leopart.gimpromed.com Open in urlscan Pro
164.68.98.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://leopart.gimpromed.com/
Effective URL:
https://leopart.gimpromed.com/
Submission: On June 03 via manual (June 3rd 2022, 7:13:46 pm UTC) from CA — Scanned from CA

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 32 domains to perform 59 HTTP transactions. The main IP is 164.68.98.141, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is leopart.gimpromed.com.
TLS certificate: Issued by R3 on May 31st 2022. Valid for: 3 months.

This is the only time leopart.gimpromed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	164.68.98.141 164.68.98.141	51167 (CONTABO) (CONTABO)
5 7	2a04:4e42::347 2a04:4e42::347	54113 (FASTLY) (FASTLY)
5	2600:1400:d:5... 2600:1400:d:596::fe9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
1	51.89.24.69 51.89.24.69	16276 (OVH) (OVH)
2	51.89.99.21 51.89.99.21	16276 (OVH) (OVH)
1	13.225.63.125 13.225.63.125	16509 (AMAZON-02) (AMAZON-02)
3	3.135.108.30 3.135.108.30	16509 (AMAZON-02) (AMAZON-02)
1	104.18.36.173 104.18.36.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.84.126.24 99.84.126.24	16509 (AMAZON-02) (AMAZON-02)
4	23.10.83.212 23.10.83.212	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.39.29 13.226.39.29	16509 (AMAZON-02) (AMAZON-02)
1	138.197.56.196 138.197.56.196	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3032::ac43:dc33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.4.54.89 52.4.54.89	14618 (AMAZON-AES) (AMAZON-AES)
2 2	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
1 4	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.33.86.61 13.33.86.61	16509 (AMAZON-02) (AMAZON-02)
3 3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	18.221.66.115 18.221.66.115	16509 (AMAZON-02) (AMAZON-02)
3 3	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.232.64.79 3.232.64.79	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	23.78.204.173 23.78.204.173	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
3 6	23.92.190.68 23.92.190.68	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1 1	169.60.66.35 169.60.66.35	36351 (SOFTLAYER) (SOFTLAYER)
1 3	63.251.86.51 63.251.86.51	10913 (INTERNAP-BLK) (INTERNAP-BLK)
4 4	52.20.237.222 52.20.237.222	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	13.226.39.49 13.226.39.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:444... 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.98.194 104.18.98.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1 2	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1 2	13.225.213.31 13.225.213.31	16509 (AMAZON-02) (AMAZON-02)
2 3	68.67.179.122 68.67.179.122	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	34.231.116.207 34.231.116.207	14618 (AMAZON-AES) (AMAZON-AES)
1	18.210.147.45 18.210.147.45	14618 (AMAZON-AES) (AMAZON-AES)
1	75.2.13.80 75.2.13.80	() ()
59	36

5 164.68.98.141 (Nuremberg, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi890417.contaboserver.net

leopart.gimpromed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42::347 (United States) 5 redirects

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1400:d:596::fe9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

www.canada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

snorefamiliarsiege.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.24.69 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip69.ip-51-89-24.eu

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.99.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3163187.ip-51-89-99.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-125.ewr53.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.135.108.30 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-108-30.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.126.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-24.ewr52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.10.83.212 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-83-212.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-29.ewr53.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.56.196 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:dc33 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.54.89 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-54-89.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.63 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.126.112.185 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.86.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-86-61.ewr52.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.221.66.115 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-66-115.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.16.197.56 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.64.79 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-64-79.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.204.173 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-204-173.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.92.190.68 (Fort Mill, United States) 3 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.60.66.35 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 23.42.3ca9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.86.51 (United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.20.237.222 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-237-222.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-49.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.98.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.105.22 (United States) 4 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.235.42.102 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.213.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-31.ewr50.r.cloudfront.net

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.122 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.116.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-116-207.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.147.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-147-45.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.13.80 (None, )

ASN- ()

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 10477 t.sharethis.com — Cisco Umbrella Rank: 5722 sync.sharethis.com — Cisco Umbrella Rank: 2783	17 KB
9	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 575 ce.lijit.com — Cisco Umbrella Rank: 821	5 KB
7	statically.io 5 redirects cdn.statically.io — Cisco Umbrella Rank: 11840	5 KB
5	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 521 i6.liadm.com — Cisco Umbrella Rank: 1479	2 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 3595 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4139 onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 27355 data-beacons.s-onetag.com — Cisco Umbrella Rank: 11399 connect-metrics-collector.s-onetag.com	14 KB
5	canada.ca www.canada.ca — Cisco Umbrella Rank: 35250	199 KB
5	gimpromed.com 1 redirects leopart.gimpromed.com	4 KB
4	33across.com 4 redirects dp2.33across.com — Cisco Umbrella Rank: 9078 pixel.33across.com — Cisco Umbrella Rank: 2241 dp1.33across.com — Cisco Umbrella Rank: 5080	2 KB
4	exelator.com 3 redirects loadus.exelator.com — Cisco Umbrella Rank: 1122 load77.exelator.com — Cisco Umbrella Rank: 3239	3 KB
4	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 463 stags.bluekai.com — Cisco Umbrella Rank: 472	3 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 405	633 B
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 391	3 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 300	550 B
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	1 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 7662 ic.tynt.com — Cisco Umbrella Rank: 4320 de.tynt.com — Cisco Umbrella Rank: 1246	7 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 15978 t.dtscout.com — Cisco Umbrella Rank: 13201	10 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1183 beacon.krxd.net — Cisco Umbrella Rank: 424	499 B
2	affec.tv 1 redirects map.go.affec.tv — Cisco Umbrella Rank: 6087	1 KB
2	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 1571	754 B
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 511	563 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 269	1 KB
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1522	469 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 824	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2969	723 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 836	832 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16195 s4.histats.com — Cisco Umbrella Rank: 13866	5 KB
2	snorefamiliarsiege.com snorefamiliarsiege.com
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1873
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 758	605 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 2829	16 KB
1	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 21752	680 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14723	406 B
59	32

	Domain	Requested by
7	cdn.statically.io	5 redirects leopart.gimpromed.com
6	ap.lijit.com	3 redirects leopart.gimpromed.com
5	www.canada.ca	leopart.gimpromed.com
5	leopart.gimpromed.com	1 redirects leopart.gimpromed.com
4	i.liadm.com	4 redirects
4	sync.sharethis.com	leopart.gimpromed.com
4	t.sharethis.com	pd.sharethis.com t.sharethis.com leopart.gimpromed.com
3	pixel.tapad.com	3 redirects
3	secure.adnxs.com	2 redirects leopart.gimpromed.com
3	ce.lijit.com	1 redirects leopart.gimpromed.com
3	idsync.rlcdn.com	2 redirects leopart.gimpromed.com
3	loadus.exelator.com	3 redirects
3	match.adsrvr.org	3 redirects
3	tags.bluekai.com	1 redirects leopart.gimpromed.com de.tynt.com
3	pd.sharethis.com	e.dtscout.com leopart.gimpromed.com t.sharethis.com
2	map.go.affec.tv	1 redirects leopart.gimpromed.com
2	ws.rqtrk.eu	1 redirects leopart.gimpromed.com
2	dp2.33across.com	2 redirects
2	p.adsymptotic.com	2 redirects
2	x.bidswitch.net	1 redirects leopart.gimpromed.com
2	ml314.com	1 redirects leopart.gimpromed.com
2	ps.eyeota.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects leopart.gimpromed.com
2	t.dtscout.com	e.dtscout.com
2	snorefamiliarsiege.com	leopart.gimpromed.com
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	leopart.gimpromed.com
1	usermatch.krxd.net	1 redirects
1	load77.exelator.com	leopart.gimpromed.com
1	pixel.33across.com	1 redirects
1	i6.liadm.com	leopart.gimpromed.com
1	api.intentiq.com	data-beacons.s-onetag.com
1	um.simpli.fi	1 redirects
1	stags.bluekai.com	tags.bkrtx.com
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	leopart.gimpromed.com
1	tags.bkrtx.com	pd.sharethis.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	a.dtssrv.com	e.dtscout.com
1	t.dtscdn.com	e.dtscout.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.tynt.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	leopart.gimpromed.com
59	49

This site contains no links.

Subject Issuer	Validity	Valid
leopart.gimpromed.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
statically.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-18` - `2023-03-22`	a year	crt.sh
snorefamiliarsiege.com R3	`2022-04-29` - `2022-07-28`	3 months	crt.sh
histats.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
sharethis.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-01` - `2022-07-31`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://leopart.gimpromed.com/
Frame ID: 273B73E2E6BDF3C7049E13624ABB5963
Requests: 45 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01654283615D7DB4881168F3401AF
Frame ID: 39928F448004F7F731E21C4989167CE2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
Frame ID: E1D723505AD8DD18905CCE9F98CBB7A2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.943.23339/a/CA/t_.js?cid=c010&cls=C
Frame ID: 3D9CB7CE3E9DBCBEB77F43A8664BD643
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 8BFA65214D2564739191A3A82B2A0D77
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHoADGKaXV8AAAAII80JAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.943.23339%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=48903386
Frame ID: FEA550C0BED33682E53876137FDD4ADE
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=94742
Frame ID: 67500C6FBCAFFD97487D0BEAF3C925AA
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=2129934936238&ret=html&random=1654283616
Frame ID: EE086F8D177C2D92074176BF6B2E7EAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada.ca

Page URL History Show full URLs

http://leopart.gimpromed.com/ HTTP 301
https://leopart.gimpromed.com/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Page Statistics

59
Requests

58 %
HTTPS

11 %
IPv6

32
Domains

49
Subdomains

36
IPs

6
Countries

286 kB
Transfer

367 kB
Size

61
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://leopart.gimpromed.com/ HTTP 301
https://leopart.gimpromed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-1.jpg HTTP 301
https://www.canada.ca/content/dam/canada/splash/sp-bg-1.jpg

Request Chain 4

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-2.jpg HTTP 301
https://www.canada.ca/content/dam/canada/splash/sp-bg-2.jpg

Request Chain 5

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-3.jpg HTTP 301
https://www.canada.ca/content/dam/canada/splash/sp-bg-3.jpg

Request Chain 6

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-4.jpg HTTP 301
https://www.canada.ca/content/dam/canada/splash/sp-bg-4.jpg

Request Chain 7

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-5.jpg HTTP 301
https://www.canada.ca/content/dam/canada/splash/sp-bg-5.jpg

Request Chain 26

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01654283615D7DB4881168F3401AF HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01654283615D7DB4881168F3401AF

Request Chain 27

https://pixel.onaudience.com/?partner=137085098&mapped=51A01654283615D7DB4881168F3401AF HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=f81f927b0dce51ef

Request Chain 32

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=7148b405-6b8c-408a-98f2-e9b55c14865c&gdpr=0&gdpr_consent=

Request Chain 33

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=30d680e3ec2c7bb504e109ffcfaf2830

Request Chain 34

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2h7ksP9ZWS4BWokE21NqVnqtcxqBscUNO8v7hnAnoeVQ&gdpr=0&gdpr_consent=

Request Chain 35

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHoADGKaXV8AAAAII80JAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3627668217055936577 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNzY2ODIxNzA1NTkzNjU3NxAAGg0I37rplAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=f0469645b2a87453a03a4c7e2f68bef41df7a61e8385d5486800dea29a4b1a4af4cb09cee1a4f8eb&person_id=3627668217055936577&eid=50082

Request Chain 36

https://tags.bluekai.com/site/59574?id=ZHoADGKaXV8AAAAII80JAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 39

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 40

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 41

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 44

https://um.simpli.fi/lj_match?r=1986 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4B05B542FE0849B9A1DA7E5DEDDC5A32

Request Chain 45

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=55377 HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=55377&_li_chk=true&previous_uuid=d90c7dffea3d424c8c588047cb9c60dd HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 47

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=60146 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=60146&_li_chk=true&previous_uuid=d2b05c658bdc4294bc74ebc1cf3e01de HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=60146&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg

Request Chain 48

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=EwCBaSZHng3RfBbYTZ6YZVqg&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=66137 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=EwCBaSZHng3RfBbYTZ6YZVqg&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=66137&_expected_cookie=2ad64ebc7008c6239e22e7cc49c55c41 HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=2ad64ebc7008c6239e22e7cc49c55c41

Request Chain 49

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1654283616035.6 HTTP 302
https://tags.bluekai.com/site/27519?id=2129934936238&ret=html&random=1654283616

Request Chain 50

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&cb=1654283616035.1&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=8093&3pid=b68b1222-68f6-4e36-8cec-23ee93465351&us_privacy=&location=https://ws.rqtrk.eu/push?dmp%3D69937f41-9d0e-479c-b978-bf19bd713ee3%26uid%3D%5BSOVRNID%5D HTTP 302
https://ws.rqtrk.eu/push?dmp=69937f41-9d0e-479c-b978-bf19bd713ee3&uid=EwCBaSZHng3RfBbYTZ6YZVqg

Request Chain 51

https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=wu%21&us_privacy=&random=1654283616035.2 HTTP 302
https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=211780563308083&random=1654283616 HTTP 302
https://load77.exelator.com/pixel.gif?UID=30d680e3ec2c7bb504e109ffcfaf2830

Request Chain 52

https://map.go.affec.tv/map/3a/?pid=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&ts=1654283616035.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D629a5d60bea1e300018e8799%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D629a5d60bea1e300018e8799%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/1397029095435813568?ch=629a5d60bea1e300018e8799&chc=tt&floc=&redirect_url=

Request Chain 53

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&random=1654283616035.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&random=1654283616035.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=316c2c54-2e41-4d1c-ba9e-2f1814bb07da%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7148b405-6b8c-408a-98f2-e9b55c14865c&ttd_puid=316c2c54-2e41-4d1c-ba9e-2f1814bb07da%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 54

https://dp2.33across.com/ps/?pid=1205&random=1654283616035.5 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=117722287215729

Request Chain 55

https://dp1.33across.com/ps/?pid=669&uid=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&random=1654283616035.7 HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117722287215735&seg_code=33x&random=1654283616

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
leopart.gimpromed.com/
Redirect Chain

http://leopart.gimpromed.com/
https://leopart.gimpromed.com/

7 KB
3 KB

18267ms
114ms

Document
text/html

164.68.98.141
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.68.98.141 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi890417.contaboserver.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2b0f5e71e32b1d4e5225d5b69ccda06f6af56385939e0911398e27baadb5057a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2326
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 19:13:34 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 325
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 03 Jun 2022 19:13:16 GMT
Keep-Alive: timeout=5, max=100
Location: https://leopart.gimpromed.com/
Server: Apache/2.4.29 (Ubuntu)

GET
H/1.1 200
OK wet-boew.min.css
leopart.gimpromed.com/etc/designs/canada/wet-boew/css/ 190 B
409 B 161ms
160ms Stylesheet
text/css 164.68.98.141
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://leopart.gimpromed.com/etc/designs/canada/wet-boew/css/wet-boew.min.css
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.68.98.141 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi890417.contaboserver.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f8ce819b521d2d0e8a5d5011497ec798ca439a1ccf309f3a4fa31cdaf8714080

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:34 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 160

GET
H/1.1 200
OK theme.min.css
leopart.gimpromed.com/etc/designs/canada/wet-boew/css/ 187 B
411 B 250ms
153ms Stylesheet
text/css 164.68.98.141
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://leopart.gimpromed.com/etc/designs/canada/wet-boew/css/theme.min.css
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.68.98.141 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi890417.contaboserver.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a65c263c71409032ac994b66e516ea963a648457891f9eb5fde3eca8e987e95b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:34 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 161

GET
H/1.1 200
OK messages.min.css
leopart.gimpromed.com/etc/designs/canada/wet-boew/css/ 190 B
412 B 321ms
160ms Stylesheet
text/css 164.68.98.141
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://leopart.gimpromed.com/etc/designs/canada/wet-boew/css/messages.min.css
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.68.98.141 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi890417.contaboserver.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a45189ac39d4e786ace487607a9f0a9e4b69cb298890d6f1ae7a4ef4565e5797

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:34 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 163

GET
H2

200

sp-bg-1.jpg
www.canada.ca/content/dam/canada/splash/
Redirect Chain

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-1.jpg
https://www.canada.ca/content/dam/canada/splash/sp-bg-1.jpg

46 KB
47 KB

29ms
29ms

Image
text/plain

2600:1400:d:596::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canada.ca/content/dam/canada/splash/sp-bg-1.jpg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Server

2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

22dff282bed52d450dfa22fe9ef03d964f610dc3b9e5d50ffd222316d639b59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1cacentral1
date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Oct 2015 22:28:43 GMT
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "b89e-522546f45dcc0"
x-vhost: publish
strict-transport-security: max-age=31536000
content-type: image
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=3
accept-ranges: bytes
content-length: 47262

Redirect headers

date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
server: statically
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
location: https://www.canada.ca/content/dam/canada/splash/sp-bg-1.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12821-YUL

GET
H2

200

sp-bg-2.jpg
www.canada.ca/content/dam/canada/splash/
Redirect Chain

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-2.jpg
https://www.canada.ca/content/dam/canada/splash/sp-bg-2.jpg

38 KB
39 KB

27ms
27ms

Image
text/plain

2600:1400:d:596::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canada.ca/content/dam/canada/splash/sp-bg-2.jpg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Server

2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

dcb8bb7b70d4aab2040aac6dae066fb6e7472d49aeee4842216dd2b069a0508b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Oct 2015 22:28:45 GMT
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "99c6-522546f646140"
x-vhost: publish
strict-transport-security: max-age=31536000
content-type: image
access-control-allow-origin: *
cache-control: no-cache
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 39366

Redirect headers

date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
server: statically
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
location: https://www.canada.ca/content/dam/canada/splash/sp-bg-2.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12821-YUL

GET
H2

200

sp-bg-3.jpg
www.canada.ca/content/dam/canada/splash/
Redirect Chain

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-3.jpg
https://www.canada.ca/content/dam/canada/splash/sp-bg-3.jpg

31 KB
31 KB

28ms
28ms

Image
text/plain

2600:1400:d:596::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canada.ca/content/dam/canada/splash/sp-bg-3.jpg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Server

2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

01f628deb4f3fd6069abf843a42cc38b994fe28c23e162d8de359df2179880d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1cacentral1
date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Oct 2015 22:28:44 GMT
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "7c0f-522546f551f00"
x-vhost: publish
strict-transport-security: max-age=31536000
content-type: image
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 31759

Redirect headers

date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
server: statically
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
location: https://www.canada.ca/content/dam/canada/splash/sp-bg-3.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12821-YUL

GET
H2

200

sp-bg-4.jpg
www.canada.ca/content/dam/canada/splash/
Redirect Chain

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-4.jpg
https://www.canada.ca/content/dam/canada/splash/sp-bg-4.jpg

37 KB
38 KB

27ms
26ms

Image
text/plain

2600:1400:d:596::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canada.ca/content/dam/canada/splash/sp-bg-4.jpg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Server

2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3702daac05cba45805b16f1bfd65464cf9e3e4fd8606769acad8a6811309d881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1cacentral1
date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Oct 2015 22:28:56 GMT
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "9590-52254700c3a00"
x-vhost: publish
strict-transport-security: max-age=31536000
content-type: image
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 38288

Redirect headers

date: Fri, 03 Jun 2022 19:13:40 GMT
x-content-type-options: nosniff
server: statically
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
location: https://www.canada.ca/content/dam/canada/splash/sp-bg-4.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12821-YUL

GET
H2

200

sp-bg-5.jpg
www.canada.ca/content/dam/canada/splash/
Redirect Chain

https://cdn.statically.io/img/www.canada.ca/content/dam/canada/splash/sp-bg-5.jpg
https://www.canada.ca/content/dam/canada/splash/sp-bg-5.jpg

44 KB
44 KB

86ms
25ms

Image
text/plain

2600:1400:d:596::fe9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canada.ca/content/dam/canada/splash/sp-bg-5.jpg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Server

2600:1400:d:596::fe9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5012325d0068cc00c20ec0da7e2011f9c0e08cf3f0168f1ac4d52b70b6c7fdba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
date: Fri, 03 Jun 2022 19:13:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Oct 2015 22:28:55 GMT
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "b000-522546ffcf7c0"
x-vhost: publish
strict-transport-security: max-age=31536000
content-type: image
access-control-allow-origin: *
cache-control: no-cache
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 45056

Redirect headers

date: Fri, 03 Jun 2022 19:13:37 GMT
x-content-type-options: nosniff
server: statically
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: HIT
location: https://www.canada.ca/content/dam/canada/splash/sp-bg-5.jpg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12821-YUL

GET
H2 200 sig-spl.svg
cdn.statically.io/img/www.canada.ca/etc/designs/canada/wet-boew/assets/ 10 KB
3 KB 61ms
11ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/www.canada.ca/etc/designs/canada/wet-boew/assets/sig-spl.svg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

8e994d2c89070cbbfe3d1c1bbe8a4424cced3c05b88c4720ca6cbd1776a0c6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2cacentral1
date: Fri, 03 Jun 2022 19:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183897
x-vhost: publish
x-cache: HIT
server-timing: cdn-cache; desc=HIT, edge; dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2229
x-served-by: cache-yul12821-YUL
server: statically
etag: W/"29e3-58b9c3beb7900-gzip"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
access-control-expose-headers: *

GET
H2 200 wmms-spl.svg
cdn.statically.io/img/www.canada.ca/etc/designs/canada/wet-boew/assets/ 5 KB
2 KB 11ms
11ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/www.canada.ca/etc/designs/canada/wet-boew/assets/wmms-spl.svg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

d033908198c075f4a992dd3736f2247343ae45d7193f504d39f95571a5e129b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2cacentral1
date: Fri, 03 Jun 2022 19:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183897
x-vhost: publish
x-cache: HIT
server-timing: cdn-cache; desc=HIT, edge; dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1802
x-served-by: cache-yul12821-YUL
server: statically
etag: W/"129d-58b9c3beb7900-gzip"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept, Accept-Encoding
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
access-control-expose-headers: *

GET
H/1.1 403
Forbidden c77d3767acca30e285f49a68255e6789.js
snorefamiliarsiege.com/c7/7d/37/ 0
0 262ms
30ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snorefamiliarsiege.com/c7/7d/37/c77d3767acca30e285f49a68255e6789.js
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:34 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
snorefamiliarsiege.com/503de238648ac767e52316b449a25761/ 0
0 28ms
27ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://leopart.gimpromed.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 03 Jun 2022 19:13:34 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 90ms
9ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:11:34 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: application/javascript; charset=UTF-8
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 1071416090

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 380 B
515 B 50ms
15ms Script
text/html 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4662803&@f16&@g1&@h1&@i1&@j1654283614913&@k0&@l1&@mCanada.ca&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:16794096&@b3:1654283615&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fleopart.gimpromed.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: 3118073eaed8cb803014b67da1429a825f6250fbfc856734a0f0859ea200dd2e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:34 GMT
Connection: close
Content-Length: 380
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 8 KB
9 KB 301ms
100ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4662803&@f16&@g1&@h1&@i1&@j1654283614913&@k0&@l1&@mCanada.ca&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:16794096&@b3:1654283615&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fleopart.gimpromed.com%2F&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4c2328e53b209220eb05d1432f6ca6d1f366f6c09a2b51ed4ec2b3339a869ae9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
X-T: 0.621
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: ger1
Expires: Fri, 03 Jun 2022 19:13:34 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 3992 1 KB
752 B 309ms
99ms Document
text/html 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01654283615D7DB4881168F3401AF
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 58e4cd0fe5231f4d908842d327031a1e0439b9e88a24ba3eeec2167acfc9df7c

Request headers

Referer: https://leopart.gimpromed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 19:13:35 GMT
Expires: Fri, 03 Jun 2022 19:13:34 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 81ms
18ms Script
text/javascript 13.225.63.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-125.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 34384
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 03 Jun 2022 09:40:31 GMT
x-amz-cf-pop: EWR53-C1
x-amz-cf-id: AzNybfe_hrXhdPKYe1xmg7ZqB6ELloPK_8uWjB4i2ixBSzLv_PpH5A==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 162ms
36ms Script
application/javascript 3.135.108.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.135.108.30 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-108-30.us-east-2.compute.amazonaws.com

Software

Resource Hash

30f68b25bfa1db8a40f07f1ad73e2a4f113b47955de14f8c51dcd962391ee5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 496ms
27ms Script
application/javascript 104.18.36.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 117571
etag: W/"6129520b-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 715abf368e8953f5-YYZ
expires: Mon, 06 Jun 2022 19:13:35 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 321ms
104ms Script
application/javascript 51.89.99.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=leopart.gimpromed.com&_ss=1oy3eb8fen&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=58re&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.99.21 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3163187.ip-51-89-99.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 46067ec62dc536f845ce7dcfe7c4e23a27239323b2b13f621dd051e415be23f1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
X-T: 0.164
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Fri, 03 Jun 2022 19:13:34 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
950 B 114ms
32ms Fetch
application/json 99.84.126.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-24.ewr52.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 15:50:56 GMT
via: 1.1 685083d3a5f8eecb6c517728d821ec86.cloudfront.net (CloudFront), 1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
age: 12159
x-amzn-requestid: 57c5f5c2-8a7c-499a-87ec-cfdd84dc9986
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: IAD79-C1, EWR52-C3
x-amz-apigw-id: TJwbCHpyiYcFe3w=
content-length: 535
x-amz-cf-id: bZES8jb8rmYRlRf_VVUbFlLmb6-mcI6NfEwxkZf8XFA5Q0Q_7Ph8aw==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 169ms
21ms Script
application/javascript 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.361825593469391&stid=ZHoADGKaXV8AAAAII80JAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

39344869b917bfc4563213f63c4e19b9b2b0d2a12145fb8d0dd71df783507a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1360
Expires: Fri, 03 Jun 2022 20:13:35 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 36ms
35ms Image
image/gif 3.135.108.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fleopart.gimpromed.com%2F&event_source=dtscout&rnd=0.361825593469391&exptid=ZHoADGKaXV8AAAAII80JAw%3D%3D&fcmp=false

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.135.108.30 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-108-30.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
842 B 107ms
31ms Fetch
application/json 13.226.39.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-29.ewr53.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 15:50:56 GMT
content-encoding: gzip
server: restify
age: 12159
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://leopart.gimpromed.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: 3PvK_vWrS5G0tzoJkhvv6KJCW69HALc9XofdmCVtZ5nfw8U9NX_02A==
via: 1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
406 B 120ms
25ms Script
application/javascript 138.197.56.196
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01654283615D7DB4881168F3401AF&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fleopart.gimpromed.com%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 18:32:12 GMT
X-T: 1.1
x-server: web12.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Fri, 03 Jun 2022 18:32:11 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
680 B 66ms
30ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=51A01654283615D7DB4881168F3401AF
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fleopart.gimpromed.com%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb708d87c1989d9741107e5ab1155ea73f9f935fb6cfcb9fdf08de3aabaad75b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uggyr7i79BobfDdEyz%2F%2BIbDvwqdT6pFl5GT16ixH1zg8A2h5gAjLq19galhi5MhwTq2Jz%2FXoTEM8hfOFmi%2B4EOgQ63zxiy%2FYZlkDKk8bLYQW%2BrOWdTjEQeWsBs0Qw%2BH4m2OMq7X8z1dBHsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://leopart.gimpromed.com
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 715abf35da0e714b-YUL
expires: Fri, 03 Jun 2022 21:13:35 GMT

GET
H2

200

tpid=51A01654283615D7DB4881168F3401AF
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01654283615D7DB4881168F3401AF
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01654283615D7DB4881168F3401AF

49 B
543 B

54ms
54ms

Image
image/gif

52.4.54.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01654283615D7DB4881168F3401AF
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Server: 52.4.54.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-54-89.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 19:13:35 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.101
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 03 Jun 2022 19:13:35 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01654283615D7DB4881168F3401AF
cache-control: no-cache
x-server: 10.40.39.171
content-length: 0
expires: 0

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01654283615D7DB4881168F3401AF
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=f81f927b0dce51ef

62 B
583 B

113ms
113ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=f81f927b0dce51ef
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:36 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=f81f927b0dce51ef
content-length: 0

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame E1D7 2 KB
1 KB 21ms
20ms Document
text/html 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.361825593469391&stid=ZHoADGKaXV8AAAAII80JAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://leopart.gimpromed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Fri, 03 Jun 2022 19:13:35 GMT
Expires: Fri, 10 Jun 2022 19:13:35 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.943.23339/a/CA/ Frame 3D9C 20 KB
9 KB 43ms
42ms Script
text/javascript 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.943.23339/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8748
Expires: Fri, 10 Jun 2022 19:13:35 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 131ms
18ms Script
text/javascript 13.33.86.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.86.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-86-61.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbebbbcedd016de6d51b0df53d6827c252454413952cdddcf325bdc72e861a18

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: QUTdwO3y2t97CSFE__XaKJ7ik1oAGBwa
content-encoding: gzip
last-modified: Thu, 26 May 2022 20:49:16 GMT
server: AmazonS3
age: 2425
etag: W/"e1608527f10531a73572f53d5405bf6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5a7cb2ecf8796fdcba2be8ec618e67a8.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Fri, 03 Jun 2022 18:33:11 GMT
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: -DtWgxUemtnHgLsredNsVJvqAiANdClOqZKZLELT7A59htmNrLp7Kw==

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 8BFA 438 B
675 B 36ms
35ms Script
application/javascript 3.135.108.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.135.108.30 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-108-30.us-east-2.compute.amazonaws.com

Software

Resource Hash

c7591d7ec9261ce2b61baebb4b2833bae726ee01960aa43d3d004ec741cfa1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 3D9C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=7148b405-6b8c-408a-98f2-e9b55c14865c&gdpr=0&gdpr_consent=

42 B
297 B

161ms
35ms

Image
image/gif

18.221.66.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=7148b405-6b8c-408a-98f2-e9b55c14865c&gdpr=0&gdpr_consent=

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Server

18.221.66.115 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-66-115.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Length: 42
Stid: ZHoADGKaXV8AAAAII80JAw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 03 Jun 2022 19:13:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=7148b405-6b8c-408a-98f2-e9b55c14865c&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 3D9C
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=30d680e3ec2c7bb504e109ffcfaf2830

42 B
297 B

147ms
35ms

Image
image/gif

18.221.66.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=30d680e3ec2c7bb504e109ffcfaf2830

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Server

18.221.66.115 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-66-115.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Length: 42
Stid: ZHoADGKaXV8AAAAII80JAw==
Content-Type: image/gif

Redirect headers

date: Fri, 03 Jun 2022 19:13:35 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=30d680e3ec2c7bb504e109ffcfaf2830
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 3D9C
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2h7ksP9ZWS4BWokE21NqVnqtcxqBscUNO8v7hnAnoeVQ&gdpr=0&gdpr_consent=

42 B
297 B

121ms
35ms

Image
image/gif

18.221.66.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2h7ksP9ZWS4BWokE21NqVnqtcxqBscUNO8v7hnAnoeVQ&gdpr=0&gdpr_consent=

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Server

18.221.66.115 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-66-115.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 03 Jun 2022 19:13:36 GMT
Content-Length: 42
Stid: ZHoADGKaXV8AAAAII80JAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2h7ksP9ZWS4BWokE21NqVnqtcxqBscUNO8v7hnAnoeVQ&gdpr=0&gdpr_consent=
Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3

200

csync.ashx
ml314.com/ Frame 3D9C
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHoADGKaXV8AAAAII80JAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3627668217055936577
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNzY2ODIxNzA1NTkzNjU3NxAAGg0I37rplAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=f0469645b2a87453a03a4c7e2f68bef41df7a61e8385d5486800dea29a4b1a4af4cb09cee1a4f8eb&person_id=3627668217055936577&eid=50082

43 B
60 B

82ms
58ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=f0469645b2a87453a03a4c7e2f68bef41df7a61e8385d5486800dea29a4b1a4af4cb09cee1a4f8eb&person_id=3627668217055936577&eid=50082
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H3
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:35 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sat, 04 Jun 2022 15:13:36 GMT

Redirect headers

date: Fri, 03 Jun 2022 19:13:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=f0469645b2a87453a03a4c7e2f68bef41df7a61e8385d5486800dea29a4b1a4af4cb09cee1a4f8eb&person_id=3627668217055936577&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 3D9C
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHoADGKaXV8AAAAII80JAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

136ms
34ms

Image
image/gif

18.221.66.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Server

18.221.66.115 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-221-66-115.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Fri, 03 Jun 2022 19:13:36 GMT
Content-Length: 42
Stid: ZHoADGKaXV8AAAAII80JAw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Date: Fri, 03 Jun 2022 19:13:35 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 8BFA 51 KB
16 KB 165ms
21ms Script
application/javascript 23.78.204.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.78.204.173 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-78-204-173.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Fri, 03 Jun 2022 19:13:35 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Fri, 10 Jun 2022 19:13:35 GMT

GET
H2 200 p
ic.tynt.com/b/ 35 B
581 B 103ms
33ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1654283615781&dn=AFWU&iso=0&t=Canada.ca
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:35 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag: "4bc8846c-23"
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
server: nginx/1.16.1
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
469 B

54ms
18ms

Fetch
application/json

23.92.190.68
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 9f7316ed3cae3bc3b8977e18b079a2a1207c31a17dfc7bab53dd90034cf517ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://leopart.gimpromed.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Access-Control-Allow-Origin: https://leopart.gimpromed.com
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
469 B

55ms
19ms

Fetch
application/json

23.92.190.68
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 3b0f51ad15979e288b3d100426e66349632baff78a80a285ca81d654838e066b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://leopart.gimpromed.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Access-Control-Allow-Origin: https://leopart.gimpromed.com
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
469 B

56ms
20ms

Fetch
application/json

23.92.190.68
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 23.92.190.68 Fort Mill, United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 9f7316ed3cae3bc3b8977e18b079a2a1207c31a17dfc7bab53dd90034cf517ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://leopart.gimpromed.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Fri, 03 Jun 2022 19:13:35 GMT
Access-Control-Allow-Origin: https://leopart.gimpromed.com
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 112ms
34ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 365a9df079452661851aef54c0cd413cc2d03a3f1763d2852e754678b7628123

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:35 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 1396
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 59574 Show response
stags.bluekai.com/site/ Frame FEA5 62 B
759 B 134ms
83ms Document
image/gif 104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHoADGKaXV8AAAAII80JAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.943.23339%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=48903386
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 62
Content-Type: image/gif
Date: Fri, 03 Jun 2022 19:13:36 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=1986
https://ce.lijit.com/merge?pid=2&3pid=4B05B542FE0849B9A1DA7E5DEDDC5A32

43 B
679 B

97ms
29ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4B05B542FE0849B9A1DA7E5DEDDC5A32
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 19:13:36 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Fri, 03 Jun 2022 19:13:36 GMT
x-content-type-options: nosniff
server: openresty
location: https://ce.lijit.com/merge?pid=2&3pid=4B05B542FE0849B9A1DA7E5DEDDC5A32
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 02 Jun 2022 19:13:36 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=55377
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=55377&_li_chk=true&previous_uuid=d90c7dffea3d424c8c588047cb9c60dd
https://x.bidswitch.net/sync?dsp_id=42&user_id=
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

43 B
510 B

36ms
36ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date: Fri, 03 Jun 2022 19:13:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6750 0
0 89ms
29ms Document
text/plain 13.226.39.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=94742
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-49.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://leopart.gimpromed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Fri, 03 Jun 2022 19:13:36 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-id: kYV8K_GE4Qa6Vt4qms0fjbvYdECdMI4WSqr7dMiJpsftPSQyYQkxlA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=60146
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg&rnd=60146&_li_chk=true&previous_uuid=d2b05c658bdc4294bc74ebc1cf3e01de
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=60146&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg

43 B
419 B

77ms
23ms

Image
image/gif

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&rnd=60146&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 19:13:36 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&rnd=60146&bidder_uuid=EwCBaSZHng3RfBbYTZ6YZVqg
Date: Fri, 03 Jun 2022 19:13:35 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=EwCBaSZHng3RfBbYTZ6YZVqg&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=EwCBaSZHng3RfBbYTZ6YZVqg&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://ce.lijit.com/merge?pid=5014&3pid=2ad64ebc7008c6239e22e7cc49c55c41

43 B
682 B

84ms
29ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=2ad64ebc7008c6239e22e7cc49c55c41
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 19:13:36 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Fri, 03 Jun 2022 19:13:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://ce.lijit.com/merge?pid=5014&3pid=2ad64ebc7008c6239e22e7cc49c55c41
cf-ray: 715abf38792aa24c-YYZ
content-length: 0

GET
H/1.1

200
OK

27519 Show response
tags.bluekai.com/site/ Frame EE08
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1654283616035.6
https://tags.bluekai.com/site/27519?id=2129934936238&ret=html&random=1654283616

71 B
762 B

94ms
94ms

Document
text/html

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=2129934936238&ret=html&random=1654283616
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

BK-Server: 86d9
Connection: keep-alive
Content-Length: 71
Content-Type: text/html
Date: Fri, 03 Jun 2022 19:13:36 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Fri, 03 Jun 2022 19:13:35 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=2129934936238&ret=html&random=1654283616
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 400000000040080C

GET
H2

200

push
ws.rqtrk.eu/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&cb=1654283616035.1&gdpr_consent=
https://ce.lijit.com/merge?pid=8093&3pid=b68b1222-68f6-4e36-8cec-23ee93465351&us_privacy=&location=https://ws.rqtrk.eu/push?dmp%3D69937f41-9d0e-479c-b978-bf19bd713ee3%26uid%3D%5BSOVRNID%5D
https://ws.rqtrk.eu/push?dmp=69937f41-9d0e-479c-b978-bf19bd713ee3&uid=EwCBaSZHng3RfBbYTZ6YZVqg

43 B
256 B

10ms
9ms

Image
image/gif

15.235.42.102
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.rqtrk.eu/push?dmp=69937f41-9d0e-479c-b978-bf19bd713ee3&uid=EwCBaSZHng3RfBbYTZ6YZVqg
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Server: 15.235.42.102 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-001.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 19:13:36 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-type: image/gif
content-length: 43
expires: Fri, 03 Jun 2022 19:13:35 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 19:13:36 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ws.rqtrk.eu/push?dmp=69937f41-9d0e-479c-b978-bf19bd713ee3&uid=EwCBaSZHng3RfBbYTZ6YZVqg
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

pixel.gif
load77.exelator.com/
Redirect Chain

https://pixel.33across.com/ps/?pid=938&j=0&p=409&g=600&guid=wu%21&us_privacy=&random=1654283616035.2
https://loadus.exelator.com/load/?j=0&p=409&g=600&guid=wu%21&buid=0&buid2=211780563308083&random=1654283616
https://load77.exelator.com/pixel.gif?UID=30d680e3ec2c7bb504e109ffcfaf2830

43 B
333 B

220ms
61ms

Image
image/gif

2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif?UID=30d680e3ec2c7bb504e109ffcfaf2830
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AZySJBYeNo7/KeMJAA
x-accel-expires: @1654672439
date: Fri, 03 Jun 2022 19:13:36 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: IqMN7Fap+Ao
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 647977
accept-ranges: bytes
x-77-pop: newyorkUSNY
content-length: 43

Redirect headers

date: Fri, 03 Jun 2022 19:13:36 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif?UID=30d680e3ec2c7bb504e109ffcfaf2830
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

204

1397029095435813568
map.go.affec.tv/map/an/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&ts=1654283616035.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D629a5d60bea1e300018e8799%26chc%3Dtt%26floc%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D629a5d60bea1e300018e8799%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D
https://map.go.affec.tv/map/an/1397029095435813568?ch=629a5d60bea1e300018e8799&chc=tt&floc=&redirect_url=

0
627 B

80ms
80ms

Image
text/plain

13.225.213.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/an/1397029095435813568?ch=629a5d60bea1e300018e8799&chc=tt&floc=&redirect_url=
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Server: 13.225.213.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-213-31.ewr50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:36 GMT
via: 1.1 d50f0ffd76e03cff5d1f6328069e44e0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
content-encoding: gzip
x-amz-cf-id: vVT4gbQfAKErKsY35j-mNEiiYHAXGPYWKPGteq5EPXbCosoeKupEjg==
vary: Accept-Encoding
x-cache: Miss from cloudfront

Redirect headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 19:13:36 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: eaeec644-7e58-4957-a0ae-e2075a084b21
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://map.go.affec.tv/map/an/1397029095435813568?ch=629a5d60bea1e300018e8799&chc=tt&floc=&redirect_url=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&random=1654283616035.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&random=1654283616035.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=316c2c54-2e41-4d1c-ba9e-2f1814bb07da%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=7148b405-6b8c-408a-98f2-e9b55c14865c&ttd_puid=316c2c54-2e41-4d1c-ba9e-2f1814bb07da%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

96ms
24ms

Image
text/plain

18.210.147.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H2
Server: 18.210.147.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-147-45.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 19:13:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1654283616
x-served-by: beacon-n021-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Fri, 03 Jun 2022 19:13:36 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H3

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&random=1654283616035.5
https://idsync.rlcdn.com/405716.gif?partner_uid=117722287215729

42 B
60 B

41ms
41ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=117722287215729
Requested by: Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jun 2022 19:13:36 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 03 Jun 2022 19:13:35 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=117722287215729
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

mapuid
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKR2KaXV82Cnr8BYuXAg%3D%3D&us_privacy=&random=1654283616035.7
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117722287215735&seg_code=33x&random=1654283616

43 B
963 B

19ms
18ms

Image
image/gif

68.67.179.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/mapuid?t=2&member=1001&user=117722287215735&seg_code=33x&random=1654283616

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Server

68.67.179.122 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://leopart.gimpromed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 19:13:36 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 572.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 74b904cd-10fd-4d05-a012-a9cdd88104dc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Jun 2022 19:13:35 GMT
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 402044000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://secure.adnxs.com/mapuid?t=2&member=1001&user=117722287215735&seg_code=33x&random=1654283616
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3D9C 0
289 B 23ms
22ms Image
text/plain 23.10.83.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHoADGKaXV8AAAAII80JAw%253D%253D&tt=t.dhj&dhjLcy=1654283615619&lbl=pxcel&flbl=pxcel&ll=d&ver=1.943.23339&ell=d&cck=__stid&dmn=leopart.gimpromed.com&pn=%2F&qs=na&rdn=leopart.gimpromed.com&rpn=%2F&rqs=na&cc=CA&cont=NA&evid=g3L_qEYAoaPixLwrBOk3&urls=!1!294!b-13j,!1!295!b-13h,!1!329!b-14s,!1!0!b-14t,!1!298!b-150,!1!296!b-16f&rnd=1654283618729&cid=c010&version=1.943.23339&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=47

Requested by

Host: leopart.gimpromed.com
URL: https://leopart.gimpromed.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.10.83.212 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-10-83-212.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.943.23339&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jun 2022 19:13:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Expires: Fri, 03 Jun 2022 19:13:38 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 132ms
36ms Ping
text/plain 75.2.13.80

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.13.80 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://leopart.gimpromed.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 03 Jun 2022 19:13:46 GMT
content-length: 0
vary: Origin

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 04:14:35	Name: _li_ss Value:
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstCfa4662803 Value: 1654283614913
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstCla4662803 Value: 1654283614913
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstCmu4662803 Value: 1654283614913
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstPn4662803 Value: 1
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstPt4662803 Value: 1
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstCnv4662803 Value: 1
leopart.gimpromed.com/	1970-01-20 12:16:59	Name: HstCns4662803 Value: 1
.dtscout.com/	1970-01-20 03:31:28	Name: m Value: 1
.dtscout.com/	1970-01-20 03:31:27	Name: st Value: 1
.dtscout.com/	1970-01-20 03:31:38	Name: oa Value: 1
.dtscout.com/	1970-01-20 05:55:23	Name: df Value: 1654283615
.dtscout.com/	1970-01-20 05:39:33	Name: l Value: 51A01654283615D7DB4881168F3401AF
.sharethis.com/	1970-01-20 12:16:59	Name: __stid Value: ZHoADGKaXV8AAAAII80JAw==
.sharethis.com/	1970-01-20 12:16:59	Name: __stidv Value: 2
.gimpromed.com/	1970-01-20 05:36:40	Name: __dtsu Value: 51A01654283615D7DB4881168F3401AF
.t.sharethis.com/	1970-01-20 03:51:33	Name: pxcelPage_default_c010_C Value: 1_0_1654283615728
.dtscdn.com/	1970-01-20 07:49:09	Name: uid Value: 51A01654283615D7DB4881168F3401AF
.crwdcntrl.net/	1970-01-20 10:00:10	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 10:00:10	Name: _cc_id Value: 772498eaa052e6b13c4b0ebb8576c6e0
.ml314.com/	1970-01-20 12:16:59	Name: pi Value: 3627668217055936577
.adsrvr.org/	1970-01-20 12:16:59	Name: TDID Value: 7148b405-6b8c-408a-98f2-e9b55c14865c
.exelator.com/	1970-01-20 06:24:11	Name: EE Value: "30d680e3ec2c7bb504e109ffcfaf2830"
.exelator.com/	1970-01-20 06:24:11	Name: ud Value: "eJxrXxzq6XKLQcHYIMXMwiDVODXZKNk8KcnUwCTV0MAyLS05LTHNyMLYYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAaEl%252BUWb6ImfHxUUpaQyLSopPBR%252BYWgcAvHgqtA%253D%253D"
.lijit.com/	1970-01-20 12:16:59	Name: ljt_reader Value: EwCBaSZHng3RfBbYTZ6YZVqg
.eyeota.net/	1970-01-20 12:16:59	Name: mako_uid Value: 1812afcbe7d-75740000010a5502
.eyeota.net/	1970-01-20 03:31:24	Name: SERVERID Value: 21762~DM
.tynt.com/	1970-01-20 12:16:59	Name: uid Value: CoIKR2KaXV82Cnr8BYuXAg==
.rlcdn.com/	1970-01-20 04:57:47	Name: pxrc Value: CN+66ZQGEgUI6AcQABIFCNtOEAA=
.onaudience.com/	1970-01-20 12:16:59	Name: cookie Value: 399ea5b876430b93
.onaudience.com/	1970-01-20 03:32:50	Name: done_redirects109 Value: 1
.tynt.com/	1970-01-20 05:40:59	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%2C%7B%22p%22%3A%222a1349c163%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%2C%7B%22p%22%3A%2237c1336dc9%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1654283616035%7D%5D
.adsymptotic.com/	1970-01-20 05:40:59	Name: U Value: 2ad64ebc7008c6239e22e7cc49c55c41
.intentiq.com/	1970-01-20 21:02:35	Name: IQver Value: 1.9
.simpli.fi/	1970-01-20 12:18:26	Name: suid Value: 4B05B542FE0849B9A1DA7E5DEDDC5A32
.liadm.com/	1970-01-20 21:02:35	Name: lidid Value: d2b05c65-8bdc-4294-bc74-ebc1cf3e01de
.tapad.com/	1970-01-20 04:57:47	Name: TapAd_TS Value: 1654283616124
.tapad.com/	1970-01-20 04:57:47	Name: TapAd_DID Value: 316c2c54-2e41-4d1c-ba9e-2f1814bb07da
.lijit.com/	1970-01-20 12:16:59	Name: _ljtrtb_2 Value: 4B05B542FE0849B9A1DA7E5DEDDC5A32
.lijit.com/	1970-01-20 12:16:59	Name: _ljtrtb_5014 Value: 2ad64ebc7008c6239e22e7cc49c55c41
.lijit.com/	1970-01-20 12:16:59	Name: _ljtrtb_8093 Value: b68b1222-68f6-4e36-8cec-23ee93465351
.rqtrk.eu/	1970-01-20 12:16:59	Name: browser_id Value: b68b1222-68f6-4e36-8cec-23ee93465351
.rqtrk.eu/	1970-01-20 03:32:50	Name: rc Value: 6:
.go.affec.tv/	1970-01-20 12:16:59	Name: ck Value: 629a5d60bea1e300018e8798
.go.affec.tv/	1970-01-20 12:16:59	Name: oo Value: 1
.adsrvr.org/	1970-01-20 12:16:59	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiQirCR5ufiOhAFGAEgASgCMgsIkIKzvvzn4joQBTgBWgV0YXBhZGAC
.tapad.com/	1970-01-20 04:57:47	Name: TapAd_3WAY_SYNCS Value: 1!3715
.adnxs.com/	1970-01-20 05:40:59	Name: uuid2 Value: 1397029095435813568
.33across.com/	1970-01-20 12:16:59	Name: 33x_ps Value: u%3D117722287215735%3As1%3D1654283616313%3Ats%3D1654283616313
.adnxs.com/	1970-01-20 05:40:59	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?]qdXp2!]tbP6j2F-XstGt!@DsC$v/hV
.rlcdn.com/	1970-01-20 12:16:59	Name: rlas3 Value: VfTpwVs7UmDnMA9yaCJhJBBONSZy2ZS5kKXpr22k7mE=
.bidswitch.net/	1970-01-20 12:16:59	Name: tuuid Value: f1daf2e2-ae6f-46b4-8f13-0829e1224167
.bidswitch.net/	1970-01-20 12:16:59	Name: c Value: 1654283616
.bidswitch.net/	1970-01-20 12:16:59	Name: tuuid_lu Value: 1654283616
.go.affec.tv/	1970-01-20 12:16:59	Name: pt Value: eyJhbiI6eyJkdCI6MTY1NDI4MzYxNiwiaWQiOiIxMzk3MDI5MDk1NDM1ODEzNTY4IiwibHMiOjE2NTQyODM2MTZ9LCJ0dCI6eyJkdCI6MTY1NDI4MzYxNiwiaWQiOiJDb0lLUjJLYVhWODJDbnI4Qll1WEFnPT0iLCJscyI6MTY1NDI4MzYxNn0sInYiOjB9\|1654283616\|d88615b088fcc846129bc733542c73120f62a69b
.bluekai.com/	1970-01-20 07:50:35	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 07:50:35	Name: bkpa Value: KJpEnXTLu5Dl1MzN+nEwEnWN1Mu0+extLExt1pvtDY+vnqcBv17BDu+vpWFJpfDNBe1N1q/yBM169yYyr92M
.bluekai.com/	1970-01-20 07:50:35	Name: bku Value: 4tL99sO5ZZJK/2Al
.krxd.net/	1970-01-20 07:50:35	Name: _kuid_ Value: O4G6QQG5
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 26

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://snorefamiliarsiege.com/c7/7d/37/c77d3767acca30e285f49a68255e6789.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://leopart.gimpromed.com/(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://leopart.gimpromed.com/(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://snorefamiliarsiege.com/503de238648ac767e52316b449a25761/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn.statically.io
cdn.tynt.com
ce.lijit.com
connect-metrics-collector.s-onetag.com
data-beacons.s-onetag.com
de.tynt.com
dp1.33across.com
dp2.33across.com
e.dtscout.com
get.s-onetag.com
i.liadm.com
i6.liadm.com
ic.tynt.com
idsync.rlcdn.com
leopart.gimpromed.com
load77.exelator.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
ml314.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.adsymptotic.com
pd.sharethis.com
pixel.33across.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
s10.histats.com
s4.histats.com
secure.adnxs.com
snorefamiliarsiege.com
stags.bluekai.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
um.simpli.fi
usermatch.krxd.net
ws.rqtrk.eu
www.canada.ca
x.bidswitch.net
104.126.112.185
104.18.36.173
104.18.98.194
107.178.246.49
13.225.213.31
13.225.63.125
13.226.39.29
13.226.39.49
13.33.86.61
138.197.56.196
15.197.193.217
15.235.42.102
164.68.98.141
169.60.66.35
18.210.147.45
18.221.66.115
192.243.61.225
198.27.80.143
23.10.83.212
23.78.204.173
23.92.190.68
2600:1400:d:596::fe9
2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
2606:4700:3032::ac43:dc33
2a02:6ea0:c400::11
2a04:4e42::347
3.135.108.30
3.232.64.79
34.111.234.236
34.231.116.207
35.190.60.146
35.211.178.172
46.105.201.240
50.16.197.56
51.210.112.63
51.89.24.69
51.89.99.21
52.20.237.222
52.4.54.89
63.251.86.51
67.202.105.22
67.202.105.32
67.202.105.34
68.67.179.122
75.2.13.80
99.84.126.24
01f628deb4f3fd6069abf843a42cc38b994fe28c23e162d8de359df2179880d9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
22dff282bed52d450dfa22fe9ef03d964f610dc3b9e5d50ffd222316d639b59d
2b0f5e71e32b1d4e5225d5b69ccda06f6af56385939e0911398e27baadb5057a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30f68b25bfa1db8a40f07f1ad73e2a4f113b47955de14f8c51dcd962391ee5fc
3118073eaed8cb803014b67da1429a825f6250fbfc856734a0f0859ea200dd2e
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
365a9df079452661851aef54c0cd413cc2d03a3f1763d2852e754678b7628123
3702daac05cba45805b16f1bfd65464cf9e3e4fd8606769acad8a6811309d881
39344869b917bfc4563213f63c4e19b9b2b0d2a12145fb8d0dd71df783507a92
3b0f51ad15979e288b3d100426e66349632baff78a80a285ca81d654838e066b
46067ec62dc536f845ce7dcfe7c4e23a27239323b2b13f621dd051e415be23f1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2328e53b209220eb05d1432f6ca6d1f366f6c09a2b51ed4ec2b3339a869ae9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5012325d0068cc00c20ec0da7e2011f9c0e08cf3f0168f1ac4d52b70b6c7fdba
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
58e4cd0fe5231f4d908842d327031a1e0439b9e88a24ba3eeec2167acfc9df7c
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8e994d2c89070cbbfe3d1c1bbe8a4424cced3c05b88c4720ca6cbd1776a0c6b4
9f7316ed3cae3bc3b8977e18b079a2a1207c31a17dfc7bab53dd90034cf517ff
a45189ac39d4e786ace487607a9f0a9e4b69cb298890d6f1ae7a4ef4565e5797
a65c263c71409032ac994b66e516ea963a648457891f9eb5fde3eca8e987e95b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb708d87c1989d9741107e5ab1155ea73f9f935fb6cfcb9fdf08de3aabaad75b
bbebbbcedd016de6d51b0df53d6827c252454413952cdddcf325bdc72e861a18
c7591d7ec9261ce2b61baebb4b2833bae726ee01960aa43d3d004ec741cfa1ba
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d033908198c075f4a992dd3736f2247343ae45d7193f504d39f95571a5e129b1
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
dcb8bb7b70d4aab2040aac6dae066fb6e7472d49aeee4842216dd2b069a0508b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ce819b521d2d0e8a5d5011497ec798ca439a1ccf309f3a4fa31cdaf8714080

leopart.gimpromed.com Open in urlscan Pro 164.68.98.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

58 %HTTPS

11 %IPv6

32 Domains

49 Subdomains

36 IPs

6 Countries

286 kBTransfer

367 kBSize

61 Cookies

0 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leopart.gimpromed.com Open in urlscan Pro
164.68.98.141 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

58 %
HTTPS

11 %
IPv6

32
Domains

49
Subdomains

36
IPs

6
Countries

286 kB
Transfer

367 kB
Size

61
Cookies

59 HTTP transactions
0 data transactions