powerinbooks.xyz Open in urlscan Pro
185.229.112.198 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://powerinbooks.xyz/temp/
Submission: On September 23 via api (September 23rd 2020, 8:32:19 am UTC) from US

Summary HTTP 203 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 10 countries across 35 domains to perform 203 HTTP transactions. The main IP is 185.229.112.198, located in Singapore and belongs to AS-HOSTINGER, LT. The main domain is powerinbooks.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 12th 2020. Valid for: 3 months.

This is the only time powerinbooks.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	185.229.112.198 185.229.112.198	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20e8:7400:1c:4bbb:9180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
13	146.185.142.91 146.185.142.91	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
12 12	52.59.64.254 52.59.64.254	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
7	138.68.105.0 138.68.105.0	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6 10	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
4 8	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
4	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 8	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
11	143.204.215.58 143.204.215.58	16509 (AMAZON-02) (AMAZON-02)
4	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	46.101.136.217 46.101.136.217	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
9 9	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	99.86.7.72 99.86.7.72	16509 (AMAZON-02) (AMAZON-02)
36	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.215.112 143.204.215.112	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	52.31.177.108 52.31.177.108	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
21	2600:9000:214... 2600:9000:214f:3400:f:1ee9:de40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 8	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
10 10	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	104.16.92.60 104.16.92.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.195.120.21 18.195.120.21	16509 (AMAZON-02) (AMAZON-02)
3 6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.135.96.59 5.135.96.59	16276 (OVH) (OVH)
6 6	52.17.253.7 52.17.253.7	16509 (AMAZON-02) (AMAZON-02)
3	23.105.245.5 23.105.245.5	7979 (SERVERS-COM) (SERVERS-COM)
4 4	3.124.14.91 3.124.14.91	16509 (AMAZON-02) (AMAZON-02)
1 2	50.31.142.31 50.31.142.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	143.204.215.36 143.204.215.36	16509 (AMAZON-02) (AMAZON-02)
8	52.219.104.26 52.219.104.26	16509 (AMAZON-02) (AMAZON-02)
203	34

14 185.229.112.198 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, LT)

powerinbooks.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:7400:1c:4bbb:9180:93a1 (United States)

ASN16509 (AMAZON-02, US)

adserver.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 146.185.142.91 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.59.64.254 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-64-254.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.68.105.0 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamstore.bank.v3.lb0

bank.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.221.53 (Netherlands) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.236 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.184.8.30 (Poland) 4 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.215.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-58.fra53.r.cloudfront.net

web-clients.mynativeplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.201.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.101.136.217 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamselfie.iq

iq.reklamselfie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.150.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f34.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany) 9 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-72.fra6.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.215.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-112.fra53.r.cloudfront.net

adimg.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 52.31.177.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2600:9000:214f:3400:f:1ee9:de40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ad.reklamnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.86.138.114 (France) 7 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.190.80 (United Kingdom) 10 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.120.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-120-21.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.96.59 (France)

ASN16276 (OVH, FR)

dispatcher.adxcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.17.253.7 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-253-7.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.14.91 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-14-91.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.31 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.36 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-36.fra53.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.219.104.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	404 KB
27	cpx.to p.cpx.to s.cpx.to	27 KB
21	reklamnative.com ad.reklamnative.com	26 KB
18	rekmob.com ads.rekmob.com adimg.rekmob.com	58 KB
14	powerinbooks.xyz 1 redirects powerinbooks.xyz	138 KB
13	bidswitch.net 13 redirects x.bidswitch.net pool.grid-data.bidswitch.net	4 KB
11	mynativeplatform.com web-clients.mynativeplatform.com	285 KB
10	pubmatic.com 10 redirects image2.pubmatic.com	6 KB
10	doubleclick.net 10 redirects cm.g.doubleclick.net	3 KB
10	adform.net 6 redirects adx.adform.net dmp.adform.net	4 KB
10	adnxs.com 6 redirects ib.adnxs.com secure.adnxs.com	10 KB
8	amazonaws.com s3.us-east-2.amazonaws.com	180 KB
8	smartadserver.com 7 redirects sync.smartadserver.com rtb-csync.smartadserver.com	4 KB
8	creativecdn.com 4 redirects prebid-eu.creativecdn.com creativecdn.com ams.creativecdn.com	2 KB
8	reklamstore.com adserver.reklamstore.com bank.reklamstore.com	59 KB
6	adsrvr.org 6 redirects match.adsrvr.org	3 KB
6	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	837 B
5	truoptik.com dmp.truoptik.com
5	googleapis.com ajax.googleapis.com Failed imasdk.googleapis.com fonts.googleapis.com	107 KB
4	perf-serving.com 4 redirects prod.perf-serving.com	3 KB
4	gstatic.com fonts.gstatic.com	40 KB
4	glotgrx.com pre.glotgrx.com	931 B
4	yabidos.com pixel.yabidos.com	44 KB
4	criteo.com bidder.criteo.com	584 B
3	lentainform.com cm.lentainform.com	982 B
3	idealmedia.io cm.idealmedia.io	785 B
3	eyeota.net 1 redirects ps.eyeota.net	2 KB
2	outbrain.com 1 redirects sync.outbrain.com	823 B
2	google-analytics.com www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
1	smadex.com 1 redirects cm.smadex.com	525 B
1	adxcore.com dispatcher.adxcore.com	375 B
1	reklamselfie.com 1 redirects iq.reklamselfie.com	215 B
1	rfihub.com 1 redirects p.rfihub.com	748 B
1	criteo.net static.criteo.net	35 KB
203	35

	Domain	Requested by
26	s.cpx.to	p.cpx.to powerinbooks.xyz
21	ad.reklamnative.com	web-clients.mynativeplatform.com powerinbooks.xyz
18	cm.mgid.com	jsc.mgid.com powerinbooks.xyz
14	powerinbooks.xyz	1 redirects powerinbooks.xyz
13	ads.rekmob.com	adserver.reklamstore.com powerinbooks.xyz
12	x.bidswitch.net	12 redirects
11	web-clients.mynativeplatform.com	adserver.reklamstore.com ad.reklamnative.com powerinbooks.xyz
10	image2.pubmatic.com	10 redirects
10	cm.g.doubleclick.net	10 redirects
8	s3.us-east-2.amazonaws.com	powerinbooks.xyz
8	adx.adform.net	4 redirects powerinbooks.xyz
7	sync.smartadserver.com	7 redirects
7	s-img.mgid.com	powerinbooks.xyz jsc.mgid.com
7	bank.reklamstore.com	adserver.reklamstore.com powerinbooks.xyz bank.reklamstore.com
6	match.adsrvr.org	6 redirects
5	dmp.truoptik.com	powerinbooks.xyz
5	secure.adnxs.com	5 redirects
5	adimg.rekmob.com	powerinbooks.xyz
5	ib.adnxs.com	1 redirects adserver.reklamstore.com
4	prod.perf-serving.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	cdn.mgid.com	powerinbooks.xyz jsc.mgid.com
4	fonts.googleapis.com	powerinbooks.xyz
4	pre.glotgrx.com	powerinbooks.xyz
4	pixel.yabidos.com	adserver.reklamstore.com pixel.yabidos.com
4	prebid-eu.creativecdn.com	adserver.reklamstore.com
4	bidder.criteo.com	adserver.reklamstore.com
3	c.mgid.com	powerinbooks.xyz
3	creativecdn.com	3 redirects
3	cm.lentainform.com	powerinbooks.xyz cm.mgid.com
3	cm.idealmedia.io	powerinbooks.xyz cm.mgid.com
3	eus.rubiconproject.com	cm.mgid.com
3	secure-assets.rubiconproject.com	3 redirects
3	servicer.mgid.com	jsc.mgid.com
3	jsc.mgid.com	adserver.reklamstore.com
3	ps.eyeota.net	1 redirects bank.reklamstore.com powerinbooks.xyz
2	sync.outbrain.com	1 redirects powerinbooks.xyz
2	dmp.adform.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	powerinbooks.xyz adserver.reklamstore.com
1	rtb-csync.smartadserver.com	powerinbooks.xyz
1	cm.smadex.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	dispatcher.adxcore.com	powerinbooks.xyz
1	pool.grid-data.bidswitch.net	1 redirects
1	p.cpx.to	bank.reklamstore.com
1	iq.reklamselfie.com	1 redirects
1	p.rfihub.com	1 redirects
1	imasdk.googleapis.com	adserver.reklamstore.com
1	static.criteo.net	adserver.reklamstore.com
1	adserver.reklamstore.com	powerinbooks.xyz
0	ajax.googleapis.com Failed	powerinbooks.xyz
203	52

This site contains links to these domains. Also see Links.

Domain
www.chegg.com
www.miravira.com

Subject Issuer	Validity	Valid
powerinbooks.xyz Let's Encrypt Authority X3	`2020-08-12` - `2020-11-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
adserver2.reklamstore.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
ads.rekmob.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-22` - `2021-05-08`	2 years	crt.sh
*.reklamstore.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-11` - `2022-08-11`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.mynativeplatform.com Go Daddy Secure Certificate Authority - G2	`2019-11-19` - `2020-11-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
adimg.rekmob.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
ad.reklamnative.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-21` - `2021-03-22`	2 years	crt.sh
*.truoptik.com Go Daddy Secure Certificate Authority - G2	`2018-11-13` - `2020-11-13`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.adxcore.com Gandi Standard SSL CA 2	`2019-12-03` - `2021-01-22`	a year	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-24` - `2021-05-27`	10 months	crt.sh

This page contains 11 frames:

Primary Page: https://powerinbooks.xyz/temp/
Frame ID: 8CA3C9AECC0D1A1CF1677C8B65A5EDB7
Requests: 137 HTTP requests in this frame

Frame: https://jsc.mgid.com/r/o/ron.reklamstore.com.926917.js
Frame ID: 048B076CF2EB539D136D8F85BAD30EA8
Requests: 22 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 7DBEC563E3B0ECC4EAF346A017992888
Requests: 3 HTTP requests in this frame

Frame: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Frame ID: 3FA230919085E82D4BC2D31FB08EC0B3
Requests: 21 HTTP requests in this frame

Frame: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Frame ID: 6317B3C03FD4949F3833AEAFDB31F0A6
Requests: 20 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1600849904787483909299
Frame ID: 8C37A50D4702C753689552E57327FBC5
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1600849904820299696386
Frame ID: 6319A64B83B45FB9763426354F01E2DB
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1600849904837535559456
Frame ID: BD738B4B37AB9E2CDC1788AE81570905
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 7BFE609F5E0C8830F68A66934B6B65B6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 1A5016A52DB9E5CA8CEE19FA9A986377
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 8EF3B345DFBB94B6C60BEC191C02D827
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://powerinbooks.xyz/temp HTTP 301
https://powerinbooks.xyz/temp/ Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

203
Requests

99 %
HTTPS

25 %
IPv6

35
Domains

52
Subdomains

34
IPs

10
Countries

1500 kB
Transfer

3025 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.chegg.com/
Title: https://www.chegg.com/

Search URL Search Domain Scan URL

URL: https://www.miravira.com/funny-moments-of-football-134
Title: Funny Moments Of Football

Search URL Search Domain Scan URL

URL: https://www.miravira.com/rebekah-vardy-scores-an-impressive-penalty-in-six-inch-heels-132
Title: Rebekah Vardy scores an impressive penalty in six-inch heels

Search URL Search Domain Scan URL

URL: https://www.miravira.com/football-player-touch-female-referee-s-breast-133
Title: Football player touch female referee s breast!

Search URL Search Domain Scan URL

URL: https://www.miravira.com/10-incredible-space-launch-failures-136
Title: 10 INCREDIBLE Space Launch Failures!

Search URL Search Domain Scan URL

URL: https://www.miravira.com/people-slammed-by-massive-waves-4-137
Title: People Slammed By Massive Waves 4

Search URL Search Domain Scan URL

URL: https://www.miravira.com/travel-diary-vietnam-2017-153
Title: Travel Diary // Vietnam 2017

Search URL Search Domain Scan URL

URL: https://www.miravira.com/omg-this-is-awesome-141
Title: Omg this is awesome :)

Search URL Search Domain Scan URL

URL: https://www.miravira.com/8-most-dangerous-rains-of-all-time-top-10-interesting-142
Title: 8 MOST DANGEROUS RAINS of All Time | TOP 10 INTERESTING

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://powerinbooks.xyz/temp HTTP 301
https://powerinbooks.xyz/temp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=reklamstore HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827872186450456&expires=30&ssp=reklamstore HTTP 302
https://ads.rekmob.com/retarget/pix?id=bs&cv=f12c2415-7870-4600-806b-efc017e55edf&d=1

Request Chain 28

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__No0vsX3yPhTjzegWcCZN HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__No0vsX3yPhTjzegWcCZN

Request Chain 33

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__ao1BsvuAESiK5gCJyHCB HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__ao1BsvuAESiK5gCJyHCB

Request Chain 38

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__EfLUfeIj513EjLFodz46 HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__EfLUfeIj513EjLFodz46

Request Chain 44

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__LrqOPsVD4FOMkdY0tFEN HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__LrqOPsVD4FOMkdY0tFEN

Request Chain 49

https://iq.reklamselfie.com/585ce73218044 HTTP 302
https://bank.reklamstore.com/rs.js

Request Chain 51

https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID HTTP 302
https://bank.reklamstore.com/anx.php?uid=8336981050456292442

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm=&google_tc= HTTP 302
https://bank.reklamstore.com/adx.php?google_gid=CAESELVH1C4o07Dpfzd78u8KdIo&google_cver=1

Request Chain 53

https://dmp.adform.net/serving/cookie/match?party=1068 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 HTTP 302
https://bank.reklamstore.com/adform.php?uid=2108028102630419389

Request Chain 72

https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1

Request Chain 112

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&cklb=1 HTTP 302
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=8712548919510032841&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Request Chain 114

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Request Chain 115

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=C1A4D8D9-5719-4960-A860-7EF469926323&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Request Chain 117

https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
https://s.cpx.to/sync?dsp_uid=f12c2415-7870-4600-806b-efc017e55edf&dsp=BIDSWITCH

Request Chain 118

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 120

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8nIIc_fG3v1 HTTP 302
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=f12c2415-7870-4600-806b-efc017e55edf

Request Chain 121

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906

Request Chain 123

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid&tc=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhuSUljX2ZHM3Yx&muidn=k8nIIc_fG3v1 HTTP 302
https://cm.mgid.com/google?muidn=k8nIIc_fG3v1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1

Request Chain 125

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=0ed05415-686c-47b6-935f-aa5affe19214&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=

Request Chain 128

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=15C3FFEB-5326-4966-9B49-4FFCA3581E7D&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Request Chain 129

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21 HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21&cklb=1 HTTP 302
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=dbc1b930-5dd7-4375-a21e-58442079eb21 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=dbc1b930-5dd7-4375-a21e-58442079eb21&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Request Chain 131

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Request Chain 132

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid

Request Chain 133

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=5dd86ed8-d8b3-4335-9cfe-51ca5ff5a67b&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=

Request Chain 134

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 135

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906

Request Chain 136

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8nILExYlkv1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=f12c2415-7870-4600-806b-efc017e55edf&rdrctExp=true

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhuSUxFeFlsa3Yx&muidn=k8nILExYlkv1 HTTP 302
https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1

Request Chain 140

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F9B33382-415C-4CF3-84CC-F2F0E4FDC31A&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Request Chain 143

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d HTTP 302
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Request Chain 144

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhuSUxFeFlsa3Yx&muidn=k8nILExYlkv1 HTTP 302
https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1

Request Chain 146

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 147

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=f12c2415-7870-4600-806b-efc017e55edf HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=311f668d-d03e-4cd0-a4f3-e7ed51fdcb59&expires=10&ssp=mgid&bsw_param=f12c2415-7870-4600-806b-efc017e55edf HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=

Request Chain 149

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8nILExYlkv1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=

Request Chain 150

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=de7ab710-2512-47b8-a114-f24acdb12963&ttl=1603441906

Request Chain 152

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid

Request Chain 153

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=db1ae197-a481-4543-b201-6101b6d6663f

Request Chain 154

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f HTTP 302
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=db1ae197-a481-4543-b201-6101b6d6663f

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=db1ae197-a481-4543-b201-6101b6d6663f HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=db1ae197-a481-4543-b201-6101b6d6663f&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Request Chain 157

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B628369A-0CD8-496B-AC32-6F7045284CE7&fid=db1ae197-a481-4543-b201-6101b6d6663f

Request Chain 158

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Request Chain 161

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=152BC5FE-5064-4CAF-9A57-486C098B2488&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

Request Chain 162

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366 HTTP 302
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4188114646304815239&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

203 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3-Q050

200

Primary Request / Show response
powerinbooks.xyz/temp/
Redirect Chain

https://powerinbooks.xyz/temp
https://powerinbooks.xyz/temp/

9 KB
3 KB

514ms
289ms

Document
text/html

185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed / PHP/7.0.33
Resource Hash: 01057a4901169b9deed764f682e09ccc06542ba72e3e1acd671053920df7b7df

Request headers

:method: GET
:authority: powerinbooks.xyz
:scheme: https
:path: /temp/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
x-powered-by: PHP/7.0.33
set-cookie: fancyform=cjno543sov2aabiduldosaj600; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 2659
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Sep 2020 08:31:43 GMT
server: LiteSpeed

Redirect headers

status: 301
content-type: text/html
content-length: 706
date: Wed, 23 Sep 2020 08:31:43 GMT
server: LiteSpeed
location: https://powerinbooks.xyz/temp/
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 45ms
43ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131451498-1

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57a16bd0c6267d3ad73d33aa5d20c4f737686709ddb7aa3d96fd213bd6c0f54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36407
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 jqtransform.css
powerinbooks.xyz/temp/jqtransformplugin/ 9 KB
2 KB 217ms
215ms Stylesheet
text/css 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/jqtransformplugin/jqtransform.css
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 012537efcb6302e7ba22b52622808dc7aeeffe4642ee714eb76198c47c77cc0c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 09:45:43 GMT
server: LiteSpeed
etag: "220f-5e96d7c7-3e5a13a12ee08d04;br"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1546
expires: Wed, 30 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 validationEngine.jquery.css
powerinbooks.xyz/temp/formValidator/ 2 KB
595 B 222ms
220ms Stylesheet
text/css 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/formValidator/validationEngine.jquery.css
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f840da7b902fdadf8dcb989c827ce51dd44cd90fb2d8deed334d6af0f9aedb49

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 09:45:42 GMT
server: LiteSpeed
etag: "908-5e96d7c6-cb31b1c57af0b595;br"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 521
expires: Wed, 30 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 demo.css
powerinbooks.xyz/temp/ 1 KB
548 B 222ms
221ms Stylesheet
text/css 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/demo.css
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b7aa7bbbbb817cfba2575259def5088442395d4b92613c0ef6402aa2dbb2be3d

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 09:45:43 GMT
server: LiteSpeed
etag: "5d0-5e96d7c7-a020fe4a854cbaa2;br"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 494
expires: Wed, 30 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 jquery.jqtransform.js Show response
powerinbooks.xyz/temp/jqtransformplugin/ 13 KB
4 KB 222ms
221ms Script
application/x-javascript 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/jqtransformplugin/jquery.jqtransform.js
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f80a3ca14f52c6c00a5755be6512ec2fd4e2649c046528a6daca828c51e5c29a

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 09:45:43 GMT
server: LiteSpeed
etag: "357c-5e96d7c7-ab99348f39165101;br"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3662
expires: Wed, 30 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 jquery.validationEngine.js Show response
powerinbooks.xyz/temp/formValidator/ 22 KB
5 KB 222ms
221ms Script
application/x-javascript 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/formValidator/jquery.validationEngine.js
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 79238907662b63ae87770aab5f121793370cf4859da08a03e0bed2dcc89619b5

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 09:45:42 GMT
server: LiteSpeed
etag: "58ab-5e96d7c6-d9be0c07e4ebde18;br"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5177
expires: Wed, 30 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 script.js Show response
powerinbooks.xyz/temp/ 1 KB
493 B 223ms
222ms Script
application/x-javascript 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://powerinbooks.xyz/temp/script.js
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4b155d21cac5f6d65fe6e96620e8897d6569728351e55a32e10051b1244cbc06

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:43 GMT
content-encoding: br
last-modified: Wed, 15 Apr 2020 09:45:43 GMT
server: LiteSpeed
etag: "454-5e96d7c7-e70c8e40d1a6d829;br"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 439
expires: Wed, 30 Sep 2020 08:31:43 GMT

GET
H3-Q050 200 PiB.jpg
powerinbooks.xyz/book_pic/ 13 KB
13 KB 233ms
233ms Image
image/jpeg 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerinbooks.xyz/book_pic/PiB.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cd78bd3e86225e929aaedbb7d9940632566b6e981e66dc64a25ad04b270038cc

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
last-modified: Mon, 12 Nov 2018 20:18:18 GMT
server: LiteSpeed
etag: "351a-5be9e00a-48f957430fc48a87;;;"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13594
expires: Wed, 30 Sep 2020 08:31:44 GMT

GET
H2 200 reklamstore.js Show response
adserver.reklamstore.com/ 94 KB
29 KB 57ms
15ms Script
application/javascript 2600:9000:20e8:7400:1c:4bbb:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.reklamstore.com/reklamstore.js
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:7400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb87a7f398ab03411eea662b819f9a3426c37ed6f6dd8a8fe6b93c0cc00dccba

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:25:22 GMT
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 09:25:48 GMT
server: AmazonS3
age: 50782
etag: "629fd7e0a1804c945bd91cf213f52d1b"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: TXL52-C1
content-length: 29565
via: 1.1 960b0b60c4f1507c51c75d8f9ab0dc91.cloudfront.net (CloudFront)
x-amz-cf-id: 6Jqe2c-CPDWBacp2s--IOOjA_85phkjnTgIZD_yPu9eT9Z6u5VuELw==

GET
H3-Q050 200 Math_312_258.jpg
powerinbooks.xyz/book_pic/ 36 KB
36 KB 231ms
230ms Image
image/jpeg 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerinbooks.xyz/book_pic/Math_312_258.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ca0227856d57e1d793a33165ba0720e8b11690034d1e8c0bc757f84b8223e61a

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
last-modified: Mon, 12 Nov 2018 20:18:14 GMT
server: LiteSpeed
etag: "8eab-5be9e006-aed09b66b88b8483;;;"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 36523
expires: Wed, 30 Sep 2020 08:31:44 GMT

GET
H3-Q050 200 Phys_312_258.jpg
powerinbooks.xyz/book_pic/ 22 KB
22 KB 287ms
285ms Image
image/jpeg 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerinbooks.xyz/book_pic/Phys_312_258.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6e54b1ab7f86709afd59161e4b031d575bfc0a3539261f06b7097388e93d120f

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
last-modified: Mon, 12 Nov 2018 20:18:16 GMT
server: LiteSpeed
etag: "58f2-5be9e008-7ee9bf99fbe232a7;;;"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22770
expires: Wed, 30 Sep 2020 08:31:44 GMT

GET
H3-Q050 200 Eng_312_258.jpg
powerinbooks.xyz/book_pic/ 22 KB
22 KB 287ms
286ms Image
image/jpeg 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerinbooks.xyz/book_pic/Eng_312_258.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ecc9b09d2c060aa47c410de170346f8e6a8c6e5e7b0319b4f55f306218f4cea0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
last-modified: Mon, 12 Nov 2018 20:18:12 GMT
server: LiteSpeed
etag: "5978-5be9e004-b22f0fc067f3d102;;;"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22904
expires: Wed, 30 Sep 2020 08:31:44 GMT

GET
H3-Q050 200 Comp_312_258.jpg
powerinbooks.xyz/book_pic/ 27 KB
27 KB 287ms
286ms Image
image/jpeg 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerinbooks.xyz/book_pic/Comp_312_258.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c90e187c82804f5d43cad0704820a5d47e3a29e6e36fe750546a59a1a110a4bd

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
last-modified: Mon, 12 Nov 2018 20:18:10 GMT
server: LiteSpeed
etag: "6c80-5be9e002-1951860d6b7c5d2d;;;"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27776
expires: Wed, 30 Sep 2020 08:31:44 GMT

GET
H3-Q050 200 ajax-load.gif
powerinbooks.xyz/temp/img/ 2 KB
2 KB 287ms
286ms Image
image/gif 185.229.112.198
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerinbooks.xyz/temp/img/ajax-load.gif
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.229.112.198 , Singapore, ASN47583 (AS-HOSTINGER, LT),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8cf02ea0752e063d895b861f233fa29098bb7806077dd9879cae9c51511dd282

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
last-modified: Wed, 15 Apr 2020 09:45:42 GMT
server: LiteSpeed
etag: "6c9-5e96d7c6-da39a02ced464635;;;"
content-type: image/gif
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1737
expires: Wed, 30 Sep 2020 08:31:44 GMT

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131451498-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 7082
date: Wed, 23 Sep 2020 06:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 23 Sep 2020 08:33:41 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=776830024&t=pageview&_s=1&dl=https%3A%2F%2Fpowerinbooks.xyz%2Ftemp%2F&ul=en-us&de=UTF-8&dt=Group%20selection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1931893176&gjid=395029398&cid=190754598.1600849904&tid=UA-131451498-1&_gid=22981165.1600849904&_r=1&gtm=2ou9g1&z=718521393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://powerinbooks.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 107 KB
35 KB 61ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6f1d7d418d1f561064b1d14af8a2aac97ab2d43471b04a54aebecbd22774cdde

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:47:54 GMT
server: nginx
etag: W/"5f62178a-1aac7"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 24 Sep 2020 08:31:44 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 301 KB
104 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e615b3d70fbf2559b57d33bc0cabf18780bd4bcd006339aa447cc5ceae238f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105547
x-xss-protection: 0
expires: Wed, 23 Sep 2020 08:31:44 GMT

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 320 B
621 B 232ms
108ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=546324
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 2cca058bebb9cf229502b9b280d56a39e5c386acf8623efda084cb46682fbf86

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
29 KB 48ms
34ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4401c28c60867c4775161910ee378d3a8cf06f04969db07fd9a8bf5c0052bcea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29165
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Sep 2020 08:31:44 GMT

GET
H/1.1

200
OK

pix
ads.rekmob.com/retarget/
Redirect Chain

https://x.bidswitch.net/sync?ssp=reklamstore
https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
https://p.rfihub.com/cm?in=1&pub=20513&ssp=reklamstore
https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827872186450456&expires=30&ssp=reklamstore
https://ads.rekmob.com/retarget/pix?id=bs&cv=f12c2415-7870-4600-806b-efc017e55edf&d=1

35 B
403 B

41ms
41ms

Image
image/gif

146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/retarget/pix?id=bs&cv=f12c2415-7870-4600-806b-efc017e55edf&d=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Server: nginx/1.9.6
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

status: 302
date: Wed, 23 Sep 2020 08:31:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //ads.rekmob.com/retarget/pix?id=bs&cv=f12c2415-7870-4600-806b-efc017e55edf&d=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 321 B
620 B 175ms
52ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=546323
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: a6cd9897f29c9e8598d2ada065d304be4d7a86ad6bd8de26b13d53e4d408647b

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 321 B
619 B 180ms
56ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=546323
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 7c576122019f24dfcc364302eabdb986200919a42aafb16a8f51227fc448b4f9

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 320 B
621 B 182ms
55ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=546324
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: af050253ece08f4ad8e6b107bc160444c0243920823872a4b6ba82b745de6f2f

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 269 B
603 B 164ms
38ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=546325
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 2163ddd9a9414f7a3579b96d5d561f9f45a01d8080dec1b2816eb439fa668423

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H/1.1 200
OK init.js Show response
bank.reklamstore.com/ 125 KB
28 KB 196ms
53ms Script
application/javascript 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/init.js?v1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 80402a902d780a4f29c7995413f8cc769c588d0f326a3a35c8ececc3375092d2

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:30:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 13:16:00 GMT
Server: nginx/1.14.0
Etag: eccbc87e4b5ce2fe28308fd9f2a7baf3
Vary: Accept-Encoding
P3P: policyref="http://bank.reklamstore.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 27844
Expires: Wed, 23 Sep 2020 09:31:44 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 157 B
1 KB 116ms
43ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b83522dd69e0740d100d52abc4f74e6365ab8392f8f2f1bf572e65c7c8b6baa2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid: d52a5510-8020-4651-ab90-dc570070ad58
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://powerinbooks.xyz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 157
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__No0vsX3yPhTjzegWcCZN
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__No0vsX3yPhTjzegWcCZN

33 B
564 B

154ms
153ms

Script
text/javascript

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__No0vsX3yPhTjzegWcCZN

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7a96396765c3054c65f2416d981c2a9899f547f074cc39f7246ab12cc8973639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 157
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: nginx
status: 302
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__No0vsX3yPhTjzegWcCZN
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 4 KB
2 KB 190ms
65ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/adp?uid=17b71fac30bf4043a595e913181ac701&ufid=No0vsX3yPhTjzegWcCZN&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__No0vsX3yPhTjzegWcCZN&ref=powerinbooks.xyz&_=1600849904166&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: c99393772f546f8c8f975e222e6769bace065077559d73f92baac5502e6ea209

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 118ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=208&cb=27987516892
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:43 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://powerinbooks.xyz
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
170 B 127ms
42ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://powerinbooks.xyz
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 157 B
1 KB 122ms
53ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f3eda3d5154edbf4bd7ee9217b49c9d4a5b008c4a6e19234384ad89fe0971bd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid: 97c6ecd2-995d-4b8e-a583-605a9b4b0914
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://powerinbooks.xyz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 157
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__ao1BsvuAESiK5gCJyHCB
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__ao1BsvuAESiK5gCJyHCB

33 B
562 B

137ms
136ms

Script
text/javascript

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__ao1BsvuAESiK5gCJyHCB

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

83ea11c3423f5f5597668ea0d08d5539412d3687289a48573542d5ee6f6e7124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 156
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: nginx
status: 302
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5MQ%3D%3D&callback=adf__ao1BsvuAESiK5gCJyHCB
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 4 KB
2 KB 181ms
55ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/adp?uid=17b71fac30bf4043a595e913181ac701&ufid=ao1BsvuAESiK5gCJyHCB&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__ao1BsvuAESiK5gCJyHCB&ref=powerinbooks.xyz&_=1600849904171&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 0cdc1c08eca1639f87ab05c2a5ab0a95afa736c02a6e8178b5127c261e618470

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 114ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=208&cb=61563069471
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:43 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://powerinbooks.xyz
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
170 B 123ms
42ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://powerinbooks.xyz
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 157 B
1 KB 115ms
45ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

528ef0ede8cf81975ed74c35e0501ed634a7a2148c40e18fa6d205e46ceefff1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: df1c2866-2924-469c-8295-6a6b68277882
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://powerinbooks.xyz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 157
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__EfLUfeIj513EjLFodz46
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__EfLUfeIj513EjLFodz46

33 B
563 B

120ms
119ms

Script
text/javascript

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__EfLUfeIj513EjLFodz46

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2018399c0c9d7d421256e793d25d6a8dedeccb5323eea06f6edbc3e1a7f24579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 157
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: nginx
status: 302
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__EfLUfeIj513EjLFodz46
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 4 KB
2 KB 241ms
76ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/adp?uid=b45bda34c49e4b039c49d4c83f55d2f3&ufid=EfLUfeIj513EjLFodz46&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__EfLUfeIj513EjLFodz46&ref=powerinbooks.xyz&_=1600849904173&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 38a15215efe57ad810c8c67d03a833d05a31419ed4f69c71ec275809b302d422

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 112ms
38ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=208&cb=51414818812
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:43 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://powerinbooks.xyz
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
170 B 123ms
45ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://powerinbooks.xyz
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK bootloader.js Show response
web-clients.mynativeplatform.com/web-clients/bootloaders/vvRCA1LrQQeEkvmbcwvVTZ/ 6 KB
3 KB 480ms
406ms Script
application/javascript 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-clients.mynativeplatform.com/web-clients/bootloaders/vvRCA1LrQQeEkvmbcwvVTZ/bootloader.js
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60e26ad5580a84e69d47cddc700652e11b6828c4a56188c8e09fd3aeb0096626

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 16:26:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: W/"fbc4698ea9c6aaf6e5781e6b31000b48"
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript;charset=UTF-8
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: Pr6vuWBitT26ITpH9uL6dynPq62uTadsTf_xHZr35sh7cRJA_TzRoA==
Expires: 123456789

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 157 B
1 KB 113ms
46ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1bf74f3a400001f565aef823d7ab6afd7e827f3efa412bd306514bcc26382ed7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: df91ae03-29a6-4973-9d1d-0ad38ba47797
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://powerinbooks.xyz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 157
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__LrqOPsVD4FOMkdY0tFEN
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__LrqOPsVD4FOMkdY0tFEN

33 B
564 B

133ms
132ms

Script
text/javascript

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__LrqOPsVD4FOMkdY0tFEN

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a76da917170847df1c8edc8146515e7abc7ab861267c976b5312e4cbdbaa0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 158
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: nginx
status: 302
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTY2NTc5Mg%3D%3D&callback=adf__LrqOPsVD4FOMkdY0tFEN
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 4 KB
2 KB 187ms
64ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/adp?uid=b45bda34c49e4b039c49d4c83f55d2f3&ufid=LrqOPsVD4FOMkdY0tFEN&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__LrqOPsVD4FOMkdY0tFEN&ref=powerinbooks.xyz&_=1600849904215&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: c0a203bd7a650bab0287461393baa76852674e022985ae8b7660e5faf920729c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: AT
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 71ms
39ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=208&cb=66597348477
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:44 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://powerinbooks.xyz
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
170 B 80ms
44ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Wed, 23 Sep 2020 08:31:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://powerinbooks.xyz
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 59ms
22ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12753&s=powerinbooks.xyz&x=rekmob&nci=&adtg=17b71fac30bf4043a595e913181ac701&nai=&si=25074&pn=&h=250&w=300&bp=&pp=&ci=&ip=185.216.34.99&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4089
status: 200
content-length: 1146
cf-request-id: 055bb01b110000cbacba26e200000001
last-modified: Tue, 22 Sep 2020 17:21:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e93e8e56cbac-VIE
expires: Wed, 23 Sep 2020 10:31:44 GMT

GET
H/1.1

200
OK

rs.js Show response
bank.reklamstore.com/
Redirect Chain

https://iq.reklamselfie.com/585ce73218044
https://bank.reklamstore.com/rs.js

24 B
378 B

32ms
31ms

Script
application/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/rs.js
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:30:23 GMT
Last-Modified: Tue, 21 Feb 2017 07:13:43 GMT
Server: nginx/1.14.0
ETag: "18-549051ec0ae13"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24

Redirect headers

Location: https://bank.reklamstore.com/rs.js
Date: Wed, 23 Sep 2020 08:31:41 GMT
Server: openresty/1.11.2.2
Connection: keep-alive
Content-Length: 167
Content-Type: text/html

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 994 B
1 KB 121ms
30ms Script
text/plain 52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bc3a3597e7d88923e91bd093b97f464a481544905bdd2b37abc5e91255457549

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:44 GMT
Content-Length: 994
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

anx.php Show response
bank.reklamstore.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID
https://bank.reklamstore.com/anx.php?uid=8336981050456292442

41 B
438 B

32ms
32ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/anx.php?uid=8336981050456292442
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 433ff89507651216003b9ac67bcecbe9b83e539e9776a8c0f4989bd14a9467cf

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:30:23 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 41

Redirect headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: b0f76eb8-60f5-4eb2-a875-c4ed9c108363
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://bank.reklamstore.com/anx.php?uid=8336981050456292442
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx.php Show response
bank.reklamstore.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm=&google_tc=
https://bank.reklamstore.com/adx.php?google_gid=CAESELVH1C4o07Dpfzd78u8KdIo&google_cver=1

49 B
454 B

33ms
33ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adx.php?google_gid=CAESELVH1C4o07Dpfzd78u8KdIo&google_cver=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 7e1d3c09a0586e6eb1f565d37c54f1e7b2e84c1e8ba9753022f70b9b4f3ba5c3

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:30:23 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 49

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bank.reklamstore.com/adx.php?google_gid=CAESELVH1C4o07Dpfzd78u8KdIo&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adform.php Show response
bank.reklamstore.com/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1068
https://dmp.adform.net/serving/cookie/match?CC=1&party=1068
https://bank.reklamstore.com/adform.php?uid=2108028102630419389

41 B
440 B

32ms
32ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adform.php?uid=2108028102630419389
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 950a034fbb612afb020e14c5b455b8d5dc1605e03430da498691952bac5e4de3

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:30:23 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 41

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: nginx
status: 302
location: https://bank.reklamstore.com/adform.php?uid=2108028102630419389
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
expires: -1

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12475/ 2 KB
2 KB 99ms
30ms Script
application/javascript 99.86.7.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12475/px.js
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-72.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7dca65ac3e9c2c6315428f1246b268eac606465d18b5b224ee6ee872188ea42d

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 27 Aug 2020 00:01:32 GMT
Content-Encoding: UTF-8
Connection: keep-alive
Last-Modified: Tue, 25 Aug 2020 15:07:47 GMT
Server: AmazonS3
Age: 2363412
ETag: "41bf68ba668e5ed43a0ca44cea054097"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 1631
X-Amz-Cf-Id: BjU2v_dL0C06H5_NDqSC_eVz0XsHqAo_-Fdqk9NToqZkAu02-tl6lw==

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 23ms
23ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12753&s=powerinbooks.xyz&x=rekmob&nci=&adtg=b45bda34c49e4b039c49d4c83f55d2f3&nai=&si=25074&pn=&h=90&w=728&bp=&pp=&ci=&ip=185.216.34.99&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4089
status: 200
content-length: 1146
cf-request-id: 055bb01b200000cbacba26f200000001
last-modified: Tue, 22 Sep 2020 17:21:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e93e9e6ecbac-VIE
expires: Wed, 23 Sep 2020 10:31:44 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 26 KB
20 KB 21ms
21ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1600849904416&ver1=2.2.3&qid=230383f5530383f5434353&rnd=i4oi9odhxw3w&cid=544
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12753&s=powerinbooks.xyz&x=rekmob&nci=&adtg=17b71fac30bf4043a595e913181ac701&nai=&si=25074&pn=&h=250&w=300&bp=&pp=&ci=&ip=185.216.34.99&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c644c2cd6f71bf6dbe655890d136574f1d695e8c3a4368279387c7713062a795

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4089
status: 200
content-length: 20879
cf-request-id: 055bb01b2c0000cbacba270200000001
last-modified: Tue, 22 Sep 2020 17:21:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e93eae81cbac-VIE
expires: Wed, 23 Sep 2020 10:31:44 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 26 KB
20 KB 23ms
23ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1600849904429&ver1=2.2.3&qid=230383f5530383f5434353&rnd=rrj3csbiisbh&cid=544
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12753&s=powerinbooks.xyz&x=rekmob&nci=&adtg=b45bda34c49e4b039c49d4c83f55d2f3&nai=&si=25074&pn=&h=90&w=728&bp=&pp=&ci=&ip=185.216.34.99&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c644c2cd6f71bf6dbe655890d136574f1d695e8c3a4368279387c7713062a795

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4089
status: 200
content-length: 20879
cf-request-id: 055bb01b3a0000cbacba271200000001
last-modified: Tue, 22 Sep 2020 17:21:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e93ecea0cbac-VIE
expires: Wed, 23 Sep 2020 10:31:44 GMT

GET
H2 200 ron.reklamstore.com.926917.js Show response
jsc.mgid.com/r/o/ Frame 048B 263 KB
74 KB 70ms
33ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926917.js
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e628c11cfa302ba85b3d66e2ef3a23d6ea6481e474aba07a5af11c9b70c6a9

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4973
cf-polished: origSize=268975
status: 200
last-modified: Thu, 17 Sep 2020 14:28:41 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8BD500DB13550073
x-amz-id-2: S/LHQdBs6UZEaQCnsGkP6VbyxGantgJmdysLX2m6VbY0RUojMV1dszI5D4iQkJUSPyAbXBYUGLs=
cf-bgj: minify
server: cloudflare
etag: W/"7df5ed2e837210b9147bf3bb8a13fffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 055bb01b7600000f8a9019d200000001
cf-ray: 5d72e93f2f6e0f8a-VIE
expires: Wed, 23 Sep 2020 09:31:44 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame 048B 471 B
911 B 180ms
32ms Image
image/png 143.204.215.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-112.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 00:07:06 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 86395
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Content-Length: 471
X-Amz-Cf-Id: MFdp5T8_Zk4p8_MrB82xyMiieT01yIzJlxUKYKCubrag6q8w_HAyhg==

GET imp
ads.rekmob.com/m/ Frame 048B 0
0

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
446 B 34ms
15ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1600849904463358&ver=1.2r81&qid=230383f5530383f5434353&p=12753&s=powerinbooks.xyz&x=rekmob&cid=544&od1=&od2=&adtg=b45bda34c49e4b039c49d4c83f55d2f3&nci=&nai=&si=25074&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=rrj3csbiisbh&impid=&tps=58&ver1=2.2.3&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&os=&mm=&di=&ip=185.216.34.99&ci=&pp=&bp=&w=728&h=90&pn=&1=24a6f12b27dd47628bddc6b278127949&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x740&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=34&icp=https%253A//powerinbooks.xyz/temp/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-16-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-144-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9.2_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=18
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 4797
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e93f5adf1766-FRA
content-length: 26
cf-request-id: 055bb01b98000017664e210200000001
expires: Wed, 23 Sep 2020 10:31:44 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame 7DBE 471 B
911 B 171ms
30ms Image
image/png 143.204.215.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-112.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 00:07:06 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 86395
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Content-Length: 471
X-Amz-Cf-Id: 4nhcDWlY9C-guFiuq6ExHXMj3KetiHzrg-TD8sFeWH-xRM4zl9OkWA==

GET
H/1.1 200
OK 32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame 7DBE 42 KB
42 KB 207ms
37ms Image
image/jpeg 143.204.215.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-112.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 16:39:29 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 May 2020 15:53:13 GMT
Server: AmazonS3
Age: 57136
ETag: "1206c40415c3aa41e749ad6054d636b5"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Content-Length: 42678
X-Amz-Cf-Id: 6ExrDXxZC40_LRKuWUymEBsrp5yfuB5SGIMjzVmURR0Uy05Qd4ZAmw==

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame 7DBE 2 B
179 B 52ms
52ms Image
image/avif 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/m/imp?uid=b45bda34c49e4b039c49d4c83f55d2f3&udid=ab07b7688bb449ce818a9904aa493af2&rid=NWY2YjA3ZjAwY2YyZTIxNGU5MzJkNjYz&adId=MTM2MA==
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Connection: keep-alive
Server: nginx/1.9.6
X-Code: AT
Content-Length: 2
Content-Type: image/avif;charset=ISO-8859-1

GET
H2 200 ron.reklamstore.com.926916.js Show response
jsc.mgid.com/r/o/ Frame 3FA2 266 KB
74 KB 33ms
32ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11057f4fd257c91476fc2c087b8a11ef59b10f983b7159470d2266f47e516a65

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 6560
cf-polished: origSize=272440
status: 200
last-modified: Fri, 18 Sep 2020 13:58:25 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2WBPBTFH6S5JFN6M
x-amz-id-2: clqHbZJULt1BqNQARjHvQerAwLXs9nJKnP7U4zbzFkltljM6o/Xfqs97ihlv5xbw+hfqr2boTJw=
cf-bgj: minify
server: cloudflare
etag: W/"805a8af0669cf1131d41844ccc671a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 055bb01b9e00000f8a901a1200000001
cf-ray: 5d72e93f6fcf0f8a-VIE
expires: Wed, 23 Sep 2020 09:31:44 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame 3FA2 471 B
911 B 117ms
34ms Image
image/png 143.204.215.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-112.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 00:07:06 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 86395
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Content-Length: 471
X-Amz-Cf-Id: EizsZiWvdOvCMzX98yxBJs-VKRA0Y5YSiwbLOgtcsJRcPtbBOs0InQ==

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame 3FA2 2 B
179 B 44ms
44ms Image
image/avif 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/m/imp?uid=17b71fac30bf4043a595e913181ac701&udid=4a4e839d28b14193ba4a53ad2a7dc92c&rid=NWY2YjA3ZjAwY2YyYWUwNjBkYjM5Nzhl&adId=MTM3OA==
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Connection: keep-alive
Server: nginx/1.9.6
X-Code: AT
Content-Length: 2
Content-Type: image/avif;charset=ISO-8859-1

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
110 B 12ms
11ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1600849904542712&ver=1.2r81&qid=230383f5530383f5434353&p=12753&s=powerinbooks.xyz&x=rekmob&cid=544&od1=&od2=&adtg=b45bda34c49e4b039c49d4c83f55d2f3&nci=&nai=&si=25074&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=rrj3csbiisbh&impid=&tps=58&ver1=2.2.3&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&os=&mm=&di=&ip=185.216.34.99&ci=&pp=&bp=&w=728&h=90&pn=&1=24a6f12b27dd47628bddc6b278127949&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=34&icp=https%253A//powerinbooks.xyz/temp/&irfl=0&irf=&cty=4&fcs=1&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9.2_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=11
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 4797
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e93f7b1d1766-FRA
content-length: 26
cf-request-id: 055bb01bab000017664e212200000001
expires: Wed, 23 Sep 2020 10:31:44 GMT

GET
H2 200 ron.reklamstore.com.926916.js Show response
jsc.mgid.com/r/o/ Frame 6317 266 KB
74 KB 36ms
35ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11057f4fd257c91476fc2c087b8a11ef59b10f983b7159470d2266f47e516a65

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 6560
cf-polished: origSize=272440
status: 200
last-modified: Fri, 18 Sep 2020 13:58:25 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2WBPBTFH6S5JFN6M
x-amz-id-2: clqHbZJULt1BqNQARjHvQerAwLXs9nJKnP7U4zbzFkltljM6o/Xfqs97ihlv5xbw+hfqr2boTJw=
cf-bgj: minify
server: cloudflare
etag: W/"805a8af0669cf1131d41844ccc671a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 055bb01bbb00000f8a901a3200000001
cf-ray: 5d72e93f98150f8a-VIE
expires: Wed, 23 Sep 2020 09:31:44 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame 6317 471 B
911 B 220ms
30ms Image
image/png 143.204.215.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-112.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 00:07:06 GMT
Via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 86395
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Content-Length: 471
X-Amz-Cf-Id: SnBaJmHFEqIPLkqxPjpCqX5MarV6LKbtPKKqgPn1Gsnc9yHYgR4t5w==

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame 6317 2 B
179 B 51ms
50ms Image
image/avif 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/m/imp?uid=17b71fac30bf4043a595e913181ac701&udid=2f0f9dc01240487a95ce9079ffae858b&rid=NWY2YjA3ZjAwY2YyNTRmYmZjMDhkODRm&adId=MTM3OA==
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:08:02 GMT
Connection: keep-alive
Server: nginx/1.9.6
X-Code: AT
Content-Length: 2
Content-Type: image/avif;charset=ISO-8859-1

GET
H/1.1

200
OK

/ Show response
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1
https://ps.eyeota.net/pixel/bounce/?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1

0
344 B

30ms
30ms

Script
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=bsbc9g1&t=ajs&uid=5f6b07f04dafb&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1
Date: Wed, 23 Sep 2020 08:31:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 957 B
2 KB 263ms
60ms Script
application/javascript 52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=11&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c2d77aec147745502dfa867d4bb3413121601ed1f00ad6acb28408cc9b736b00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 957
Expires: Thu, 17 Sep 2020 14:37:41 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 957 B
2 KB 324ms
61ms Script
application/javascript 52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=11&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6c675bd326555555a96977a6031c9da4a0968d874cd1f5d79fa9a8357868abde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 957
Expires: Thu, 17 Sep 2020 14:37:41 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 957 B
2 KB 357ms
61ms Script
application/javascript 52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=11&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

69e7d5e8b6c3a4a0beb1692c2339ab3c3554b4cbb35e2da2843ada6bf29e307b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 957
Expires: Thu, 17 Sep 2020 14:37:41 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 957 B
2 KB 409ms
63ms Script
application/javascript 52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=11&fid=db1ae197-a481-4543-b201-6101b6d6663f

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4bc87348740d31ca6cb2d4432b5b0a724c800ce36abed5bc2cf95ef03a8feb60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 957
Expires: Thu, 17 Sep 2020 14:37:41 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 957 B
2 KB 403ms
61ms Script
application/javascript 52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=11&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8913edcb0ecdb60ead7e20cbe7ef65e43e09a7d367939fd54bf6d1fbb54d86ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:44 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 957
Expires: Thu, 17 Sep 2020 14:37:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 048B 25 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 08:25:00 GMT
server: ESF
date: Wed, 23 Sep 2020 08:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Sep 2020 08:31:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 048B 2 KB
669 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 07:02:25 GMT
server: ESF
date: Wed, 23 Sep 2020 08:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Sep 2020 08:31:44 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame 048B 2 KB
1 KB 24ms
23ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4009
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 055bb01c1d00000f8a901a5200000001
cf-ray: 5d72e940290f0f8a-VIE

GET
DATA 200
OK truncated
/ Frame 048B 507 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 6317 2 KB
1020 B 35ms
21ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 07:03:58 GMT
server: ESF
date: Wed, 23 Sep 2020 08:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Sep 2020 08:31:44 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame 6317 2 KB
840 B 21ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4009
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 055bb01c2a00000f8a901a8200000001
cf-ray: 5d72e940492a0f8a-VIE

GET
DATA 200
OK truncated
/ Frame 6317 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 048B 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://powerinbooks.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 170729
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:15 GMT

GET
H2 200 1 Show response
servicer.mgid.com/926917/ Frame 048B 4 KB
2 KB 80ms
79ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/926917/1?w=728&h=90&cols=3&pv=5&src_id=25074_48754&cbuster=1600849904687564560445&uniqId=17f4c&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpowerinbooks.xyz%2Ftemp%2F&pageView=1&pvid=174ba17042fa9db4b0c&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926917.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870b7bfa17500a5d31f4a3a476cbbd93966644884940751f534906ee1a409e0f

Request headers

Referer: https://powerinbooks.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94069520f8a-VIE
content-type: application/x-javascript; charset=utf-8
cf-request-id: 055bb01c3c00000f8a901aa200000001

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 3FA2 2 KB
595 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 07:07:18 GMT
server: ESF
date: Wed, 23 Sep 2020 08:31:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Sep 2020 08:31:44 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame 3FA2 2 KB
841 B 22ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4009
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 055bb01c4c00000f8a901ab200000001
cf-ray: 5d72e940797a0f8a-VIE

GET
DATA 200
OK truncated
/ Frame 3FA2 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6317 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://powerinbooks.xyz
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 50908
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:23:16 GMT

GET
H2 200 widget3.js Show response
ad.reklamnative.com/pub2/web/ 92 KB
14 KB 164ms
125ms Script
text/javascript 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.reklamnative.com/pub2/web/widget3.js?zone=z-546325&organicClickTracking=%5BORGANIC_TRACKING_PIXEL%5D&paidClickTracking=%5BPAID_TRACKING_PIXEL%5D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&widget_num=1&url=http%3A%2F%2FPowerinbooks.com&nocache=1600849904722&is_data_url_set=true&gdpr=&gdpr_consent=
Requested by: Host: web-clients.mynativeplatform.com
URL: https://web-clients.mynativeplatform.com/web-clients/bootloaders/vvRCA1LrQQeEkvmbcwvVTZ/bootloader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: 855abd131202d4d46e2c0bc0648cd3021d62cf0f03816f7e5343418450473633

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 13702
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: hSFPD4Lu_B0bKAnocxPT-cWFN6kerRXIPYM8NC1Rt1drZzOFzD3X1g==

POST
H/1.1 200
OK store.php Show response
bank.reklamstore.com/ 0
261 B 124ms
32ms XHR
text/html 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/store.php
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 23 Sep 2020 08:30:23 GMT
Server: nginx/1.14.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 0

GET
H2 200 1 Show response
servicer.mgid.com/926916/ Frame 6317 985 B
856 B 76ms
76ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/926916/1?w=300&h=250&p1_w=300&p1_h=250&cols=1&pv=5&src_id=25074_48753&cbuster=1600849904731791539775&uniqId=06420&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpowerinbooks.xyz%2Ftemp%2F&pageView=0&pvid=174ba17045b952003d1&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbde2f9f8ad439abf59a80d30b05f01b6f9e41324abeefd4815cb5b6641aae55

Request headers

Referer: https://powerinbooks.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e940aa200f8a-VIE
content-type: application/x-javascript; charset=utf-8
cf-request-id: 055bb01c6700000f8a901ac200000001

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3FA2 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://powerinbooks.xyz
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 50908
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:23:16 GMT

POST
H/1.1 200
OK store.php Show response
bank.reklamstore.com/ 0
261 B 141ms
31ms XHR
text/html 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/store.php
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 23 Sep 2020 08:30:23 GMT
Server: nginx/1.14.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 0

GET
H2 200 1 Show response
servicer.mgid.com/926916/ Frame 3FA2 979 B
824 B 73ms
73ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/926916/1?w=300&h=250&p1_w=300&p1_h=250&cols=1&pv=5&src_id=25074_48753&cbuster=1600849904755922915609&uniqId=0079a&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpowerinbooks.xyz%2Ftemp%2F&pageView=0&pvid=174ba170473840b758b&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b82ec57fad2d8330738ba63ae6b252ae247e42b5396237b981187eef009505d

Request headers

Referer: https://powerinbooks.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e940ca5b0f8a-VIE
content-type: application/x-javascript; charset=utf-8
cf-request-id: 055bb01c7f00000f8a901ae200000001

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 048B 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://powerinbooks.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 11:04:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 163653
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 21 Sep 2021 11:04:11 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ Frame 048B 1 KB
709 B 85ms
81ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1600849904784635417403
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926917.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a06b783572aaeb0f9870abc5a662c43b5c14127b1fc5905f941f1a95ee904cdb

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7aae5947-785b-4c1c-87bf-7ecc9049b89e
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055bb01c9f00000f8a901b0200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e940fb040f8a-VIE

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 8C37 19 B
293 B 82ms
81ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1600849904787483909299
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926917.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: b5f80226-14b2-401a-847c-d7b71f9e5a56
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055bb01cb400000f8a901b6200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9412b390f8a-VIE

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc*.webp
s-img.mgid.com/g/4039678/328x328/24x0x607x607/ Frame 048B 21 KB
21 KB 26ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4039678/328x328/24x0x607x607/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc*.webp
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 023d776d286a871685b2ab6af331cfe01e09ab2dc3d25617c69624c445e1492a

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
age: 7214962
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21680
cf-request-id: 055bb01ca300000f8a901b3200000001
last-modified: Mon, 19 Aug 2019 09:58:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e9410b0c0f8a-VIE
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc*.webp
s-img.mgid.com/g/3839414/328x328/211x0x506x506/ Frame 048B 13 KB
13 KB 28ms
26ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839414/328x328/211x0x506x506/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc*.webp
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1563a22f01587c1b2895ad46aa96116e5a320db7f98dd96fe807de1aceaf53b8

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
age: 10293721
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13490
cf-request-id: 055bb01ca300000f8a901b4200000001
last-modified: Sat, 25 Apr 2020 01:21:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e9410b0f0f8a-VIE
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc*.webp
s-img.mgid.com/g/5097659/328x328/171x0x357x357/ Frame 048B 27 KB
28 KB 23ms
22ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097659/328x328/171x0x357x357/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc*.webp
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dc18acd0de2ec4632341e77bdd627e88231ffdd20af2d1e7572b53118622f59

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
age: 19418733
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27802
cf-request-id: 055bb01ca300000f8a901b2200000001
last-modified: Tue, 11 Feb 2020 13:33:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e9410b0b0f8a-VIE
cf-bgj: h2pri

GET
H2 200 i.js Show response
cm.mgid.com/ Frame 6317 1 KB
720 B 75ms
74ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1600849904816410256025
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 035f7c09c408307babf475a9f665f01cb38a23dc1a994925a2ee8533d170173c

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6ce88c1a-9a0a-49fc-b927-3e06c93ee747
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055bb01cc900000f8a901b8200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9414b6c0f8a-VIE

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 6319 19 B
156 B 78ms
78ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1600849904820299696386
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 32d60b9f-5fc9-42a2-82a9-ec658e3a74b8
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055bb01ccb00000f8a901b9200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9414b700f8a-VIE

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp Show response
s-img.mgid.com/g/6288128/492x328/0x155x900x600/ Frame 6317 7 KB
8 KB 505ms
220ms Fetch
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-img.mgid.com/g/6288128/492x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: MISS
x-mg-request-uuid: 0557cbaa-bfeb-40af-a7ef-a8307f5eb585
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
cf-request-id: 055bb01dde00000d56a48f4200000001
last-modified: Fri, 28 Aug 2020 00:39:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e942faf90d56-VIE

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
s-img.mgid.com/g/6288128/492x328/0x155x900x600/ Frame 6317 7 KB
7 KB 22ms
22ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2a6f950e-a9b7-4c6d-b701-199945f8396b
age: 6536117
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
cf-request-id: 055bb01cf100000f8a901bd200000001
last-modified: Thu, 09 Jul 2020 16:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e9418bc60f8a-VIE

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame 3FA2 2 KB
1 KB 22ms
21ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4009
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 055bb01d0400000f8a901c0200000001
cf-ray: 5d72e941abf50f8a-VIE

GET
H2 200 i.js Show response
cm.mgid.com/ Frame 3FA2 1 KB
679 B 81ms
81ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1600849904834802429103
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aaab5563c099b3c4598869c386d26623a786fa10aaa23ab8b31ef3d3b1709f1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0fdb54bc-4dee-418b-83f2-d64799f0ae19
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055bb01d0600000f8a901c2200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e941abf90f8a-VIE

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame BD73 19 B
150 B 76ms
76ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1600849904837535559456
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 82e917c6-f1cb-4877-bf75-0fe7f3417561
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 055bb01d0700000f8a901c3200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e941abfd0f8a-VIE

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNiZTYwMGM4MzU5ZDliMDJiMWViZmM0Nzk4YjRkMzhkLmpwZWc*.webp Show response
s-img.mgid.com/g/4723166/492x328/0x0x1439x959/ Frame 3FA2 46 KB
46 KB 581ms
312ms Fetch
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-img.mgid.com/g/4723166/492x328/0x0x1439x959/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNiZTYwMGM4MzU5ZDliMDJiMWViZmM0Nzk4YjRkMzhkLmpwZWc*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc26ffbbdab37451a24e6feccf6bcb434aef96ea721f502555eb02fe00f7255

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: MISS
x-mg-request-uuid: edce7e7b-691e-4692-9eab-40eca6389253
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46770
cf-request-id: 055bb01dde00000d56a48f5200000001
last-modified: Wed, 09 Sep 2020 03:00:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e942fafb0d56-VIE

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNiZTYwMGM4MzU5ZDliMDJiMWViZmM0Nzk4YjRkMzhkLmpwZWc*.webp
s-img.mgid.com/g/4723166/492x328/0x0x1439x959/ Frame 3FA2 46 KB
46 KB 24ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4723166/492x328/0x0x1439x959/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNiZTYwMGM4MzU5ZDliMDJiMWViZmM0Nzk4YjRkMzhkLmpwZWc*.webp
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc26ffbbdab37451a24e6feccf6bcb434aef96ea721f502555eb02fe00f7255

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
cf-cache-status: HIT
age: 9089151
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46770
cf-request-id: 055bb01d0800000f8a901c4200000001
last-modified: Mon, 16 Dec 2019 00:39:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d72e941abff0f8a-VIE
cf-bgj: h2pri

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&cklb=1
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=8712548919510032841&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

95 B
871 B

65ms
64ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=8712548919510032841&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:45 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=8712548919510032841&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
Cache-Control: no-cache,no-store
Content-Length: 0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
https://s.cpx.to/ca.png?dsp=dbm&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

95 B
804 B

212ms
63ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

95 B
865 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: 4021c4e7-e922-4099-9e9f-117c2ac50c41
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=C1A4D8D9-5719-4960-A860-7EF469926323&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

95 B
881 B

62ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=C1A4D8D9-5719-4960-A860-7EF469926323&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=C1A4D8D9-5719-4960-A860-7EF469926323&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 447
Content-Type: text/html; charset=iso-8859-1

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 60ms
22ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=33e6cf7e-0081-4d73-bbd8-22bb7731e5fb&fck=5c1b03299bfc0519&cbp=dsp_uid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://pool.grid-data.bidswitch.net/sync?pid=42
https://s.cpx.to/sync?dsp_uid=f12c2415-7870-4600-806b-efc017e55edf&dsp=BIDSWITCH

95 B
882 B

64ms
63ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=f12c2415-7870-4600-806b-efc017e55edf&dsp=BIDSWITCH

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:52 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:52 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp_uid=f12c2415-7870-4600-806b-efc017e55edf&dsp=BIDSWITCH
Date: Wed, 23 Sep 2020 08:31:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 7BFE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

1135ms
35ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1600849904784635417403
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://powerinbooks.xyz/temp/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerinbooks.xyz/temp/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9456
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75043
Expires: Thu, 24 Sep 2020 05:22:29 GMT
Date: Wed, 23 Sep 2020 08:31:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 23 Sep 2020 08:31:44 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame 048B 0
155 B 792ms
77ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k8nIIc_fG3v1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9469d970f92-VIE
content-type: image/gif
cf-request-id: 055bb0201f00000f9217064200000001

GET
H2

200

sync.gif
dispatcher.adxcore.com/a/ Frame 048B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8nIIc_fG3v1
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=f12c2415-7870-4600-806b-efc017e55edf

43 B
375 B

3157ms
67ms

Image
image/gif

5.135.96.59
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=f12c2415-7870-4600-806b-efc017e55edf
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.135.96.59 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 23 Sep 2020 08:31:48 GMT
cache-control: max-age=900, public, private
expires: Wed, 23 Sep 2020 08:46:48 GMT
server: Apache
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Wed, 23 Sep 2020 08:31:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=f12c2415-7870-4600-806b-efc017e55edf
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/ Frame 048B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906

43 B
156 B

72ms
72ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: b4ae9a01-86be-48ec-81c7-d6cbee3b4377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94dceea0f8a-VIE
content-type: image/gif
cf-request-id: 055bb0249d00000f8a9022b200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ Frame 048B 0
328 B 210ms
69ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k8nIIc_fG3v1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/ Frame 048B
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid&tc=1

43 B
454 B

123ms
123ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid&tc=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 7c8c3c2d-3761-48d7-b11b-50a0da0867b1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9432e280f8a-VIE
content-type: image/gif
cf-request-id: 055bb01df500000f8a901d1200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT, Wed, 23 Sep 2020 08:31:45 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
cm.mgid.com/ Frame 048B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhuSUljX2ZHM3Yx&muidn=k8nIIc_fG3v1
https://cm.mgid.com/google?muidn=k8nIIc_fG3v1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1

0
99 B

75ms
75ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k8nIIc_fG3v1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e941abf70f8a-VIE
content-type: text/plain
cf-request-id: 055bb01d0500000f8a901c1200000001

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k8nIIc_fG3v1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame 048B
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=0ed05415-686c-47b6-935f-aa5affe19214&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=

43 B
575 B

78ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 9249bf97-6c8f-45ed-9ee7-6070d5577c55
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e949988d0f8a-VIE
content-type: image/gif
cf-request-id: 055bb021fa00000f8a90211200000001
server: cloudflare

Redirect headers

status: 302
date: Wed, 23 Sep 2020 08:31:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK mainSunMar082020104658GMT0200IsraelStandardTime.js Show response
web-clients.mynativeplatform.com/web-clients/core/production/ 326 KB
99 KB 37ms
37ms Script
application/javascript 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web-clients.mynativeplatform.com/web-clients/core/production/mainSunMar082020104658GMT0200IsraelStandardTime.js
Requested by: Host: ad.reklamnative.com
URL: https://ad.reklamnative.com/pub2/web/widget3.js?zone=z-546325&organicClickTracking=%5BORGANIC_TRACKING_PIXEL%5D&paidClickTracking=%5BPAID_TRACKING_PIXEL%5D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&widget_num=1&url=http%3A%2F%2FPowerinbooks.com&nocache=1600849904722&is_data_url_set=true&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c58fc16fa25cea8c51ac1685356749017194e3f637796cf95a8613ab6f9f2a0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 22:06:46 GMT
Content-Encoding: gzip
Age: 728699
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 101081
Last-Modified: Sun, 08 Mar 2020 08:47:17 GMT
Server: AmazonS3
ETag: "8faf88bd2bd82fabc40f4087b74d357e"
Content-Type: application/javascript
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 78mShxLnA1C-W80zk89gvFAtEWwQHlls94t43na7c5K_g4GGN0crgg==
Expires: Mon, 08 Mar 2021 09:53:38 GMT

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 21ms
21ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=dbc1b930-5dd7-4375-a21e-58442079eb21&fck=5c1b02f6f21abbef&cbp=dsp_uid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=15C3FFEB-5326-4966-9B49-4FFCA3581E7D&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

95 B
881 B

64ms
64ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=15C3FFEB-5326-4966-9B49-4FFCA3581E7D&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=15C3FFEB-5326-4966-9B49-4FFCA3581E7D&fid=dbc1b930-5dd7-4375-a21e-58442079eb21
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 447
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21&cklb=1
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

95 B
871 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:45 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=dbc1b930-5dd7-4375-a21e-58442079eb21
Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:44 GMT
Cache-Control: no-cache,no-store
Content-Length: 0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=dbc1b930-5dd7-4375-a21e-58442079eb21
https://s.cpx.to/ca.png?dsp=dbm&fid=dbc1b930-5dd7-4375-a21e-58442079eb21&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

95 B
804 B

163ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=dbc1b930-5dd7-4375-a21e-58442079eb21&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=dbc1b930-5dd7-4375-a21e-58442079eb21&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3Ddbc1b930-5dd7-4375-a21e-58442079eb21
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

95 B
865 B

64ms
63ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=dbc1b930-5dd7-4375-a21e-58442079eb21

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: 9529c24e-1a84-422c-baf9-790e2fd684af
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=dbc1b930-5dd7-4375-a21e-58442079eb21
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame 6317
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid

43 B
157 B

79ms
79ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 3869b03b-8ff0-4f5b-ae15-23033f3d4939
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e945dac50f8a-VIE
content-type: image/gif
cf-request-id: 055bb01fab00000f8a901ea200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT, Wed, 23 Sep 2020 08:31:45 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame 6317
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=5dd86ed8-d8b3-4335-9cfe-51ca5ff5a67b&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=

43 B
156 B

76ms
76ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 28872538-c2a3-47eb-8df5-f16852646cf9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e949b8bd0f8a-VIE
content-type: image/gif
cf-request-id: 055bb0221300000f8a90214200000001
server: cloudflare

Redirect headers

status: 302
date: Wed, 23 Sep 2020 08:31:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 1A50
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

1140ms
35ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1600849904816410256025
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://powerinbooks.xyz/temp/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerinbooks.xyz/temp/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9456
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75043
Expires: Thu, 24 Sep 2020 05:22:29 GMT
Date: Wed, 23 Sep 2020 08:31:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 23 Sep 2020 08:31:44 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/ Frame 6317
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906

43 B
323 B

73ms
73ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 9fc0de9a-d1cb-4318-9542-9fe60c9e566c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94dceda0f8a-VIE
content-type: image/gif
cf-request-id: 055bb0249800000f8a90229200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=e4981302-575f-4af2-9d60-6be8dc84b0a7&ttl=1603441906
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 6317
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8nILExYlkv1
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=f12c2415-7870-4600-806b-efc017e55edf&rdrctExp=true

0
472 B

126ms
126ms

Image
text/plain

50.31.142.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=f12c2415-7870-4600-806b-efc017e55edf&rdrctExp=true
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.31 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:45 GMT
Cache-Control: no-cache
X-TraceId: 241233aeabc3a5cf9be1e26ff633a664
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=f12c2415-7870-4600-806b-efc017e55edf&rdrctExp=true
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-TraceId: 1473f74f5ebe527970e0e28c80fd2660
Content-Length: 0

GET
H2

200

google
cm.mgid.com/ Frame 6317
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhuSUxFeFlsa3Yx&muidn=k8nILExYlkv1
https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1

0
111 B

143ms
143ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e941dc3d0f8a-VIE
content-type: text/plain
cf-request-id: 055bb01d2700000f8a901c7200000001

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame 6317 0
556 B 113ms
76ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k8nILExYlkv1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9469d980f92-VIE
content-type: image/gif
cf-request-id: 055bb0202000000f9217065200000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ Frame 6317 0
327 B 70ms
70ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k8nILExYlkv1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F9B33382-415C-4CF3-84CC-F2F0E4FDC31A&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

95 B
881 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F9B33382-415C-4CF3-84CC-F2F0E4FDC31A&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F9B33382-415C-4CF3-84CC-F2F0E4FDC31A&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 447
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
https://s.cpx.to/ca.png?dsp=dbm&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

95 B
804 B

158ms
63ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 27ms
27ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d&fck=5c1b03772e09c38a&cbp=dsp_uid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

95 B
871 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:45 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
Date: Wed, 23 Sep 2020 08:31:45 GMT
Content-Length: 0

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3D7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

95 B
865 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: b17ddca2-8aa4-42ab-a30b-2a015ba11c5b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=7e8a3316-2bd0-4dc9-ab10-f2002cb31c8d
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

google
cm.mgid.com/ Frame 3FA2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhuSUxFeFlsa3Yx&muidn=k8nILExYlkv1
https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1

0
192 B

82ms
82ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e9424cd90f8a-VIE
content-type: text/plain
cf-request-id: 055bb01d6900000f8a901cb200000001

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k8nILExYlkv1&google_ula={guid},5&google_gid=CAESELVZ1LMAjQ1KuKtIooK0zaU&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 8EF3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

1143ms
35ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1600849904834802429103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://powerinbooks.xyz/temp/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerinbooks.xyz/temp/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9456
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75043
Expires: Thu, 24 Sep 2020 05:22:29 GMT
Date: Wed, 23 Sep 2020 08:31:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 23 Sep 2020 08:31:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/ Frame 3FA2
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=f12c2415-7870-4600-806b-efc017e55edf
https://x.bidswitch.net/sync?dsp_id=340&user_id=311f668d-d03e-4cd0-a4f3-e7ed51fdcb59&expires=10&ssp=mgid&bsw_param=f12c2415-7870-4600-806b-efc017e55edf
https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=

43 B
307 B

77ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 6f0dab2d-7982-49d4-9ed7-662026bcdbb4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94549630f8a-VIE
content-type: image/gif
cf-request-id: 055bb01f4c00000f8a901e4200000001
server: cloudflare

Redirect headers

status: 302
date: Wed, 23 Sep 2020 08:31:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame 3FA2 0
74 B 71ms
70ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k8nILExYlkv1
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1600849904834802429103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e947efb40f92-VIE
content-type: image/gif
cf-request-id: 055bb020f500000f921706a200000001

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 3FA2
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8nILExYlkv1
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=

43 B
684 B

1472ms
39ms

Image
image/gif

185.86.138.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:45 GMT
Cache-Control: no-cache,no-store
Content-Type: image/gif
Transfer-Encoding: chunked
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

status: 302
date: Wed, 23 Sep 2020 08:31:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=f12c2415-7870-4600-806b-efc017e55edf&gdpr=&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/ Frame 3FA2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=de7ab710-2512-47b8-a114-f24acdb12963&ttl=1603441906

43 B
156 B

76ms
75ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=de7ab710-2512-47b8-a114-f24acdb12963&ttl=1603441906
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 569d2e16-eed1-4678-842f-61a11144cc1f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94dcedc0f8a-VIE
content-type: image/gif
cf-request-id: 055bb0249900000f8a9022a200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=de7ab710-2512-47b8-a114-f24acdb12963&ttl=1603441906
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ Frame 3FA2 0
327 B 70ms
69ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k8nILExYlkv1
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1600849904834802429103
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/ Frame 3FA2
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid

43 B
155 B

77ms
77ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 30d84467-c719-4c25-a133-2241d76cdbc7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e949b8b70f8a-VIE
content-type: image/gif
cf-request-id: 055bb0220e00000f8a90213200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Wed, 23 Sep 2020 08:31:46 GMT, Wed, 23 Sep 2020 08:31:46 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=C7d5QBwg3200SbbVaQHP&pi=mgid
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=db1ae197-a481-4543-b201-6101b6d6663f

95 B
865 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=db1ae197-a481-4543-b201-6101b6d6663f

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.231:80
AN-X-Request-Uuid: 44300eda-16d5-4553-a246-bf570c26abb3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=db1ae197-a481-4543-b201-6101b6d6663f
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=db1ae197-a481-4543-b201-6101b6d6663f

95 B
871 B

62ms
62ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=db1ae197-a481-4543-b201-6101b6d6663f

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=3848786116519656383&fid=db1ae197-a481-4543-b201-6101b6d6663f
Date: Wed, 23 Sep 2020 08:31:45 GMT
Content-Length: 0

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=db1ae197-a481-4543-b201-6101b6d6663f
https://s.cpx.to/ca.png?dsp=dbm&fid=db1ae197-a481-4543-b201-6101b6d6663f&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

95 B
804 B

113ms
60ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=db1ae197-a481-4543-b201-6101b6d6663f&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=db1ae197-a481-4543-b201-6101b6d6663f&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 21ms
19ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=db1ae197-a481-4543-b201-6101b6d6663f&fck=5c1b02a9317266fe&cbp=dsp_uid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Ddb1ae197-a481-4543-b201-6101b6d6663f
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B628369A-0CD8-496B-AC32-6F7045284CE7&fid=db1ae197-a481-4543-b201-6101b6d6663f

95 B
881 B

61ms
61ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B628369A-0CD8-496B-AC32-6F7045284CE7&fid=db1ae197-a481-4543-b201-6101b6d6663f

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B628369A-0CD8-496B-AC32-6F7045284CE7&fid=db1ae197-a481-4543-b201-6101b6d6663f
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 447
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D11%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366
https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

95 B
865 B

63ms
62ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Proxy-Origin: 185.216.34.99; 185.216.34.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: 7cadb532-4897-4529-9520-ec8a94a940c6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8336981050456292442&pid=12475&ref=&hn_ver=11&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 21ms
20ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366&fck=5c1b00dd973596ba&cbp=dsp_uid
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366
https://s.cpx.to/ca.png?dsp=dbm&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

95 B
804 B

164ms
63ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:45 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366&google_gid=CAESEOpOaGoU7OVrUpL6ktYBamM&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=152BC5FE-5064-4CAF-9A57-486C098B2488&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

95 B
881 B

82ms
63ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=152BC5FE-5064-4CAF-9A57-486C098B2488&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=152BC5FE-5064-4CAF-9A57-486C098B2488&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 447
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Dcd109e43-3e3b-4fac-a1ad-baef56d41366
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4188114646304815239&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

95 B
871 B

76ms
60ms

Image
image/png

52.31.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4188114646304815239&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366

Requested by

Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-177-108.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 23 Sep 2020 08:31:46 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 23 Sep 2020 08:31:46 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4188114646304815239&fid=cd109e43-3e3b-4fac-a1ad-baef56d41366
Date: Wed, 23 Sep 2020 08:31:46 GMT
Content-Length: 0

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
265 B 13ms
13ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1600849905072&rnd=rrj3csbiisbh&ifm=0&uai=1&cid=544&s=powerinbooks.xyz&p=12753&x=rekmob&adtg=b45bda34c49e4b039c49d4c83f55d2f3&ats=0&atf=&nsi=&si=25074&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//powerinbooks.xyz/temp/&impid=
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 4796
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e942ba3f1766-FRA
content-length: 26
cf-request-id: 055bb01db1000017664e238200000001
expires: Wed, 23 Sep 2020 10:31:45 GMT

GET
H2 200 report.json
ad.reklamnative.com/pub2/ 2 B
633 B 98ms
98ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/report.json?name=ping&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&widget_num=1&ad_id=&is_data_url_set=true&browserSize=1600x1200&url=http%3A%2F%2FPowerinbooks.com&zone=z-546325&nocache=1600849905139
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: iqbNnUQiYORpflhLtgpWlz3kYAHIDGeQs6UandtrIXIYN4-MtpST-A==

GET
H/1.1 200
OK 5c9b3529da37d.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 27 KB
27 KB 550ms
148ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b3529da37d.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25c0f8196574c3970177b5eb8a6553dbc2eae13f7dd52882b0a8ead9ed9e7c8a

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:18 GMT
Server: AmazonS3
x-amz-request-id: 5DEB49FCB9AAA175
ETag: "1b6b7365af7144b020ef2c4d55d1556d"
Content-Type: image/jpeg
x-amz-version-id: U2bC5pGNBu4S2khnoFvf337RjvZsiBXZ
Accept-Ranges: bytes
Content-Length: 27206
x-amz-id-2: MHS4AM+8vjzB02uTs/JNoUH/Dw8IjMFdvHzIIqPDd21hnl1hDev3//RPr4Zzk5M2HHyhh16Arvg=

GET
H/1.1 200
OK 5c9b334c465ae.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 12 KB
12 KB 551ms
149ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b334c465ae.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3d67951a43b73a6dbadc862977830097e98e63eabfa21a168992ea20c88cbee1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:18 GMT
Server: AmazonS3
x-amz-request-id: C698C80C8D6833D4
ETag: "6e540c55250b32ca4b5f2a467a1db6dc"
Content-Type: image/jpeg
x-amz-version-id: tvIEJlxZCxqE3dfCDhwQaouQOSVlXsvV
Accept-Ranges: bytes
Content-Length: 12217
x-amz-id-2: DwcuBJ9zhfDNOoJL2b4XLpSDvItMlHAdrHQlqtZrRH3NmpZUNDKDWkIHgGq1BnciqSM97Am9OII=

GET
H/1.1 200
OK 5c9b348d93706.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 9 KB
10 KB 550ms
149ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b348d93706.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 746dc9496f148b7114c58aa27004b7a35429c99cb6ffc37518299524cfdf4d35

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:18 GMT
Server: AmazonS3
x-amz-request-id: 5DF34A08995EB5F5
ETag: "7ef246b41448da816f68a1370c80622f"
Content-Type: image/jpeg
x-amz-version-id: 1MnY5RRZsDlQkrvNUPqLoyTPGuzRYGJQ
Accept-Ranges: bytes
Content-Length: 9496
x-amz-id-2: V0BDTsE0g9PwFLyc0yZRkR9qsMV+MUO76YpH3GfWrVrBmXGkDcpzjWqCRcb4uxnZ47Y5UScs1lE=

GET
H/1.1 200
OK 5c9b359a231ab.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 12 KB
12 KB 558ms
148ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b359a231ab.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: adea6fadfcee5264d8a5c3e03c4feea08b6bbdaece43d32c15b4d54d85811d3d

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:18 GMT
Server: AmazonS3
x-amz-request-id: 4DA66638FC681EAF
ETag: "6336a243051d523f08deb5734861e392"
Content-Type: image/jpeg
x-amz-version-id: K5GsYS8BECzImorNI1nbs8PWWcwA.GRL
Accept-Ranges: bytes
Content-Length: 12218
x-amz-id-2: QL9YBqoJvLwybL5aSE9y7STdUgiLt0gSpaLiZi5Hv9myQSVFs7koPVkxeCrZmxxfLJBPJgMXeUk=

GET
H/1.1 200
OK 5c9b35bf3a635.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 12 KB
13 KB 559ms
151ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b35bf3a635.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a618d15a2af7d9c49e24177bd4a16cb113cdcd17fd83a67bd1a948e05da233cb

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:18 GMT
Server: AmazonS3
x-amz-request-id: 10D717980BC992C0
ETag: "4c74b597d02b184e959b51b9aa637f98"
Content-Type: image/jpeg
x-amz-version-id: gThZOs4U_cG7PWIy6ZZiUWdAJCu8seq7
Accept-Ranges: bytes
Content-Length: 12523
x-amz-id-2: unBp0RxHIhepXQhgx/0qP0pPyP7qyHOiNo7O50tP9DljPjsb7vx/PRu3JoIsHCoeTRuinXpCs0U=

GET
H/1.1 200
OK 5cad9f4b959c5.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 20 KB
21 KB 543ms
141ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5cad9f4b959c5.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a79f0503e29691128aa437605808b95502738247c66bc8a433a97cf146e4cae5

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:20 GMT
Server: AmazonS3
x-amz-request-id: EM4T9T9H7N8SDG4Y
ETag: "3558b33051c304efe27503b8d4ecd466"
Content-Type: image/jpeg
x-amz-version-id: cm1XhDE8gngZjg8t0aEEhBD9n3j1794A
Accept-Ranges: bytes
Content-Length: 20751
x-amz-id-2: 5F013IznZ1eZSli9v2zcfSotuAP3TNzM1ydkFDTYuwsD4wPGbXFTEOSJezuVVf8u32qv1npCys8=

GET
H/1.1 200
OK 5c9b36ca4ec09.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 64 KB
64 KB 141ms
141ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b36ca4ec09.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a63e43415c4784b7284ff8ea70370d196ae6c8ef61e1bb495017c0e87d1bc8a4

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:19 GMT
Server: AmazonS3
x-amz-request-id: 4BAF2F570F89BFDF
ETag: "35fad196892bfab16d5b35b686c8cb35"
Content-Type: image/jpeg
x-amz-version-id: VuNIc31lqZGU_9BLbKUJEQxr5h3EuLEP
Accept-Ranges: bytes
Content-Length: 65335
x-amz-id-2: UpWsM2hOGN7vjGPNKiSI69uRZ8a+D/2ZO/HJ0Y1gMdXM7a9Ko478IoOfVe5LioQWKBRXRo7doLE=

GET
H/1.1 200
OK 5c9b37cf4a887.jpg
s3.us-east-2.amazonaws.com/cdn.pubista/images/ 21 KB
21 KB 141ms
140ms Image
image/jpeg 52.219.104.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-2.amazonaws.com/cdn.pubista/images/5c9b37cf4a887.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a9d3209158b13f1f737fb9e6357e2d2ce8c6e3266458c44223672c12a92e1af8

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Sep 2020 08:31:48 GMT
Last-Modified: Wed, 24 Apr 2019 14:42:19 GMT
Server: AmazonS3
x-amz-request-id: 3415A5D811541EA2
ETag: "a0ea88ff7fac7058b4dd3cdaff5066c9"
Content-Type: image/jpeg
x-amz-version-id: yD4RCtxsbUo1j6EHRIJteSWUbitjXt0X
Accept-Ranges: bytes
Content-Length: 21279
x-amz-id-2: ilg4M78V5Zc9mcR7ZUpEM46+rC1JhVD98rW3Qm8XWLMVP8rRyvY4Zv2GAMkYjv5VC2H+BavIOqA=

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK reklamnative.png
web-clients.mynativeplatform.com/static/assets/logo/ 719 B
1 KB 35ms
34ms Image
image/png 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/logo/reklamnative.png
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a12361122cd551d902257a39c804940861ac661ae55c3c91b3817bfc03f7c3a1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 19 Sep 2020 00:42:47 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 15 Aug 2017 12:15:26 GMT
Server: AmazonS3
Age: 373741
ETag: "49f081ac095ebbc1fad45bc137f4c1c5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 719
X-Amz-Cf-Id: 0VeKh53Fsai2FxAvaRpBZ5nahvtm3N6znHDdI0BNc4dQxK12k2FulQ==

GET
H2 200 report.json
ad.reklamnative.com/pub2/ 2 B
634 B 105ms
98ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/report.json?name=widget_load&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&widget_num=1&ad_id=&is_data_url_set=true&browserSize=1600x1200&start=1600849905186&dsp=&content_list_id=5f6b07f0e4b07e5122bed47e%24null%24120921%24Z-1%24N-1%24R-1%24A-1.00%24S2%24EXRtrue%24V-1%24FISSfIIPfESSfEIPt%24JEXPLORATION%24Tfalse%24QI20%24QU20%24EXT8%24CSECP%24CPEXP%24IPINC%24P0%24_CEcp%3A14549*146177_0_28.16_CEcp%3A14549*146177_1_28.16_CEcp%3A14549*146177_2_28.16_CEcp%3A14549*146177_3_28.16_CEcp%3A14549*146177_4_28.16_CEcp%3A14549*146177_5_28.16_CEcp%3A14549*146177_6_28.16_CEcp%3A14549*146177_7_28.16&request_id=5f6b07f0e4b07e5122bed47e&url=http%3A%2F%2FPowerinbooks.com&zone=z-546325&gdpr_upstream=null&gdpr_consent=&gdpr=true&nocache=1600849905188
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: SRi-V4a-oF_UXbfXVguwG8vgdB4eCiRCFIo_uUfbg2LmUgM3Ry7U6A==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
636 B 116ms
110ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmMQgAAAF0uhcEvAQAADjVBAAAAGQEAAAAAAQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDljAAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849908962&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905188
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: 5IfntwDa2qfZDQddQ2gS6AwYLi7Q6InujALKMnmVXElBb0ciCdMFaQ==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
636 B 108ms
101ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmMQgAAAF0uhcEvAQAADjVBAAAAGQEAAAAAAQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDljAAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849906748&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: jfUzx9ZomjkQOxv_SGuFuZnXS6ZkqTpnnAzZ_ByhDyb0WopWeeqiaw==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
635 B 108ms
102ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJlYQgAAAF0uhcEvAQAADjVBAAAAGQEAAAAAQQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAAEAAAAAAEABAAAABQAAAAEAAAAZAQAAAAYGDVmNmIwN2YwZTRiMDdlNTEyMmJlZDQ5ZQAABAAAAAUFMTQ1NDkEAAAABgYxNDYxNzc%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849910547&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: _uJl5T_Fz8CC2s-TbFVSxFIS2Io53xowN0uvLpru30TUdQvc6QdpUA==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
634 B 198ms
192ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJlYQgAAAF0uhcEvAQAADjVBAAAAGQEAAAAAQQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAAEAAAAAAEABAAAABQAAAAEAAAAZAQAAAAYGDVmNmIwN2YwZTRiMDdlNTEyMmJlZDQ5ZQAABAAAAAUFMTQ1NDkEAAAABgYxNDYxNzc%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849909145&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: lr6t3lN-HDy2a5hFH3wZuwYK19ZMVy0wXjW0Y7icUdeV-OmQbq4v-A==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
635 B 194ms
188ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmMwgAAAF0uhcEvAQAADjVBAAAAGQEAAAAAgQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDlhAAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849907722&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: PFbP1iVcJFBmxA-31V3dHLuDx_80SYHLAJ4t-rBzPQPeOzwuNkgESg==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
635 B 197ms
191ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmMwgAAAF0uhcEvAQAADjVBAAAAGQEAAAAAgQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDlhAAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849905598&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: T8-7Fvb4fkwFoM3K9YepMuDaB-jCkqnzS7DimRZMNbcBDdgxFlGfIg==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
634 B 197ms
191ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmYggAAAF0uhcEuwQAADjVBAAAAGQEAAAAAwQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDk4AAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849910377&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: L2kPuBNyK62b3N32FpmQCtnX3tFiJ0k2gjUC5tJc_LfK5TxL1ITw_w==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
634 B 197ms
192ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmYggAAAF0uhcEuwQAADjVBAAAAGQEAAAAAwQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDk4AAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849913793&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: t_Js46Bf6qzX-PpjXQa2T-p0BjOT4nMX3Q5Vbrn31JA0_rcjD_s4nw==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
634 B 197ms
193ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmOQgAAAF0uhcEvAQAADjVBAAAAGQEAAAABAQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAAEAAAAAAEABAAAABQAAAAEAAAAZAQAAAAYGDVmNmIwN2YwZTRiMDdlNTEyMmJlZDQ5ZgAABAAAAAUFMTQ1NDkEAAAABgYxNDYxNzc%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849913390&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: -6DG6p_6jrdQdT9w-nC79sff-Kb0WP_rAYFAfCwolP-zHSUZLBybkQ==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
633 B 198ms
194ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmOQgAAAF0uhcEvAQAADjVBAAAAGQEAAAABAQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAAEAAAAAAEABAAAABQAAAAEAAAAZAQAAAAYGDVmNmIwN2YwZTRiMDdlNTEyMmJlZDQ5ZgAABAAAAAUFMTQ1NDkEAAAABgYxNDYxNzc%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849908125&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: ON5_t6aJR9apsKMpwOeizXelDPHJPPhSq8a1N1mWfl48Ng_58RT2LQ==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
636 B 198ms
193ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmYQgAAAF0uhcEvAQAADjVBAAAAGQEAAAABQQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAAEAAAAAAEABAAAABQAAAAEAAAAZAQAAAAYGDVmNmIwN2YwZTRiMDdlNTEyMmJlZDQ5ZAAABAAAAAUFMTQ1NDkEAAAABgYxNDYxNzc%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849913071&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: nkrGDG4fg_I9if_-0UGmP5M4YuuyHvQ7zZ4xuUBBqhtCR8K23tkDLw==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
636 B 199ms
195ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmYQgAAAF0uhcEvAQAADjVBAAAAGQEAAAABQQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAAEAAAAAAEABAAAABQAAAAEAAAAZAQAAAAYGDVmNmIwN2YwZTRiMDdlNTEyMmJlZDQ5ZAAABAAAAAUFMTQ1NDkEAAAABgYxNDYxNzc%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849908135&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: URXUGMWm3FFmn37zsSUJZrSUGtf79FXGCdz4zErniBJfSTOAbx80LA==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
636 B 198ms
194ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmNAgAAAF0uhcEvAQAADjVBAAAAGQEAAAABgQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDliAAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849914078&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: g4utwFuadfRJ6M6TSuhzkktuAmpXDIcWeHy-AL2KP2KswZ8RtZZs1g==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
635 B 199ms
196ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmNAgAAAF0uhcEvAQAADjVBAAAAGQEAAAABgQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDliAAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849907151&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: AU73YeROF0g7zL8aYKmAuPsY66Sx-UoQRvMm0TpV56p2ToNHsbdgFg==

GET
H2 200 itemwin.json
ad.reklamnative.com/pub2/ 2 B
635 B 199ms
195ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemwin.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmNQgAAAF0uhcEvAQAADjVBAAAAGQEAAAABwQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDk5AAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849906658&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:44 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: jyou5sFrrfTdLoyf0PXK7H3LyQzttqmoC7bFzbMe5AepIzwMhgwCcw==

GET
H2 200 itemimpression.json
ad.reklamnative.com/pub2/ 2 B
635 B 199ms
196ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/itemimpression.json?itemid=AgQAAAAYGDVkMWNhNDE1ZTRiMDkwZjY5ZWU0ZmJmNQgAAAF0uhcEvAQAADjVBAAAAGQEAAAABwQAAjsBAAAEAABNFAQAAAAGBjE0NjE3NwQAAAAAAQAAAAQAAAAQEHBvd2VyaW5ib29rcy5jb20EAAAACAh6LTU0NjMyNQQAAAAEBE9TX1gEAAAAERFQRVJTT05BTF9DT01QVVRFUgAAAAQAAAACAkVVBAAAAAICREUABAAAAA0NRXVyb3BlL0JlcmxpbgQAAAAVFWJyMSNidVJFMCNha09GRjAjYWcwIwEBAQAEAAAABARudWxsAAAEAAAAAAQAAAVzBAAAAAQBAQQAAAAABAAAAFAAAAQAAABkBAAAABgYNWY2YjA3ZjBlNGIwN2U1MTIyYmVkNDk5AAAEAAAABQUxNDU0OQQAAAAGBjE0NjE3Nw%3D%3D&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849907356&gdpr_upstream=null&gdpr_consent=&request_id=5f6b07f0e4b07e5122bed47e&gdpr=true&nocache=1600849905189
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: tEglGNKUNfy6-OxgZsnZcyvxvomEachtxZjtVainWun7sH7kDuvn_A==

GET
H2 200 widgetLoadPixel.json
ad.reklamnative.com/pub2/ 2 B
636 B 199ms
197ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/widgetLoadPixel.json?widget_key=vvRCA1LrQQeEkvmbcwvVTZ&c=1600849912104&is_data_url_set=true&zone=z-546325&numberOfItems=8&gdpr_upstream=null&gdpr_consent=&millis=1600849904830&request_id=5f6b07f0e4b07e5122bed47e&url=http%3A%2F%2FPowerinbooks.com&rpm=0.009&gdpr=true&nocache=1600849905190
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: -lALM5zAKbc5NZId209JfbWLLXww0XXINnVbllSKRy9haz_g0O_yNg==

GET
H2 200 report.json
ad.reklamnative.com/pub2/ 2 B
634 B 200ms
197ms Image
application/json 2600:9000:214f:3400:f:1ee9:de40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.reklamnative.com/pub2/report.json?name=page_view&widget_key=vvRCA1LrQQeEkvmbcwvVTZ&widget_num=1&ad_id=&is_data_url_set=true&browserSize=1600x1200&content_list_id=5f6b07f0e4b07e5122bed47e%24null%24120921%24Z-1%24N-1%24R-1%24A-1.00%24S2%24EXRtrue%24V-1%24FISSfIIPfESSfEIPt%24JEXPLORATION%24Tfalse%24QI20%24QU20%24EXT8%24CSECP%24CPEXP%24IPINC%24P0%24_CEcp%3A14549*146177_0_28.16_CEcp%3A14549*146177_1_28.16_CEcp%3A14549*146177_2_28.16_CEcp%3A14549*146177_3_28.16_CEcp%3A14549*146177_4_28.16_CEcp%3A14549*146177_5_28.16_CEcp%3A14549*146177_6_28.16_CEcp%3A14549*146177_7_28.16&request_id=5f6b07f0e4b07e5122bed47e&url=http%3A%2F%2FPowerinbooks.com&zone=z-546325&gdpr_upstream=null&gdpr_consent=&gdpr=true&nocache=1600849905195
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:3400:f:1ee9:de40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 / Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
x-amz-cf-pop: FRA53-C1
x-powered-by: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
status: 200
access-control-allow-methods: POST, GET
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
m6s_host: localhost
x-cache: Miss from cloudfront
access-control-allow-headers: Authorization, X-Requested-With, Origin, Accept, Content-Type, Connection, Cookie, Accept-Charset, Accept-Encoding, Accept-Language, Referer, User-Agent
content-length: 22
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
x-amz-cf-id: TwBBIcghDdKI-_XNQOh9u72BVIOuwwXLnNSW6j3ubP-a9nPolt2q1w==

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
110 B 13ms
11ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1600849905199&rnd=rrj3csbiisbh&ifm=0&uai=1&cid=544&s=powerinbooks.xyz&p=12753&x=rekmob&adtg=b45bda34c49e4b039c49d4c83f55d2f3&ats=0&atf=&nsi=&si=25074&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//powerinbooks.xyz/temp/&impid=
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 08:31:45 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 4796
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5d72e9438c1e1766-FRA
content-length: 26
cf-request-id: 055bb01e33000017664e243200000001
expires: Wed, 23 Sep 2020 10:31:45 GMT

GET
DATA 200
OK truncated
/ Frame 6317 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3FA2 46 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc26ffbbdab37451a24e6feccf6bcb434aef96ea721f502555eb02fe00f7255

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c
c.mgid.com/ Frame 048B 43 B
316 B 132ms
129ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=85|85|28|vrKBSSCutCKqptfpRsHBW7TQp6ACIKNYl6kFBe_POLjcjAlEjE1WBxR7ONbUBA9o&fw=1&extjs=66046&v=85|85|12|vrKBSSCutCKqptfpRsHBW--2bRKelZ99fSw-OnYjnBZHlwnJ81VtscbM-N9ra6jM&v=85|85|28|vrKBSSCutCKqptfpRsHBW1BmBoMvWxyIbustuw_cEAlLBp9mJbr6LuLOlyh5t51Q&imgdim=1&cid=926917&h2=UV1SChaL11C7p2FEb5edUniIRCw5aJaSpM4M_SpA4o4*&rid=369bfe22-fd77-11ea-9568-d094662c24f7&tt=Direct&psid=25074_48754&pageImp=1&muid=k8nILExYlkv1&cbuster=1600849905859873653296&tpl=0
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 2dad3802-e63a-4f20-9da9-ff7308cb3858
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94ef8900f8a-VIE
content-type: image/gif
cf-request-id: 055bb0255900000f8a90232200000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ Frame 6317 43 B
294 B 124ms
123ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=300|200|12|AYg5Iv0w4CFDHTrw6NGfi6d8E8AT4mIO2NjjT03T_R3QJYLOQjnarZ1EeVKDQjmb&fw=1&extjs=66046&imgdim=1&cid=926916&h2=UV1SChaL11C7p2FEb5edUniIRCw5aJaSpM4M_SpA4o4*&rid=36a1f8d2-fd77-11ea-9e4b-d094662f8ab5&tt=Direct&psid=25074_48753&pageImp=0&muid=k8nILExYlkv1&cbuster=1600849905907862380979&tpl=0
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: befe23f8-ecb8-4c23-9fcd-4e84cce0b659
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94f28dc0f8a-VIE
content-type: image/gif
cf-request-id: 055bb0257a00000f8a90235200000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ Frame 3FA2 43 B
155 B 124ms
124ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=300|200|28|AYg5Iv0w4CFDHTrw6NGfiy4jMkghsUHd-wTJlpV3CK_00KJb_yPO-DThkFaWLbnt&fw=1&extjs=66046&imgdim=1&cid=926916&h2=UV1SChaL11C7p2FEb5edUniIRCw5aJaSpM4M_SpA4o4*&rid=36a58008-fd77-11ea-9568-d094662c24f7&tt=Direct&psid=25074_48753&pageImp=0&muid=k8nILExYlkv1&cbuster=1600849905958652538764&tpl=0
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Sep 2020 08:31:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 23d12998-32df-417a-a86b-c5d4ff40c85f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d72e94fc9e30f8a-VIE
content-type: image/gif
cf-request-id: 055bb025db00000f8a9023b200000001
server: cloudflare

GET
H/1.1 200
OK placeholder_5.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 17 KB
17 KB 38ms
37ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_5.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 325d2f7a16befc8faf3167c79dc42e21f9e85b4c8d6b5f201550540d48ca23bc

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Sep 2020 16:48:25 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:19:31 GMT
Server: AmazonS3
Age: 488603
ETag: "7038785853856715891517b47a008be2"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 16935
X-Amz-Cf-Id: ODCfyGTzedanRAiU9xXZxQTYTZEjW6VUOfU7Pgf0p0cmxkL3S7LZtw==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_37.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 17 KB
17 KB 43ms
43ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_37.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d892bdcb8489c281ddea0f6134627f04a23b1f166a1d86b56ba9ae543ed90c00

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 19 Sep 2020 00:20:35 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:20:14 GMT
Server: AmazonS3
Age: 375073
ETag: "813c5bada393fd0d1214f73e7c2671f0"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 17098
X-Amz-Cf-Id: Ahe2qRdA6213takt5rO52RB3-zv0E4Po_KJK7tBjO1nmJbMo7eWo-Q==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_23.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 21 KB
22 KB 35ms
35ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_23.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1377aff84d1b36dc28529c750dbc39a503d69499cd802434ffc92694eaf481e1

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 05:05:34 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:19:56 GMT
Server: AmazonS3
Age: 444374
ETag: "2d01451081295e9232475c03bd70e169"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 21772
X-Amz-Cf-Id: h6ADJoIRfEGhcvPnf5PqBRxg-xtENP1rDiBhyPL6OhKiLDUy9gtq3Q==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_8.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 22 KB
22 KB 54ms
32ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_8.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a794b07061b86f8c04cd9e28c364873cb29760e574b34e877446e0fdbc3258c0

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Sep 2020 18:14:37 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:19:34 GMT
Server: AmazonS3
Age: 483431
ETag: "1d321cbd126405d45e538a31db81ae58"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 22395
X-Amz-Cf-Id: 3DVLiG5ezB0MeobEw7yXB_pL55NpyVPR5Q6oKaiB0MIuLnLSKgmzqQ==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_13.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 19 KB
20 KB 66ms
32ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_13.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80a6779e7e4114be7336e1ae4d12b3d2e452007808ca22557b466d0a39c39de2

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 16 Aug 2020 14:51:34 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:19:41 GMT
Server: AmazonS3
Age: 3260414
ETag: "d13473d11a41d8b927675419bbcf195a"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 19484
X-Amz-Cf-Id: 2n_Xj2t-vaMxW2yn7WhHXj9b6fi-n3QIBGIVA_tWOTio5T_GeNGsnQ==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_16.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 38 KB
38 KB 43ms
35ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_16.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 811a53469077a78678f02fe64c3e85eac2514540e6b49d74230d9881db0e62e2

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Sep 2020 18:26:53 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:19:45 GMT
Server: AmazonS3
Age: 482695
ETag: "d5931631e8a62fd9cb22087abe986fd3"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 38599
X-Amz-Cf-Id: bKZU4_agPuamaETfqUe4ce19zRR1vPZUagSP2Cnw0dWto92zIqsEZQ==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_44.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 22 KB
22 KB 32ms
32ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_44.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a98b5c49025ce538ce364d4cb0e6f8d73844681f4c4be209755aa959a67111a4

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 08:42:52 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:20:22 GMT
Server: AmazonS3
Age: 604136
ETag: "429df2e0af715df586525f332e5400d3"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 22021
X-Amz-Cf-Id: Y04K8NK4RGtKD4zY_BiJucvkpHwpnvtKDl3RztIbru5JQF-394sMRw==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

GET
H/1.1 200
OK placeholder_21.jpg
web-clients.mynativeplatform.com/static/assets/placeholders/ 22 KB
23 KB 30ms
30ms Image
image/jpeg 143.204.215.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web-clients.mynativeplatform.com/static/assets/placeholders/placeholder_21.jpg
Requested by: Host: powerinbooks.xyz
URL: https://powerinbooks.xyz/temp/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-58.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c160e2832ffb9aad47f50097b41a225debb29263659a38c818413a8784d5731

Request headers

Referer: https://powerinbooks.xyz/temp/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 05:01:16 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2016 07:19:54 GMT
Server: AmazonS3
Age: 4937432
ETag: "2ad7df0f51d1cba5e85c2413a169f22c"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public,max-age= 31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 22630
X-Amz-Cf-Id: TfF6v0n4IOBkTAYMdq55dxQoLmeAT6N0yKIgQ6xoYgPOJX_gS0Kbjg==
Expires: Fri, 30 Oct 2028 14:19:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Domain: ads.rekmob.com
URL: https://ads.rekmob.com/m/imp?uid=b45bda34c49e4b039c49d4c83f55d2f3&udid=5e8c6a448c044db4a71c1a817c1b3d72&rid=NWY2YjA3ZjAwY2YyYzE1NWYwMzE1M2Q2&adId=MTM3OQ==

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: keyword false
console-api	log	(Line 1) Message: keyword false
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.0000018753852408493004, size: 728x90
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.0000013114582103841264, size: 728x90
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.000009022832487442789, size: 300x250
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.000009022832487442789, size: 300x250
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: https://iq.reklamselfie.com/585ce73218044(Line 1) Message: rsjs1011
console-api	debug	URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926917.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/r/o/ron.reklamstore.com.926916.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.reklamnative.com
adimg.rekmob.com
ads.rekmob.com
adserver.reklamstore.com
adx.adform.net
ajax.googleapis.com
ams.creativecdn.com
bank.reklamstore.com
bidder.criteo.com
c.mgid.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
creativecdn.com
dispatcher.adxcore.com
dmp.adform.net
dmp.truoptik.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
iq.reklamselfie.com
jsc.mgid.com
match.adsrvr.org
p.cpx.to
p.rfihub.com
pixel.yabidos.com
pool.grid-data.bidswitch.net
powerinbooks.xyz
pre.glotgrx.com
prebid-eu.creativecdn.com
prod.perf-serving.com
ps.eyeota.net
rtb-csync.smartadserver.com
s-img.mgid.com
s.cpx.to
s3.us-east-2.amazonaws.com
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
static.criteo.net
sync.outbrain.com
sync.smartadserver.com
web-clients.mynativeplatform.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
ads.rekmob.com
ajax.googleapis.com
104.111.230.142
104.16.199.73
104.16.201.58
104.16.92.60
104.19.133.78
104.19.135.78
138.68.105.0
143.204.215.112
143.204.215.36
143.204.215.58
146.185.142.91
172.217.22.34
178.250.0.165
18.195.120.21
185.184.8.30
185.229.112.198
185.33.221.53
185.64.190.80
185.86.138.114
193.0.160.129
23.105.245.5
2600:9000:20e8:7400:1c:4bbb:9180:93a1
2600:9000:214f:3400:f:1ee9:de40:93a1
2606:4700::6810:3f36
2a00:1450:4001:802::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200e
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a02:2638::3
3.124.14.91
37.157.2.236
37.157.3.29
46.101.136.217
5.135.96.59
50.31.142.31
52.17.253.7
52.219.104.26
52.31.177.108
52.57.150.20
52.59.64.254
99.86.7.72
01057a4901169b9deed764f682e09ccc06542ba72e3e1acd671053920df7b7df
012537efcb6302e7ba22b52622808dc7aeeffe4642ee714eb76198c47c77cc0c
023d776d286a871685b2ab6af331cfe01e09ab2dc3d25617c69624c445e1492a
035f7c09c408307babf475a9f665f01cb38a23dc1a994925a2ee8533d170173c
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4
0cdc1c08eca1639f87ab05c2a5ab0a95afa736c02a6e8178b5127c261e618470
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
11057f4fd257c91476fc2c087b8a11ef59b10f983b7159470d2266f47e516a65
1377aff84d1b36dc28529c750dbc39a503d69499cd802434ffc92694eaf481e1
1563a22f01587c1b2895ad46aa96116e5a320db7f98dd96fe807de1aceaf53b8
1bc26ffbbdab37451a24e6feccf6bcb434aef96ea721f502555eb02fe00f7255
1bf74f3a400001f565aef823d7ab6afd7e827f3efa412bd306514bcc26382ed7
1c160e2832ffb9aad47f50097b41a225debb29263659a38c818413a8784d5731
2018399c0c9d7d421256e793d25d6a8dedeccb5323eea06f6edbc3e1a7f24579
2163ddd9a9414f7a3579b96d5d561f9f45a01d8080dec1b2816eb439fa668423
25c0f8196574c3970177b5eb8a6553dbc2eae13f7dd52882b0a8ead9ed9e7c8a
2cca058bebb9cf229502b9b280d56a39e5c386acf8623efda084cb46682fbf86
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
325d2f7a16befc8faf3167c79dc42e21f9e85b4c8d6b5f201550540d48ca23bc
38a15215efe57ad810c8c67d03a833d05a31419ed4f69c71ec275809b302d422
3aaab5563c099b3c4598869c386d26623a786fa10aaa23ab8b31ef3d3b1709f1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c58fc16fa25cea8c51ac1685356749017194e3f637796cf95a8613ab6f9f2a0
3d67951a43b73a6dbadc862977830097e98e63eabfa21a168992ea20c88cbee1
3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60
433ff89507651216003b9ac67bcecbe9b83e539e9776a8c0f4989bd14a9467cf
4401c28c60867c4775161910ee378d3a8cf06f04969db07fd9a8bf5c0052bcea
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
4b155d21cac5f6d65fe6e96620e8897d6569728351e55a32e10051b1244cbc06
4bc87348740d31ca6cb2d4432b5b0a724c800ce36abed5bc2cf95ef03a8feb60
528ef0ede8cf81975ed74c35e0501ed634a7a2148c40e18fa6d205e46ceefff1
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57a16bd0c6267d3ad73d33aa5d20c4f737686709ddb7aa3d96fd213bd6c0f54b
5b82ec57fad2d8330738ba63ae6b252ae247e42b5396237b981187eef009505d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60e26ad5580a84e69d47cddc700652e11b6828c4a56188c8e09fd3aeb0096626
69e628c11cfa302ba85b3d66e2ef3a23d6ea6481e474aba07a5af11c9b70c6a9
69e7d5e8b6c3a4a0beb1692c2339ab3c3554b4cbb35e2da2843ada6bf29e307b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c675bd326555555a96977a6031c9da4a0968d874cd1f5d79fa9a8357868abde
6e54b1ab7f86709afd59161e4b031d575bfc0a3539261f06b7097388e93d120f
6f1d7d418d1f561064b1d14af8a2aac97ab2d43471b04a54aebecbd22774cdde
6f3eda3d5154edbf4bd7ee9217b49c9d4a5b008c4a6e19234384ad89fe0971bd
746dc9496f148b7114c58aa27004b7a35429c99cb6ffc37518299524cfdf4d35
79238907662b63ae87770aab5f121793370cf4859da08a03e0bed2dcc89619b5
7a96396765c3054c65f2416d981c2a9899f547f074cc39f7246ab12cc8973639
7c576122019f24dfcc364302eabdb986200919a42aafb16a8f51227fc448b4f9
7dca65ac3e9c2c6315428f1246b268eac606465d18b5b224ee6ee872188ea42d
7e1d3c09a0586e6eb1f565d37c54f1e7b2e84c1e8ba9753022f70b9b4f3ba5c3
80402a902d780a4f29c7995413f8cc769c588d0f326a3a35c8ececc3375092d2
80a6779e7e4114be7336e1ae4d12b3d2e452007808ca22557b466d0a39c39de2
811a53469077a78678f02fe64c3e85eac2514540e6b49d74230d9881db0e62e2
83ea11c3423f5f5597668ea0d08d5539412d3687289a48573542d5ee6f6e7124
855abd131202d4d46e2c0bc0648cd3021d62cf0f03816f7e5343418450473633
870b7bfa17500a5d31f4a3a476cbbd93966644884940751f534906ee1a409e0f
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
8913edcb0ecdb60ead7e20cbe7ef65e43e09a7d367939fd54bf6d1fbb54d86ed
89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cf02ea0752e063d895b861f233fa29098bb7806077dd9879cae9c51511dd282
950a034fbb612afb020e14c5b455b8d5dc1605e03430da498691952bac5e4de3
9dc18acd0de2ec4632341e77bdd627e88231ffdd20af2d1e7572b53118622f59
9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9
a06b783572aaeb0f9870abc5a662c43b5c14127b1fc5905f941f1a95ee904cdb
a12361122cd551d902257a39c804940861ac661ae55c3c91b3817bfc03f7c3a1
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a618d15a2af7d9c49e24177bd4a16cb113cdcd17fd83a67bd1a948e05da233cb
a63e43415c4784b7284ff8ea70370d196ae6c8ef61e1bb495017c0e87d1bc8a4
a6cd9897f29c9e8598d2ada065d304be4d7a86ad6bd8de26b13d53e4d408647b
a76da917170847df1c8edc8146515e7abc7ab861267c976b5312e4cbdbaa0869
a794b07061b86f8c04cd9e28c364873cb29760e574b34e877446e0fdbc3258c0
a79f0503e29691128aa437605808b95502738247c66bc8a433a97cf146e4cae5
a98b5c49025ce538ce364d4cb0e6f8d73844681f4c4be209755aa959a67111a4
a9d3209158b13f1f737fb9e6357e2d2ce8c6e3266458c44223672c12a92e1af8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
adea6fadfcee5264d8a5c3e03c4feea08b6bbdaece43d32c15b4d54d85811d3d
af050253ece08f4ad8e6b107bc160444c0243920823872a4b6ba82b745de6f2f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b7aa7bbbbb817cfba2575259def5088442395d4b92613c0ef6402aa2dbb2be3d
b83522dd69e0740d100d52abc4f74e6365ab8392f8f2f1bf572e65c7c8b6baa2
bc3a3597e7d88923e91bd093b97f464a481544905bdd2b37abc5e91255457549
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c0a203bd7a650bab0287461393baa76852674e022985ae8b7660e5faf920729c
c2d77aec147745502dfa867d4bb3413121601ed1f00ad6acb28408cc9b736b00
c4e615b3d70fbf2559b57d33bc0cabf18780bd4bcd006339aa447cc5ceae238f
c644c2cd6f71bf6dbe655890d136574f1d695e8c3a4368279387c7713062a795
c90e187c82804f5d43cad0704820a5d47e3a29e6e36fe750546a59a1a110a4bd
c99393772f546f8c8f975e222e6769bace065077559d73f92baac5502e6ea209
ca0227856d57e1d793a33165ba0720e8b11690034d1e8c0bc757f84b8223e61a
cd78bd3e86225e929aaedbb7d9940632566b6e981e66dc64a25ad04b270038cc
d892bdcb8489c281ddea0f6134627f04a23b1f166a1d86b56ba9ae543ed90c00
dbde2f9f8ad439abf59a80d30b05f01b6f9e41324abeefd4815cb5b6641aae55
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb87a7f398ab03411eea662b819f9a3426c37ed6f6dd8a8fe6b93c0cc00dccba
ecc9b09d2c060aa47c410de170346f8e6a8c6e5e7b0319b4f55f306218f4cea0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f80a3ca14f52c6c00a5755be6512ec2fd4e2649c046528a6daca828c51e5c29a
f840da7b902fdadf8dcb989c827ce51dd44cd90fb2d8deed334d6af0f9aedb49

powerinbooks.xyz Open in urlscan Pro 185.229.112.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

99 %HTTPS

25 %IPv6

35 Domains

52 Subdomains

34 IPs

10 Countries

1500 kBTransfer

3025 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

powerinbooks.xyz Open in urlscan Pro
185.229.112.198 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

99 %
HTTPS

25 %
IPv6

35
Domains

52
Subdomains

34
IPs

10
Countries

1500 kB
Transfer

3025 kB
Size

0
Cookies

203 HTTP transactions
6 data transactions