be6342040278101f7df6f4ae26de
d5e30983e240508587941ff5cd02b3427418c884c69c48587b9390eb4a2fd43e
d83d34589d360c8e750c07791e4b920ca902c7bc748ef0990a986df211124834
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da0076846712b460dc7f14f542f48c2608fdc0c85b938564dc06fede6de2f262
dcfd2026eab710c04b46105b32a10edb216c66c9c603d2f5c3704ea781d99342
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
dfba3a870c2fc34b914511160418b1b668e0722213b83e2e87fa53d7d0358034
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b13e741205ab4bcc7f3295fede5490d55e9389e5331990284bb334ddade0a2
e44bd39797144973ef3b51a350a7eedfa399571343a36cc020d101c65a9b788c
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e567bef53ed26bc959101ab4450b3803f0282330a98eceb9c8542384869d9899
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e89b3c3134ebc05bb94be0f2c767c48b50053d06b5a7240df27cdc1136977799
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9664481ddfd7b49070c84a0a36eea1924443305a2c4a4d2fd3911a8a1df3002
eacbda4dddda7b6cd5e027cb8aed2cedb8bf4e1923f3493e20b59c32b52e8ffc
ebaa42d0c06f94b3bfd9c22b7124f8b488b7c88829fcadd89ea6f4e82f7fa20d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef677dc1926cbfa2aa4e0f3a2cd13cc318d2d968cbfd2bcc5d7eb9a94ff13034
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f339bf56ad8afee196e4fc0b372309b0182860243c807c6577f3a3d64fcc1a4c
f38ab134ffcf8f1521b461973c3db993098f7915161c5d79627d3fc4ee4056fc
f80620d9648d28219c8c6b423326882e27f2b3bcd88206b119076dbc42fbfd74
fab3be759e449d4daad5639d82fdd3c2bcbac1eae3232378b8ba4ee9a4c9d152
fb9fb3698c9d5794121b184603b9d1e381f80ba0dc7ebd7991a3fd1774538a7d
fc9dd7b47ae4590ebf5c8af090a37431907c7c460626b6a49bcd8546eab68642
fd54af9a06cde1dd6a85709949646690a7a7e7085aa50288fe11eac2ec4dad9f
fd73d75eb4dee51c435c9e09ff67a2813afc7743658da807104ada60eb810409
fe3299538ac2fd9918bb082f6e60411811c958bc1bd59a0dda68231e9836bf3f
fefff9ab72f5b09396bc4b3e06968665a9fedfb31c45b77a0b561d4241f6fa85
ff2c9a302dc1f3bcefe0605a7fe38a85e7c712e40bd960ca5e38f93d6d3c18ee
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc