urlscan.io logo urlscan.io
SecurityTrails logo

www.ptonline.net Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ptonline.net/
Effective URL: https://www.ptonline.net/
Submission: On April 21 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 124 IPs in 14 countries across 121 domains to perform 529 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.ptonline.net.
TLS certificate: Issued by R3 on March 7th 2021. Valid for: 3 months.
This is the only time www.ptonline.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 192.104.182.209 10668 (LEE-ASN)
27 104.18.130.43 13335 (CLOUDFLAR...)
2 13.224.102.8 16509 (AMAZON-02)
3 65.9.66.129 16509 (AMAZON-02)
1 184.51.9.197 16625 (AKAMAI-AS)
1 1 65.9.66.119 16509 (AMAZON-02)
1 52.34.182.239 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
1 54.82.174.208 14618 (AMAZON-AES)
10 2600:9000:205... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 35.190.39.246 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 13.224.102.31 16509 (AMAZON-02)
6 142.250.185.130 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
21 185.220.204.204 41436 (CLOUDWEBM...)
11 2a00:1450:400... 15169 (GOOGLE)
4 13.224.103.105 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 52.52.166.208 16509 (AMAZON-02)
3 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.211.251.238 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 44.228.91.9 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 34.248.176.243 16509 (AMAZON-02)
6 184.51.9.34 16625 (AKAMAI-AS)
4 5 185.94.180.125 35220 (SPOTX-AMS)
6 7 35.244.159.8 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
25 185.127.16.51 210329 (CLOUDWEBM...)
5 6 18.185.180.173 16509 (AMAZON-02)
1 1 116.202.172.174 24940 (HETZNER-AS)
8 20 184.51.9.98 16625 (AKAMAI-AS)
3 3 185.33.221.52 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.229.115 16509 (AMAZON-02)
1 54.227.136.247 14618 (AMAZON-AES)
1 52.59.160.25 16509 (AMAZON-02)
2 184.51.10.56 16625 (AKAMAI-AS)
2 5 104.111.237.88 16625 (AKAMAI-AS)
2 3 37.157.2.238 198622 (ADFORM)
2 89.187.169.15 60068 (CDN77 (^_^)/)
1 2a0c:5c81:513... 55081 (24SHELLS)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
2 11 62.149.0.72 15497 (COLOCALL ...)
1 8 46.249.52.248 50673 (SERVERIUS-AS)
1 1 3.81.223.233 14618 (AMAZON-AES)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 67.202.110.34 32748 (STEADFAST)
2 208.100.17.184 32748 (STEADFAST)
2 3 72.251.249.9 29791 (VOXEL-DOT...)
2 2 35.227.252.103 15169 (GOOGLE)
7 10 185.33.221.90 29990 (ASN-APPNEX)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 13 3.123.78.164 16509 (AMAZON-02)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 18.198.69.109 16509 (AMAZON-02)
8 9 35.227.248.159 15169 (GOOGLE)
7 7 213.19.147.44 26120 (RHYTHMONE)
12 14 52.17.101.63 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
4 46.249.52.249 50673 (SERVERIUS-AS)
5 5.178.65.253 50673 (SERVERIUS-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 8 3.221.146.169 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 168.119.146.39 24940 (HETZNER-AS)
2 13 178.162.133.149 60781 (LEASEWEB-...)
7 9 18.156.0.31 16509 (AMAZON-02)
1 1 88.214.206.142 46636 (NATCOWEB)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 104.111.230.142 16625 (AKAMAI-AS)
1 185.94.180.123 35220 (SPOTX-AMS)
2 65.9.66.19 16509 (AMAZON-02)
1 52.160.40.218 8075 (MICROSOFT...)
1 130.211.10.17 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:44f... 14618 (AMAZON-AES)
1 34.120.58.62 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.102 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
10 10 151.101.114.49 54113 (FASTLY)
3 4 18.197.47.23 16509 (AMAZON-02)
21 63 142.250.74.194 15169 (GOOGLE)
1 34.205.199.230 14618 (AMAZON-AES)
4 5 69.173.144.138 26667 (RUBICONPR...)
4 69.173.144.139 26667 (RUBICONPR...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
5 5 185.29.133.208 30419 (MEDIAMATH...)
2 35.244.174.68 15169 (GOOGLE)
2 4 2a00:1288:110... 34010 (YAHOO-IRD)
1 178.162.133.150 60781 (LEASEWEB-...)
1 23.37.38.181 16625 (AKAMAI-AS)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 194.213.62.34 5588 (GTSCE GTS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 72.21.206.140 16509 (AMAZON-02)
1 52.45.120.123 14618 (AMAZON-AES)
4 12 52.30.140.199 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 37.252.172.68 29990 (ASN-APPNEX)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 212.129.3.113 12876 (Online SAS)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 51.89.9.251 16276 (OVH)
48 2a00:1450:400... 15169 (GOOGLE)
1 52.51.154.44 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 52.49.27.34 16509 (AMAZON-02)
1 1 52.86.150.190 14618 (AMAZON-AES)
8 172.217.23.98 15169 (GOOGLE)
2 2 18.156.12.32 16509 (AMAZON-02)
3 4 198.148.27.140 19189 (PULSEPOINT)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 208.100.17.173 32748 (STEADFAST)
2 3 37.157.3.30 198622 (ADFORM)
1 151.101.13.44 54113 (FASTLY)
1 154.57.158.51 26558 (FREEWHEEL)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.210.171.182 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.107 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 2 52.58.248.2 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 52.49.95.65 16509 (AMAZON-02)
1 1 104.79.88.164 16625 (AKAMAI-AS)
1 1 35.172.143.213 14618 (AMAZON-AES)
1 2 52.95.123.41 16509 (AMAZON-02)
1 2 92.123.150.214 16625 (AKAMAI-AS)
1 52.210.236.221 16509 (AMAZON-02)
1 2 104.111.242.245 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 3.127.92.82 16509 (AMAZON-02)
1 1 81.222.128.215 20597 (ELTEL-AS)
1 1 2620:119:50e3... 14413 (LINKEDIN)
1 1 34.252.219.156 16509 (AMAZON-02)
2 2 35.157.249.55 16509 (AMAZON-02)
2 2 217.66.147.166 29209 (SPBMTS-AS...)
1 1 213.87.44.207 13174 (MTSNET Mo...)
1 2607:f8b0:402... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (TURN)
1 216.46.185.183 13649 (ASN-VINS)
2 2 66.155.71.149 13768 (COGECO-PEER1)
1 3.122.214.165 16509 (AMAZON-02)
2 172.217.16.130 15169 (GOOGLE)
529 124
6    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
ptonline.net
www.ptonline.net
27    104.18.130.43 (United States)

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
2    13.224.102.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-8.zrh50.r.cloudfront.net
tags.crwdcntrl.net
3    65.9.66.129 (United States)

ASN16509 (AMAZON-02, US)
cdn.livefyre.com
1    184.51.9.197 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-197.deploy.static.akamaitechnologies.com
s.ntv.io
1    65.9.66.119 (United States)

ASN16509 (AMAZON-02, US)
d1gzrgn7m19oq9.cloudfront.net
1    52.34.182.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-182-239.us-west-2.compute.amazonaws.com
casmp.adperfect.com
2    2a00:1450:4001:829::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
japfg-trending-content.appspot.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
1    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
10    2600:9000:2057:4c00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
6    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    35.190.39.246 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 246.39.190.35.bc.googleusercontent.com
bandborder.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.224.102.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-31.zrh50.r.cloudfront.net
prod.adspsp.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
8    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
21    185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.sekindo.com
11    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:2057:4400:1e:7118:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
geo.adspsp.com
2    52.52.166.208 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-166-208.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    3.211.251.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-251-238.compute-1.amazonaws.com
identity.livefyre.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2600:9000:2190:a200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    44.228.91.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-91-9.us-west-2.compute.amazonaws.com
adspsp.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
5    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
1    2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    34.248.176.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
s.srvmath.com
6    184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
us-u.openx.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
25    185.127.16.51 (London, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, US)
video.primis.tech
6    18.185.180.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-180-173.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    116.202.172.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.172.202.116.clients.your-server.de
csync.loopme.me
20    184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
3    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    52.216.229.115 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
livefyre-cdn.s3.amazonaws.com
1    54.227.136.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
bootstrap.livefyre.com
1    52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
2    184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
5    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
js.adscale.de
tracking.m6r.eu
3    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    89.187.169.15 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-15.cdn77.com
cdn.admatic.com.tr
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
11    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
sync.console.adtarget.com.tr
sync.adtelligent.com
8    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
ads.us.e-planning.net
u-ams02.e-planning.net
1    3.81.223.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-223-233.compute-1.amazonaws.com
nep.advangelists.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    67.202.110.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-110.static.steadfastdns.net
ic.tynt.com
2    208.100.17.184 (United States)

ASN32748 (STEADFAST, US)
de.tynt.com
3    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
10    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
13    3.123.78.164 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ih.adscale.de
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
loadm.exelator.com
9    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
7    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
14    52.17.101.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
4    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
sync.e-planning.net
5    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
8    3.221.146.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
13    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
9    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    65.9.66.19 (United States)

ASN16509 (AMAZON-02, US)
cdn-resources.prfct.cc
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
1    130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
www.justapinch.com
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2600:1f18:44f0:4840:562f:2028:6b66:1a65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
www.americanhometownmedia.com
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
20    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
pixel.advertising.com
63    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    34.205.199.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.viafoura.co
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
5    185.29.133.208 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
17    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    194.213.62.34 (Brno, Czech Republic)

ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ)
PTR: bbnautid3.ibillboard.com
bbnaut.ibillboard.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    52.45.120.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
12    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    37.252.172.68 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
adscale-emea.adnxs.com
7    2606:4700:20::681a:24e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    212.129.3.113 (France)

ASN12876 (Online SAS, FR)
js.cookieless-data.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
48    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.51.154.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    52.49.27.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    52.86.150.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
googleads4.g.doubleclick.net
2    18.156.12.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
4    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    208.100.17.173 (United States)

ASN32748 (STEADFAST, US)
PTR: ip173.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
3    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:d120:1359:acbb:2de6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.210.171.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loadeu.exelator.com
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
idsync.frontend.weborama.fr
1    89.163.159.107 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
cms.analytics.yahoo.com
2    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
2    52.49.95.65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    104.79.88.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    35.172.143.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usermatch.krxd.net
2    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    92.123.150.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
tags.bluekai.com
1    52.210.236.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4232:4acf:609e:729c:ab1e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
1    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    34.252.219.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.yieldmo.com
2    35.157.249.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.360yield.com
2    217.66.147.166 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
sm.rtb.mts.ru
1    213.87.44.207 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru
tech.rtb.mts.ru
1    2607:f8b0:4023:1006::78 (Fort Worth, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    216.46.185.183 (Englewood, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
67 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
249 KB
53 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
ade.googlesyndication.com
230 KB
48 2mdn.net
s0.2mdn.net
683 KB
27 townnews.com
bloximages.chicago2.vip.townnews.com
480 KB
25 primis.tech
video.primis.tech
419 KB
21 casalemedia.com
ssum-sec.casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
22 KB
21 sekindo.com
live.sekindo.com
378 KB
17 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
6 KB
17 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
sync.e-planning.net
s.e-planning.net
19 KB
16 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
cms.analytics.yahoo.com
11 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
14 sonobi.com
sync.go.sonobi.com
apex.go.sonobi.com
14 KB
14 adsrvr.org
match.adsrvr.org
6 KB
14 adnxs.com
secure.adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
12 KB
14 srvmath.com
s.srvmath.com
45 KB
14 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
31 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
16 KB
11 youtube.com
www.youtube.com
758 KB
10 everesttech.net
sync-tm.everesttech.net
3 KB
10 viafoura.net
cdn.viafoura.net
240 KB
9 tapad.com
pixel.tapad.com
4 KB
9 openx.net
u.openx.net
rtb.openx.net
us-u.openx.net
2 KB
8 audrte.com
a.audrte.com
9 KB
8 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
53 KB
8 google.com
ampcid.google.com
www.google.com
adservice.google.com
15 KB
8 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
74 KB
8 google-analytics.com
www.google-analytics.com
21 KB
7 quantumdex.io
sync.quantumdex.io
3 KB
7 1rx.io
sync.1rx.io
4 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
4 KB
7 googletagservices.com
www.googletagservices.com
213 KB
6 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
6 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
3 KB
6 adform.net
cm.adform.net
track.adform.net
dmp.adform.net
2 KB
6 bidswitch.net
x.bidswitch.net
2 KB
6 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
5 KB
6 googletagmanager.com
www.googletagmanager.com
239 KB
6 livefyre.com
cdn.livefyre.com
identity.livefyre.com
bootstrap.livefyre.com
170 KB
6 ptonline.net
ptonline.net
www.ptonline.net
60 KB
5 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
49 KB
5 bandborder.com
bandborder.com
36 KB
4 contextweb.com
bh.contextweb.com
3 KB
4 viafoura.co
api.viafoura.co
i.viafoura.co
4 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
4 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
2 KB
4 tynt.com
ic.tynt.com
de.tynt.com
3 KB
4 adspsp.com
prod.adspsp.com
geo.adspsp.com
adspsp.com
72 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 owneriq.net
px.owneriq.net
1 KB
3 googleusercontent.com
lh3.googleusercontent.com
49 KB
3 richaudience.com
sync.richaudience.com
741 B
3 lijit.com
ap.lijit.com
2 KB
3 googleapis.com
fonts.googleapis.com
3 KB
3 google.de
ampcid.google.de
adservice.google.de
1 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 360yield.com
match.360yield.com
787 B
2 w55c.net
pm.w55c.net
2 KB
2 teads.tv
sync.teads.tv
406 B
2 bluekai.com
tags.bluekai.com
650 B
2 agkn.com
aa.agkn.com
792 B
2 weborama.fr
idsync.frontend.weborama.fr
842 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
792 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 betweendigital.com
ads.betweendigital.com
925 B
2 turn.com
ad.turn.com
d.turn.com
836 B
2 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
462 B
2 prfct.cc
cdn-resources.prfct.cc
3 KB
2 exelator.com
loadm.exelator.com
loadeu.exelator.com
954 B
2 creativecdn.com
creativecdn.com
721 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 moatads.com
z.moatads.com
s-jsonp.moatads.com
55 KB
2 postrelease.com
jadserve.postrelease.com
2 KB
2 cityspark.com
cdn.cityspark.com
p.cityspark.com
2 KB
2 appspot.com
japfg-trending-content.appspot.com
2 KB
1 eyeota.net
ps.eyeota.net
1 KB
1 ib-ibi.com
global.ib-ibi.com
72 B
1 yieldmo.com
ads.yieldmo.com
462 B
1 linkedin.com
px.ads.linkedin.com
592 B
1 adriver.ru
ssp.adriver.ru
339 B
1 tremorhub.com
partners.tremorhub.com
183 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
38 B
1 mookie1.com
odr.mookie1.com
608 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
361 B
1 taboola.com
trc.taboola.com
163 B
1 33across.com
ssc-cms.33across.com
72 B
1 criteo.com
dis.criteo.com
514 B
1 rfihub.com
p.rfihub.com
756 B
1 extend.tv
sync.extend.tv
546 B
1 adroll.com
d.adroll.com
112 B
1 adotmob.com
sync.adotmob.com
682 B
1 bidr.io
match.prod.bidr.io
430 B
1 onetag-sys.com
onetag-sys.com
818 B
1 cookieless-data.com
js.cookieless-data.com
367 B
1 adentifi.com
rtb.adentifi.com
88 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 americanhometownmedia.com
www.americanhometownmedia.com
104 KB
1 justapinch.com
www.justapinch.com
22 KB
1 admanmedia.com
cs.admanmedia.com
428 B
1 dotomi.com
prebid-match.dotomi.com
104 B
1 navdmp.com
tag.navdmp.com
4 KB
1 trafmag.com
t.trafmag.com
232 B
1 advangelists.com
nep.advangelists.com
229 B
1 amazonaws.com
livefyre-cdn.s3.amazonaws.com
17 KB
1 loopme.me
csync.loopme.me
243 B
1 ytimg.com
i.ytimg.com
99 KB
1 ggpht.com
yt3.ggpht.com
4 KB
1 quantcount.com
rules.quantcount.com
quantcount.com Failed
359 B
1 cnhionline.com
static.cnhionline.com
22 KB
1 adperfect.com
casmp.adperfect.com
3 KB
1 cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
535 B
1 ntv.io
s.ntv.io
103 KB
0 akamai.net Failed
r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
529 121
Domain Requested by
48 s0.2mdn.net www.ptonline.net
s0.2mdn.net
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
40 cm.g.doubleclick.net 21 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
www.ptonline.net
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
bcp.crwdcntrl.net
27 bloximages.chicago2.vip.townnews.com www.ptonline.net
bloximages.chicago2.vip.townnews.com
26 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.ptonline.net
www.googletagservices.com
25 video.primis.tech www.ptonline.net
21 live.sekindo.com www.ptonline.net
live.sekindo.com
20 tpc.googlesyndication.com bandborder.com
www.ptonline.net
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
tpc.googlesyndication.com
14 mwzeom.zeotap.com spl.zeotap.com
ads.us.e-planning.net
14 match.adsrvr.org 12 redirects eus.rubiconproject.com
ssum.casalemedia.com
14 s.srvmath.com live.sekindo.com
s.srvmath.com
13 dsum-sec.casalemedia.com 4 redirects ssum.casalemedia.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
13 sync.go.sonobi.com 2 redirects sync.quantumdex.io
sync.go.sonobi.com
www.ptonline.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
11 www.youtube.com www.ptonline.net
bloximages.chicago2.vip.townnews.com
www.youtube.com
10 sync-tm.everesttech.net 10 redirects
10 ib.adnxs.com 7 redirects www.americanhometownmedia.com
googleads.g.doubleclick.net
spl.zeotap.com
10 cdn.viafoura.net www.ptonline.net
cdn.viafoura.net
9 ups.analytics.yahoo.com 7 redirects www.ptonline.net
9 pixel.tapad.com 8 redirects spl.zeotap.com
8 googleads4.g.doubleclick.net www.ptonline.net
8 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.console.adtarget.com.tr
8 googleads.g.doubleclick.net 1 redirects www.youtube.com
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
www.ptonline.net
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.ptonline.net
7 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
7 bcp.crwdcntrl.net 4 redirects ssum.casalemedia.com
tags.crwdcntrl.net
www.ptonline.net
7 sync.1rx.io 7 redirects
7 www.googletagservices.com www.ptonline.net
securepubads.g.doubleclick.net
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
6 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
6 sync.console.adtarget.com.tr s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
6 x.bidswitch.net 5 redirects www.ptonline.net
6 ads.pubmatic.com live.sekindo.com
s.console.adtarget.com.tr
ads.pubmatic.com
ads.us.e-planning.net
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
6 www.googletagmanager.com www.ptonline.net
www.googletagmanager.com
5 sync.crwdcntrl.net bcp.crwdcntrl.net
5 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com www.ptonline.net
5 sync.mathtag.com 5 redirects
5 s.e-planning.net ads.us.e-planning.net
5 sync.adtelligent.com 2 redirects s.adtelligent.com
5 sync.search.spotxchange.com 4 redirects googleads.g.doubleclick.net
5 www.google.com www.youtube.com
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
5 bandborder.com www.ptonline.net
bandborder.com
5 www.ptonline.net www.ptonline.net
4 bh.contextweb.com 3 redirects sync.go.sonobi.com
4 pr-bh.ybp.yahoo.com 2 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
4 pixel.rubiconproject.com eus.rubiconproject.com
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 pixel.advertising.com 3 redirects www.ptonline.net
4 sync.e-planning.net ads.us.e-planning.net
eus.rubiconproject.com
sync.quantumdex.io
4 sync.targeting.unrulymedia.com 4 redirects
4 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
sync.quantumdex.io
4 u.openx.net 4 redirects
4 c.amazon-adsystem.com prod.adspsp.com
c.amazon-adsystem.com
live.sekindo.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
3 api.viafoura.co cdn.viafoura.net
3 lh3.googleusercontent.com www.ptonline.net
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 ap.lijit.com 2 redirects www.americanhometownmedia.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 secure.adnxs.com 3 redirects
3 fonts.googleapis.com live.sekindo.com
www.ptonline.net
s0.2mdn.net
3 stats.g.doubleclick.net www.google-analytics.com
3 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
3 cdn.livefyre.com www.ptonline.net
cdn.livefyre.com
2 ade.googlesyndication.com
2 pixel-sync.sitescout.com 2 redirects
2 tracking.m6r.eu 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 match.360yield.com 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 aa.agkn.com 1 redirects bcp.crwdcntrl.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 track.adform.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 adservice.google.com www.ptonline.net
2 adservice.google.de www.ptonline.net
2 ads.yahoo.com eus.rubiconproject.com
googleads.g.doubleclick.net
2 cdn-resources.prfct.cc d1gzrgn7m19oq9.cloudfront.net
2 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 pixel.sitescout.com 2 redirects
2 rtb.openx.net 2 redirects
2 de.tynt.com s.adtelligent.com
sync.quantumdex.io
2 ic.tynt.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 adspsp.com www.ptonline.net
2 identity.livefyre.com cdn.livefyre.com
2 jadserve.postrelease.com s.ntv.io
www.ptonline.net
2 japfg-trending-content.appspot.com www.ptonline.net
2 tags.crwdcntrl.net www.ptonline.net
s.e-planning.net
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 ps.eyeota.net s.console.adtarget.com.tr
1 global.ib-ibi.com bcp.crwdcntrl.net
1 d.turn.com 1 redirects
1 csi.gstatic.com securepubads.g.doubleclick.net
1 tech.rtb.mts.ru 1 redirects
1 ads.yieldmo.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 cms.quantserve.com 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
1 ssp.adriver.ru 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 ssc-cms.33across.com de.tynt.com
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 sync.extend.tv 1 redirects
1 d.adroll.com 1 redirects
1 sync.adotmob.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 onetag-sys.com sync.quantumdex.io
1 js.cookieless-data.com s.e-planning.net
1 adscale-emea.adnxs.com 1 redirects
1 ad.turn.com 1 redirects
1 rtb.adentifi.com ssum.casalemedia.com
1 bbnaut.ibillboard.com 1 redirects
1 htlb.casalemedia.com www.americanhometownmedia.com
1 apex.go.sonobi.com www.americanhometownmedia.com
1 id.rlcdn.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 i.viafoura.co www.ptonline.net
1 ad.doubleclick.net bandborder.com
1 www.americanhometownmedia.com www.ptonline.net
1 www.justapinch.com www.ptonline.net
1 p.cityspark.com cdn.cityspark.com
1 search.spotxchange.com live.sekindo.com
1 s-jsonp.moatads.com www.ptonline.net
1 secure-assets.rubiconproject.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 tag.navdmp.com ads.us.e-planning.net
1 loadm.exelator.com 1 redirects
1 t.trafmag.com s.adtelligent.com
1 nep.advangelists.com 1 redirects
1 s.adtelligent.com s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 z.moatads.com s.ntv.io
1 ads.adaptv.advertising.com live.sekindo.com
1 bootstrap.livefyre.com cdn.livefyre.com
1 livefyre-cdn.s3.amazonaws.com cdn.livefyre.com
1 www.gstatic.com www.youtube.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.sekindo.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 pixel.quantserve.com www.ptonline.net
1 rules.quantcount.com secure.quantserve.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 secure.quantserve.com www.ptonline.net
1 geo.adspsp.com prod.adspsp.com
1 prod.adspsp.com www.ptonline.net
1 static.cnhionline.com www.ptonline.net
1 cdn.cityspark.com www.ptonline.net
1 casmp.adperfect.com www.ptonline.net
1 d1gzrgn7m19oq9.cloudfront.net 1 redirects
1 s.ntv.io www.ptonline.net
1 ptonline.net 1 redirects
0 r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net Failed
0 ums.acuityplatform.com Failed www.ptonline.net
0 google2waycm.netmng.com Failed 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
0 quantcount.com Failed secure.quantserve.com
529 185
Subject Issuer Validity Valid
ptonline.net
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-09 -
2022-04-09		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
cdn.livefyre.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-26 -
2022-03-02		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.adperfect.com
Amazon		 2020-06-11 -
2021-07-11		 a year crt.sh
*.appspot.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-19 -
2021-11-22		 a year crt.sh
*.cnhionline.com
Go Daddy Secure Certificate Authority - G2		 2020-07-29 -
2022-09-27		 2 years crt.sh
viafoura.com
Amazon		 2020-11-05 -
2021-12-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
bandborder.com
R3		 2021-02-26 -
2021-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
prod.adspsp.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
www.sekindo.com
Go Daddy Secure Certificate Authority - G2		 2021-04-06 -
2021-11-28		 8 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
geo.adspsp.com
Amazon		 2021-02-19 -
2022-03-20		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
identity.livefyre.com
DigiCert SHA2 High Assurance Server CA		 2020-08-21 -
2021-08-26		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
adspsp.com
Amazon		 2021-02-15 -
2022-03-16		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
srvmath.com
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-04-03 -
2021-07-02		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
www.livefyre.com
DigiCert SHA2 High Assurance Server CA		 2020-08-27 -
2021-09-01		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
cat.adscale.de
DigiCert SHA2 Secure Server CA		 2020-10-23 -
2021-11-21		 a year crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-04-07 -
2021-07-06		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
sync.console.adtarget.com.tr
R3		 2021-04-02 -
2021-07-01		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-15 -
2021-06-21		 a year crt.sh
*.adscale.de
Amazon		 2020-06-05 -
2021-07-07		 a year crt.sh
*.e-planning.net
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.cityspark.com
Go Daddy Secure Certificate Authority - G2		 2020-02-13 -
2022-04-13		 2 years crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2020-04-22 -
2022-05-30		 2 years crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-05-10 -
2022-07-09		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-05-05		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
js.cookieless-data.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
onetag-sys.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.redinuid.imrworldwide.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-03-24 -
2022-03-30		 a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-03-08		 a year crt.sh
*.eyeota.net
R3		 2021-02-28 -
2021-05-29		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh

This page contains 54 frames:

Primary Page: https://www.ptonline.net/
Frame ID: F05BC39CF8B61A22D5BFB78EAC00DB5C
Requests: 171 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Frame ID: 8D86A98DFCD11F369C56ECB21E2973EE
Requests: 17 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Frame ID: 2DEC79D7493E407BDB9398A482CCC90E
Requests: 36 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 6633929E05442B008F6465080CD230B2
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=94&advUuid=203594a6-a266-11eb-bb5d-15758c631506
Frame ID: ABFD604A67B792766970BAC0CC41DCE5
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=98&advUuid=8c90ff2b-0a3e-4d06-8728-c77ddd8f15c0
Frame ID: A7D3CA5AB46203271FF3600DF216A25A
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 922E87D16FECF6B934D0386627887659
Requests: 3 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 63FFA2F963495C8771B4B944A119E0B2
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 57AF5BDDE63616A6F4AB6F83C8AE4C09
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 816AC77AB39BCC8D2AA0CACBA5C03D41
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 47411EA56423C35915D387894B660805
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=p7Q0v7Ht1K7qOILlV2mn&pi=admatic&tc=1
Frame ID: DE43D4F8D8EE7380C770875A1F3A105D
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: B7A16C6C8B4CE7F56CB41E294B82FAEA
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: B09603F51CD75FBE80303E5BD30EB738
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 76D66376F970E910DE330E80638E2A80
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FA225FA333140C6CAC16D9CD476FDB85
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: D1FD9485380D7F5A7ED52518F18E48FE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: DC78E928D44C8D61C7576A1798DD9F4F
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0882392d948a7407%26uid%3D
Frame ID: 5F241A04A4931D46AA91D24AD2CBCF53
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5392718D82E67DCE7140F315C27E3E65
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 472172F69787BEEC7F38A3C0D5247870
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 1C9244141CB2ED35461DBE878D69CB7A
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.ptonline.net/0a80eae2-5d8d-4a13-af19-344a96db1ca4
Frame ID: 0ECA512AD1F0A81F2D72CD331BFCB454
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Frame ID: EC47CED0189FD44BB302CDFAEEDA4313
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&cmp=0
Frame ID: E4C0882AE573EA071B91838A08C52061
Requests: 31 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 241F29708F72DA8E592585A75F575D5D
Requests: 11 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 3816087F7FFD7E1568479F42DB3D577D
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: F8A5BE68F01C26FD023FA328C0B1990C
Requests: 7 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ADt%2fzR1nPXA2QfBt
Frame ID: BADB2E663D565167D390D3A1042E77CC
Requests: 1 HTTP requests in this frame

Frame: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9723E44E5F12B710E153A7F8C0610DFF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGLOm9ZQBMAE&v=APEucNXEjgYPOs56Ritk3cVgtQEetRij1B9OP5bCrRv44RHBPQl4HpqS_OAWOVqpp9j_LZcQA9BF2ZLILX96NeO8dR6ChdXq2A
Frame ID: 364305547AEC46DF3C8B8044BEE74676
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BCF8B8AC9656CF737C3147E9FC3D8F48
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: E214CAF519CD1493B94AA773813D8210
Requests: 2 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 0553CC46B3DF97ACE01DC6C7097D297E
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 0F70A3453BA2C372283D2E2B0BDD5474
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA65240FAB69283A21F79B91EA6D3316
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9506911/1605078249191/index.html
Frame ID: 0C5C95696C01B6F34AC205697DB1AA0E
Requests: 12 HTTP requests in this frame

Frame: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 78A9152EA1B2854EC728CC29832431C7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
Frame ID: 0D86EFA1ED0BEA0E4A400237E6B208F3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Frame ID: A34075EFD9A7B159DAAE895EDEE05598
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9169E629814FA04F8D3C11C28FD7A832
Requests: 3 HTTP requests in this frame

Frame: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6713582B4E82231675C31C61731E44F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYhIy0pAEwAQ&v=APEucNUcGQuklqNe7p4iFWo6nwQkbrmVHx5Wfi6vSJNy9V7u5XXdCD6OHZzq3GIX-Sk0_qs5b2Y5SI7hHWgKXTcHwimJztyW6w
Frame ID: B49097FD6BEDD7CA9B1F13A7414411F0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7378B3805D9CBB47BF16176B985B9566
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BDAED54D2C9326E61C6432AAAE011C94
Requests: 3 HTTP requests in this frame

Frame: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 62C904C093185B68A86D693A2EC6E97D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYo4vZogEwAQ&v=APEucNVNhr2lo4TWq8wnboGkNK_caepzNpUokTnkK_h4iSczpqBkyWPKoCgL2cXXQnhcitkjtekE4dLsZx3I8oYEIVHbQpa99Q
Frame ID: 9F2F104B72CBC470DC394B11CD39D0E8
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4308604090950670236/index.html
Frame ID: 622D9AB650EBCB6E5F9D2436A29B76F1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F94C5038D6E886BBD64FF8809315365
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FB905AAE2D7925D1D635D851356659B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
Frame ID: A8ED0E1F383F06C2575C0E37C367D82F
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 010E0A3F919A54124990993747629014
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
Frame ID: 20AA17D95E6B25238E077A00443AE88C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8BACB8FE16D65B4B70E5437E69A6F6F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ptonline.net/ HTTP 301
    https://www.ptonline.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

529
Requests

99 %
HTTPS

25 %
IPv6

121
Domains

185
Subdomains

124
IPs

14
Countries

5157 kB
Transfer

13545 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ptonline.net/ HTTP 301
    https://www.ptonline.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.bdtonline.com HTTP 301
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 102
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=203594f7-a266-11eb-bb5d-15758c631506 HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=94&advUuid=203594a6-a266-11eb-bb5d-15758c631506
Request Chain 103
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=98&advUuid=8c90ff2b-0a3e-4d06-8728-c77ddd8f15c0
Request Chain 132
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=93&advUuid=d5b79ff0-f9fd-4d24-b0a5-a32ae68d0b28
Request Chain 133
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D99%26advUuid%3D&C=1 HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=99&advUuid=YH--O-fjRDxYPWnCDDm56gAABHIAAAAB
Request Chain 134
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D607fbe3b1ec4c%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=105&advUuid=1500623958703733180
Request Chain 150
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=p7Q0v7Ht1K7qOILlV2mn&pi=admatic&tc=1
Request Chain 151
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 153
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-4630061f-ff57-4323-9cc8-022820c38740
Request Chain 160
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 161
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=51236efa6009a992bbb06388
Request Chain 162
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=42eb9654-ffe7-461c-a8c1-914bb09c9458
Request Chain 163
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1517893553390067857
Request Chain 164
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7dafec5e8c8ee1c4
Request Chain 165
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=7dafec5e8c8ee1c4
Request Chain 166
  • https://ih.adscale.de/uu?cbfn=receive&t=1618984507 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1618984507&nut&uu=3881d01bfd53465a8702a90f060b8b90
Request Chain 168
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0882392d948a7407 HTTP 302
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0882392d948a7407 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348%26partner_url%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fuid%253D9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348%2526dc%253D0abbcb4eba840e59%2526fi%253D0882392d948a7407 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348%26dc%3D0abbcb4eba840e59%26fi%3D0882392d948a7407 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348%26dc%3D0abbcb4eba840e59%26fi%3D0882392d948a7407 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&dc=0abbcb4eba840e59&fi=0882392d948a7407
Request Chain 169
  • https://sync.1rx.io/usersync2/eplanning HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=571421152 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=571421152 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/f6e00b4b-f3b3-4f36-8663-aa5947badd95 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003%26dc%3D1079cc634ca638f8%26iss%3D1 HTTP 302
  • https://sync.e-planning.net/um?uid=RX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003&dc=1079cc634ca638f8&iss=1
Request Chain 173
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D0882392d948a7407%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0882392d948a7407&uid=42eb9654-ffe7-461c-a8c1-914bb09c9458
Request Chain 177
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D0882392d948a7407 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 178
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0882392d948a7407%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D0882392d948a7407%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0882392d948a7407&uid=7640132656411727853
Request Chain 179
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D0882392d948a7407%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e52415579699e09f&fi=0882392d948a7407&uid=d7877eb6-9502-4939-83c0-4fb2b960e74d
Request Chain 180
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-AibUCEpE2uEnTN6A6TXO4Q.uDHACNI9oiKdhyVg-~A
Request Chain 181
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D0882392d948a7407%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=0882392d948a7407&uid=74bfa5c68e33522b8e66e838c1ae13ba8957e7ce
Request Chain 183
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 217
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YH__PQAAV2C_ZgA4 HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YH__PQAAV2C_ZgA4&_origin=0&gdpr=1&gdpr_consent=&_test=YH__PQAAV2C_ZgA4
Request Chain 218
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyMTM2ZGU2My1hMjY2LTExZWItODA2OC0wNmZjNDVjM2ZiM2M%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEJW32F8GxW8XLIIs3oCvKiA&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJW32F8GxW8XLIIs3oCvKiA&google_cver=1&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=dd444542-72a3-4be3-b861-d663455d81b0&_origin=1&gdpr=1&gdpr_consent=
Request Chain 234
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186 HTTP 302
  • https://sync.e-planning.net/um?uid=KNR1KREQ-1F-5KHF&dc=9bcc91305985f0db&iss=1
Request Chain 235
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YH__PgAAVc9tRABg HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YH__PgAAVc9tRABg&_test=YH__PgAAVc9tRABg
Request Chain 236
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNR1KREQ-1F-5KHF&sigv=1&esig=2~f44936259f2dc841f7af7aac299b8784e95a785b
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f3ec607f-be3e-4900-be27-9ccce7a10340
Request Chain 239
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nldo11fgeWXFNIyOQBVDzsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3039255667877585307
Request Chain 240
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05SMUtSRVEtMUYtNUtIRg==
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELhBFpgNiLV6Ti7tKpZgIJA&google_cver=1
Request Chain 254
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Request Chain 259
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=3881d01bfd53465a8702a90f060b8b90&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=101&tpuid=BBID-01-02936985152819047-16267320
Request Chain 266
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB&dcc=t
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOY-XsNwEs6f4hh8bnndhD0&google_cver=1
Request Chain 269
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YH..QwLdEFh7y.Ej7jw0qwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
Request Chain 271
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
Request Chain 273
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3695498927344935404
Request Chain 275
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=0c609724172ec2439393984895adcd0b9fd78e3bce476b81499f3655c8274303&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
Request Chain 276
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=75&tpuid=1500623958703733180&gdpr=0
Request Chain 282
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1ccb02afb9672607334ec2876fd4c6f96c86fee82e0e5b80af112e9703be8555&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
Request Chain 292
  • https://track.adform.net/serving/cookie/match/?party=9&uid=8675c7b1d3a9941b1d0e8b5cd8775a59a8dc5e0b752eebcc9115fa535f0f590b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=8675c7b1d3a9941b1d0e8b5cd8775a59a8dc5e0b752eebcc9115fa535f0f590b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=42&gdpr=0&tpuid=5552835721824521810
Request Chain 293
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1500623958703733180
Request Chain 294
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1500623958703733180
Request Chain 295
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=2a388928-f611-40fb-a7b1-556dd136e6be
Request Chain 296
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=ee3db00f-02b5-526f-8a57-2f18ea28915b
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-q_i0PIZE2uEpebia_it08c37W7A.si11kMIZavM-~A
Request Chain 300
  • https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1
Request Chain 305
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YH..QwLdEFh7y.Ej7jw0qwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
Request Chain 309
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1500623958703733180
Request Chain 311
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YH__QwAAU6QPnQAC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH__QwAAU6QPnQAC&_test=YH__QwAAU6QPnQAC
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
Request Chain 313
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0623220438f66a45d73d8cc2&expiration=[EXPIRATION] HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0623220438f66a45d73d8cc2&expiration=[EXPIRATION]&C=1
Request Chain 314
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6722709221482085691&uid=Q6722709221482085691&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 315
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 316
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=755e5f82-a85d-4b1e-bec9-be6d65020b3e HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=755e5f82-a85d-4b1e-bec9-be6d65020b3e&C=1
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&bsw_user_id=9072911b-3954-4807-b04f-cb56b03d8384 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&bsw_user_id=9072911b-3954-4807-b04f-cb56b03d8384 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ec1a1380-9377-4e25-8ec0-b75032492fee&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9072911b-3954-4807-b04f-cb56b03d8384
Request Chain 324
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4d443a3ea2
Request Chain 325
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
Request Chain 326
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=9667915c-8d0a-4367-8f01-c934455cc24d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=T0F5YUVvalN5ZmswX0xlOVhtcVZNQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEpRTAhLsWLYSajdGi4uhMU&google_cver=1
Request Chain 327
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=438280698 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=438280698 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/ccd80e17-7f4b-403d-b333-1e186ad90222 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
Request Chain 328
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471594465557388
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTY2NzkxNWMtOGQwYS00MzY3LThmMDEtYzkzNDQ1NWNjMjRk HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGgT_koUiJp9aUI5-2XCz0Y&google_cver=1
Request Chain 330
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=89a42efbedd1baaa305a3248f611dd06027b7709bd316c2a0205fe9e16dc42d1&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b3389716-179a-4aba-998e-bfdca856ca4c
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDCHr60GmucnWY0wiRiD3gY&google_cver=1
Request Chain 354
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMDYyMzk1ODcwMzczMzE4MA%3D%3D
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENU9OtNj3VKRCsDTMGEnmzs&google_cver=1
Request Chain 356
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDM3MjlkMzktNWFlYS0yZmNiLWRlZmMtYjQ3ZWU5YjJmM2Jl
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL-s7Vgfy_5HbfGwVVzePB0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 389
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=255937e1-a266-11eb-8c41-9e061214b81a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 395
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=9058366c-dba7-4634-bf32-b0815549ed77&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 396
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=40155334469712157230316041238102552905&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 398
  • https://bn01.er.bemail.it/zeotap.php?_bid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021042107-66854-0.452413001618984516-49c5eafd1449c47d2a0b9985d33ec88a&zdid=533&env=mWeb
Request Chain 399
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6953485548959692953&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 401
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361&bounce=1&random=3119756399 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=/.BaVnmnsr4J6YH9bLaSHO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 403
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=cd4b94c5519b9be4ec88b1f30621bfa0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 404
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-qgiV55FE2oozvmYcy89Zk96uLkcK78eOsw--~A&zpartnerid=570&env=mWeb
Request Chain 405
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nESLXsIstfvS269gvP%2FlJNIp5kvG2fPQ%2BS41iYitP1U%3D
Request Chain 409
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH__QwAAU6QPnQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 410
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=6182607f-be42-4900-acea-1cbe90fa5603&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 411
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Request Chain 412
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&dcc=t
Request Chain 413
  • https://tags.bluekai.com/site/87734?id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJMMN1tsHCCPLEtHusdQfcY&google_cver=1
Request Chain 436
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmI2YzUyNTctMDc4OS00NmEyLThlZGUtMmJiMzlkODFmMDJi
Request Chain 437
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEHOAqp75AAPV6Cm-1wJ47G0&google_cver=1
Request Chain 443
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5Xj3HVOu4EvjpbqnOYa-ZGziBsSOAKxvA0z2BnmwyjlhsSjaCeCVHY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5Xj3HVOu4EvjpbqnOYa-ZGziBsSOAKxvA0z2BnmwyjlhsSjaCeCVHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bzlxRzVWdmgxTHo1UHc1&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5Xj3HVOu4EvjpbqnOYa-ZGziBsSOAKxvA0z2BnmwyjlhsSjaCeCVHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bzlxRzVWdmgxTHo1UHc1&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5Xj3HVOu4EvjpbqnOYa-ZGziBsSOAKxvA0z2BnmwyjlhsSjaCeCVHY&google_tc=
Request Chain 444
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPgRWIP_mK2OpqUwaz6k7gw&google_cver=1&google_push=AQvitUKosvLtq-XlOzN1gg2MqYYSp_kl_9Mo7BJNmqiKKl-tC0x-ufT65eHDmWOFnpyJDM0l09wnOiAxYciltp6iqtgbDpp-LigH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhfX1F3QUFVNlFQblFBQw==&google_gid=CAESEPgRWIP_mK2OpqUwaz6k7gw&google_cver=1&google_push=AQvitUKosvLtq-XlOzN1gg2MqYYSp_kl_9Mo7BJNmqiKKl-tC0x-ufT65eHDmWOFnpyJDM0l09wnOiAxYciltp6iqtgbDpp-LigH
Request Chain 445
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBH0PJ9LXquW2uIb0hab2LU&google_cver=1&google_push=AQvitUL5SphvmN644tGcEbKQZBnng32J2dpPHUmn0NgGvKEFvMEWyRHUBVtmdDGi4ECQPu_hfAtlc1lY8nFRq2OXorPY1OF-Bb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL5SphvmN644tGcEbKQZBnng32J2dpPHUmn0NgGvKEFvMEWyRHUBVtmdDGi4ECQPu_hfAtlc1lY8nFRq2OXorPY1OF-Bb0&google_hm=NzkxMDc2MjQ0NzkwNTM2NjExNA%3D%3D
Request Chain 446
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEO3V2nhy5i2v9CN9REGkX2A&google_cver=1&google_push=AQvitULj8ins-_a7ANpb1s9ID41XgjwDLpFwK6vUhU7xXV7nylmZsw-OhEKv-qzfSeGvAzA92Uk19pE3KvPQ29VfmiILOvlNXx0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitULj8ins-_a7ANpb1s9ID41XgjwDLpFwK6vUhU7xXV7nylmZsw-OhEKv-qzfSeGvAzA92Uk19pE3KvPQ29VfmiILOvlNXx0&google_hm=QWlXbUVLSlVtc2ZXSUhvUjQ1ZE1JN1E=
Request Chain 447
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBJtfVLk9IuS8CgWgo3WcwA&google_cver=1&google_push=AQvitUImukInO9ohV0mkUex0Iaz10ZZLhi3ZG4xhT_YiWg9_0_fVPYY8su-8rsn60Zum7nZpiGQaAmIJ7IAWH_0BFxYINDR7Ypc HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUImukInO9ohV0mkUex0Iaz10ZZLhi3ZG4xhT_YiWg9_0_fVPYY8su-8rsn60Zum7nZpiGQaAmIJ7IAWH_0BFxYINDR7Ypc%26google_hm%3DAwGusw9sMUnhrdm_qgkEtQo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUImukInO9ohV0mkUex0Iaz10ZZLhi3ZG4xhT_YiWg9_0_fVPYY8su-8rsn60Zum7nZpiGQaAmIJ7IAWH_0BFxYINDR7Ypc&google_hm=AwGusw9sMUnhrdm_qgkEtQo
Request Chain 450
  • https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=9072911b-3954-4807-b04f-cb56b03d8384&bidswitch_ssp_id=sonobi
Request Chain 451
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
Request Chain 452
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003&rndcb=5409532043 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=9072911b-3954-4807-b04f-cb56b03d8384&google_hm=OTA3MjkxMWItMzk1NC00ODA3LWIwNGYtY2I1NmIwM2Q4Mzg0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELIc3dDknO2SL8VkG6FMPG8&google_cver=1&ssp=adconductor&bsw_param=9072911b-3954-4807-b04f-cb56b03d8384 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/9072911b-3954-4807-b04f-cb56b03d8384?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
Request Chain 453
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4bd1642a73
Request Chain 454
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8a642afe-5d17-40bb-8683-1af086bcf2f6&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ejZzOWZXd09mbHhnVXlwTDU4WnZMUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEpRTAhLsWLYSajdGi4uhMU&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=chCBhgRw7lAX
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEQIr7JLYQLOf4UQjnC0yJg&google_cver=1
Request Chain 468
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=25b37e5a-a266-11eb-a3df-197e22df0506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjViMzdlMWItYTI2Ni0xMWViLWEzZGYtMTk3ZTIyZGYwNTA2
Request Chain 475
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=c1b0cf8aca42a5482172768a2d40bd86cc6b29c875cbf548ca5d0dbdb9879c41&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
Request Chain 479
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHQM_2jt3VvJXce319hcXL4&google_cver=1&google_push=AQvitUJrH0nkFGItdZVdaH1AP3iPxPJNU9La-h6UhAMUBQ9YH7a18UhynZPF9v4858OupqiPU2Ya1FmqZCluiKEsVPDIao1iuTfR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUJrH0nkFGItdZVdaH1AP3iPxPJNU9La-h6UhAMUBQ9YH7a18UhynZPF9v4858OupqiPU2Ya1FmqZCluiKEsVPDIao1iuTfR
Request Chain 480
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJWWR7_Ejf-B32xq9w1kui0&google_cver=1&google_push=AQvitUJOC8AChT58BloPIKMK3p5p6UU3jQbspgksv5cLuaBlkJENs6zsuC-OqIIWklEtGtPUVK7F_ZXy5gWDizblwUYnAHs5pj0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUJOC8AChT58BloPIKMK3p5p6UU3jQbspgksv5cLuaBlkJENs6zsuC-OqIIWklEtGtPUVK7F_ZXy5gWDizblwUYnAHs5pj0&google_hm=ZzVlNzBhY2E4ZWZlZDk1NTY2ZjU=
Request Chain 481
  • https://match.360yield.com/match/ebda?google_gid=CAESEHdmTCieraliXyCQ5P9KLqg&google_cver=1&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wCFJcySXgwdpQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHdmTCieraliXyCQ5P9KLqg&google_cver=1&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wCFJcySXgwdpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NT9z5khvSqKkbwHCeLLSXg&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wCFJcySXgwdpQ
Request Chain 482
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOy-Pcf6zwf9trYa7FR7-bw&google_cver=1&google_push=AQvitUIXv89T0LvX-ZZk0y3iuLyzNl_vlCcU1APN6T7EFNZgNRjMZo-HJToi5u0WLJIrlTdvGYNaaVN1NeVaqW_NjVZzIxWczJH7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ2ZNUVNSRTJ1SFRCQjJjSUtLeENjcUZOUnN0Y3daX35B&google_push=AQvitUIXv89T0LvX-ZZk0y3iuLyzNl_vlCcU1APN6T7EFNZgNRjMZo-HJToi5u0WLJIrlTdvGYNaaVN1NeVaqW_NjVZzIxWczJH7
Request Chain 484
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEBpgJMjZODol5fbqrY0mb7I&google_cver=1&google_push=AQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbikZXSuZstRXb8tw HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dffed401b-9d40-4d90-b62f-d2d1ff32da96%26google_push%3DAQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbikZXSuZstRXb8tw&ssp=googlevid&exu=CAESEBpgJMjZODol5fbqrY0mb7I HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=ffed401b-9d40-4d90-b62f-d2d1ff32da96&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dffed401b-9d40-4d90-b62f-d2d1ff32da96%26google_push%3DAQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbikZXSuZstRXb8tw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=ffed401b-9d40-4d90-b62f-d2d1ff32da96&google_push=AQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbikZXSuZstRXb8tw
Request Chain 487
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=cf02b015bbca6aaa90f2413940520f707defaeb59e1eb194b872f45e275312ae&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=cf02b015bbca6aaa90f2413940520f707defaeb59e1eb194b872f45e275312ae&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/js?tpid=48&tpuid=d9770ede1ccc1f9da9073463169cd244
Request Chain 507
  • https://bcp.crwdcntrl.net/5/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Request Chain 509
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YH__SwAAV0VTVQA4 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YH__SwAAV0VTVQA4&_test=YH__SwAAV0VTVQA4
Request Chain 510
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/cd4b94c5519b9be4ec88b1f30621bfa0/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4176696962978341924
Request Chain 512
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=7cee8cc5-506d-4aa9-80c6-acfad890f414-607fbe4b-4348
Request Chain 513
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=cd4b94c5519b9be4ec88b1f30621bfa0&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=cd4b94c5519b9be4ec88b1f30621bfa0&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=298ef253-a266-11eb-8c41-9e061214b81a%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D298ef253-a266-11eb-8c41-9e061214b81a&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=298ef253-a266-11eb-8c41-9e061214b81a%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D298ef253-a266-11eb-8c41-9e061214b81a&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d23b2ac5-c0bf-488b-af53-2af4f7cb8584&ttd_puid=298ef253-a266-11eb-8c41-9e061214b81a%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D298ef253-a266-11eb-8c41-9e061214b81a HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=298ef253-a266-11eb-8c41-9e061214b81a
Request Chain 514
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8254793454157897200 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEINMpaJl_fd2A5sNdywsJ9s&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=4hbIMcpWKe-RFq1cJItGjr1ag&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 516
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent=&google_gid=CAESEINMpaJl_fd2A5sNdywsJ9s&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 518
  • https://a248.e.akamai.net/chartbeat.download.akamai.com/102508/js/chartbeat.js HTTP 302
  • https://r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net/.36898.1602645843.659199./102508/js/chartbeat.js
Request Chain 527
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid= HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=7cbf18d8-61f9-463b-863d-587d79dab652

529 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ptonline.net/
Redirect Chain
  • http://ptonline.net/
  • https://www.ptonline.net/
298 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
bff6b183f2df24cf5dddd36c459e5149dbfb9d38fc4f61cf17d753f0f4f47d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.ptonline.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-type
text/html; charset=UTF-8
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Apr 2021 05:55:05 GMT
x-robots-tag
noarchive
x-xrds-location
https://www.ptonline.net/tncms/xrds/
x-ua-compatible
IE=edge
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js>; rel=preload; as=script
x-tncms
1.57.1; app8; 0.62s; 4.8M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
etag
W/e3deee58082fe7bd85ea50075219c32b
content-encoding
gzip
vary
X-IPCountry, Accept-Encoding
age
0
x-vcache
MISS
accept-ranges
bytes
content-length
49886

Redirect headers

date
Wed, 21 Apr 2021 05:47:35 GMT
content-type
text/html; charset=UTF-8
x-loop
1
x-robots-tag
noarchive
x-xrds-location
https://www.ptonline.net/tncms/xrds/
location
https://www.ptonline.net/
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms
1.57.1; app3; 0.01s; 1.2M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
vary
Accept-Encoding
age
449
set-cookie
TNNoMobile=1; path=/; expires=Thu, 2 Aug 2031 20:47:11 UTC
cache-control
public, max-age=10
x-vcache
HIT
content-length
1749
jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4abecc62-ZRH
last-modified
Wed, 09 Sep 2020 19:56:59 GMT
cf-request-id
0994982c510000cc62cb903000000001
x-vcache
MISS
server
cloudflare
etag
W/"5f59338b-18813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 25 Feb 2022 08:01:55 GMT
user.js
www.ptonline.net/shared-content/art/tncms/user/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ptonline.net/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
ce16ba482ca225565e65d98c1a2b78ed5abe790df147fd42743091df99f8244f

Request headers

:path
/shared-content/art/tncms/user/user.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ptonline.net
referer
https://www.ptonline.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:53:03 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 17:02:26 GMT
age
123
etag
W/"607f0922-1f69"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3072
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4abacc62-ZRH
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id
0994982c510000cc628f381000000001
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sun, 07 Nov 2021 05:36:14 GMT
common.5ee3960b4d37bc106988fa535b393865.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4abccc62-ZRH
last-modified
Fri, 23 Oct 2020 13:08:36 GMT
cf-request-id
0994982c510000cc62ecbf0000000001
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5d4-8a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 04 Nov 2021 08:13:15 GMT
tnt.1477faac295a3745e4796d2263e75f11.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d5ad9cc62-ZRH
last-modified
Wed, 24 Feb 2021 19:05:23 GMT
cf-request-id
0994982c5b0000cc62da07e000000001
x-vcache
MISS
server
cloudflare
etag
W/"6036a373-1bf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 25 Feb 2022 10:31:24 GMT
application.93d1db0a57d520951552a1dcd8fd9aeb.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d5adacc62-ZRH
last-modified
Wed, 24 Feb 2021 19:05:22 GMT
cf-request-id
0994982c5c0000cc62f2362000000001
x-vcache
MISS
server
cloudflare
etag
W/"6036a372-f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 25 Feb 2022 11:13:10 GMT
tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d5adbcc62-ZRH
last-modified
Wed, 24 Feb 2021 19:05:23 GMT
cf-request-id
0994982c5c0000cc626c913000000001
x-vcache
MISS
server
cloudflare
etag
W/"6036a373-925"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 25 Feb 2022 11:13:10 GMT
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4ab3cc62-ZRH
last-modified
Fri, 23 Oct 2020 13:08:03 GMT
cf-request-id
0994982c4f0000cc62ccb5c000000001
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5b3-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 05 Nov 2021 10:59:06 GMT
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4ab5cc62-ZRH
last-modified
Thu, 05 Nov 2020 18:39:23 GMT
cf-request-id
0994982c500000cc62ec3c3000000001
x-vcache
MISS
server
cloudflare
etag
W/"5fa446db-7257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 06 Nov 2021 09:55:57 GMT
layout.88630b645c9697f0c3abcfa274bd39d5.css
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		130 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.88630b645c9697f0c3abcfa274bd39d5.css
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5063e7790562879f5b73d232edd29f3966afccf2e4938199b89ef26c7998075
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4ab6cc62-ZRH
last-modified
Mon, 12 Apr 2021 20:31:22 GMT
cf-request-id
0994982c500000cc6275006000000001
x-vcache
MISS
server
cloudflare
etag
W/"6074ae1a-209cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 12 Apr 2022 21:07:20 GMT
theme-basic.0740431ec2aa31f2e7d813ea5c660a8d.css
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.0740431ec2aa31f2e7d813ea5c660a8d.css
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e67b8aa737ee25d9afa29a6d7ffb395d2390167df4ac9c8e22c23bd372f30d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4ab7cc62-ZRH
last-modified
Fri, 29 Jan 2021 17:57:46 GMT
cf-request-id
0994982c510000cc627c3de000000001
x-vcache
MISS
server
cloudflare
etag
W/"60144c9a-a4c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 02 Feb 2022 20:02:23 GMT
site.css
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/live/global/resources/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/live/global/resources/styles/site.css?_dc=1503084960
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d820f07de3581d48a6d0abc35ec099dc89baa01ab930c8962288566f98c06ae1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d4ab9cc62-ZRH
last-modified
Fri, 18 Aug 2017 19:36:00 GMT
cf-request-id
0994982c510000cc62bc1f1000000001
x-vcache
MISS
server
cloudflare
etag
W/"599741a0-1727"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 25 Feb 2022 11:13:10 GMT
cc.js
tags.crwdcntrl.net/c/6893/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/6893/cc.js?ns=_cc6893
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-8.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a4b63c39d5a2746c94fe06cd2dd8ebc7f76b66c2bc423d5f0da630c9cd35090

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 20 Apr 2021 18:35:56 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 16:50:38 GMT
server
AmazonS3
age
40751
etag
W/"39ab9965026eec1d99798a96510f6eb1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
1Z0IW4n9DH4UzYw0y3sVNoaAHQpUMuKfLj5slQ4Tng5WBC2hBa_lpQ==
Livefyre.js
cdn.livefyre.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livefyre.com/Livefyre.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20ed0b022f659b70db30edaa55a17648496ad625bfb058e5ce77398ba7a12f1d

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RFAXiOugkfeaIepBU22FDak74KjtlOLY
Content-Encoding
gzip
ETag
"d8897aae3c2967589744509b6a444d58"
Age
1914
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
710
Last-Modified
Wed, 28 Oct 2020 05:38:10 GMT
Server
AmazonS3
Date
Wed, 21 Apr 2021 05:23:13 GMT
Content-Type
application/javascript
Via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, no-transform, public
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
CgPAk8AhknKjjdf3t4Dknm3OI36sFED75LMjn1l-mEFTPVGF1O-7Dw==
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		198 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8d5adccc62-ZRH
last-modified
Thu, 05 Nov 2020 18:41:10 GMT
cf-request-id
0994982c5c0000cc628b29b000000001
x-vcache
MISS
server
cloudflare
etag
W/"5fa44746-c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sun, 07 Nov 2021 07:17:36 GMT
tracking.js
www.ptonline.net/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ptonline.net/shared-content/art/tncms/tracking.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

:path
/shared-content/art/tncms/tracking.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ptonline.net
referer
https://www.ptonline.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:53:03 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 17:02:26 GMT
age
123
etag
W/"607f0922-a4b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1149
service-worker-allowed
/
fontawesome.edd147e4c2830f416874012247117438.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		252 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.edd147e4c2830f416874012247117438.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8e8ca3cc62-ZRH
last-modified
Mon, 16 Nov 2020 16:05:16 GMT
cf-request-id
0994982d100000cc62ccb68000000001
x-vcache
MISS
server
cloudflare
etag
W/"5fb2a33c-3f1a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 20 Nov 2021 09:22:23 GMT
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.197 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-197.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:06 GMT
Content-Encoding
gzip
x-amz-request-id
3Z1N8KVYXVG1ST8F
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
W6LPfNVZAOTfB3rqW5aPM76CaTCNBn9HoMLAQ1I+zt/2RFW4kqtNljTl59wVHO+Ap/hoNP7C/+A=
Last-Modified
Tue, 13 Apr 2021 17:19:57 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
tracker.js
www.ptonline.net/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ptonline.net/shared-content/art/stats/common/tracker.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f

Request headers

:path
/shared-content/art/stats/common/tracker.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.ptonline.net
referer
https://www.ptonline.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:53:03 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 20:55:05 GMT
age
123
etag
W/"60493229-2242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3240
service-worker-allowed
/
retailadvertiser
casmp.adperfect.com/widget/
Redirect Chain
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.182.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-182-239.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e8860b0cd272721125bd838f03ebde175d214a139f46ec9ea522882234e999fa

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
content-length
2724
expires
Wed, 21 Apr 2021 06:55:07 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:06 GMT
Via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
Content-Type
text/html; charset=UTF-8
Location
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
ToY1spOZod64LByymN7yaWEsEH5JsmXDKKevddM16g8o4r3PmTYoVg==
Expires
Wed, 21 Apr 2021 06:55:06 GMT
widgey-dug.php
japfg-trending-content.appspot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
083c12c04d0c2888bd4854b249e0c98eee8f4ac9910a9bc4afa4d6799a3e979f

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
via
1.1 google
server
nginx
content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
5ea0aa9959c53.image.png
bloximages.chicago2.vip.townnews.com/bdtonline.com/content/tncms/assets/v3/editorial/c/0b/c0b63c4e-84d8-11ea-98f1-2786dfea5cc4/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/bdtonline.com/content/tncms/assets/v3/editorial/c/0b/c0b63c4e-84d8-11ea-98f1-2786dfea5cc4/5ea0aa9959c53.image.png?resize=300%2C200
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa5f7badff05caaec3b0a532d532dc17f7189e1084bf229a1bb7667e7a6e064
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8e8ca6cc62-ZRH
last-modified
Wed, 22 Apr 2020 20:35:37 GMT
cf-request-id
0994982d110000cc62982c7000000001
x-vcache
MISS
server
cloudflare
etag
"7c8bfa0e47a174465de0bf423e84c7f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 20 Nov 2021 09:31:01 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF7) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
506401
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (frc/8FF7)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f511bc5f-001e-005b-3cd7-31c136000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
rtj_ad.jpg
static.cnhionline.com/cnhi/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/cnhi/images/rtj_ad.jpg
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
9bb012cc09308b790e3083842dbe5d5cbb593e17f12b0431d7c92f64d7644c22

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:07 GMT
Last-Modified
Tue, 03 Jan 2017 15:10:36 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"580e548c-5802-54532120a1895"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
22530
vf-v2.js
cdn.viafoura.net/ 		631 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cb8c61606b5609804f5e0e1ebea58628e226cf9f9814dfdabd26abfe4a6c517

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PUUp5L9g0TJ.o9EgA.EQy4MlxidcX99m
content-encoding
gzip
etag
"3248a749cc8f4000ca10731e51f7f00e"
age
262
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
164911
last-modified
Tue, 20 Apr 2021 17:00:07 GMT
server
AmazonS3
date
Wed, 21 Apr 2021 05:50:46 GMT
content-type
application/javascript; charset=utf-8
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
IqJM-kMFkdIDqH9qYfBwe3GboHGZ6HKDKrgoizJVGYdkxrvszZK3Kg==
tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67aa6b2a6e81fa0331589f7fbd4c5b38bdf0cee81568eb7d7fba48fe1c04b86a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
cf-ray
64345c8e8c9fcc62-ZRH
last-modified
Fri, 23 Oct 2020 13:09:59 GMT
cf-request-id
0994982d100000cc62fa1ba000000001
x-vcache
MISS
server
cloudflare
etag
W/"5f92d627-f70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 03 Nov 2021 16:50:10 GMT
gtm.js
www.googletagmanager.com/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02558c84af9e0e5d3d1724620492750507a53b856834f1f316a7b2e31cfe8312
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 05:55:06 GMT
Livefyre.min.js
cdn.livefyre.com/libs/Livefyre/v1.1.16/builds/1603863197719/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livefyre.com/libs/Livefyre/v1.1.16/builds/1603863197719/Livefyre.min.js
Requested by
Host: cdn.livefyre.com
URL: https://cdn.livefyre.com/Livefyre.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9714dfdfb3ed9a3e0f720a0f879d780d9f4def3c5dc93d182024b7ac90ec2fa

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 04:21:52 GMT
Content-Encoding
gzip
Age
6485595
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
24376
Last-Modified
Wed, 28 Oct 2020 05:35:06 GMT
Server
AmazonS3
ETag
"0479b7e07fe9275b45dd35b720db67d4"
x-amz-version-id
SgGD1Od1lW4nmfuquiPcbyHSwUyHTW5Q
Via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
dBTwMkI2vtSZsYVG0_eGfEA9Hud32yAqjYWsZsIgnMGBMrZVa-WdkQ==
juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
bandborder.com/v2/0/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d4ebf7275b924a01bcdb15cd80c0c128f7ac76551cc8a0b222cee8da061ec347
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"3f037e0645595f6c83c93bff05230ddfff893a4bde0581e4df073b98cb2558ca"
vary
Accept-Encoding, Accept-Language
x-hostname
f8becdc5
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 21 Apr 2021 05:55:06 GMT
timing-allow-origin
*
yntjtDuCKpU_DzI8Nck54TxCxB_A-u6nyZtY_3sEcL6HhbME9-5NG8my7Sr7MTZrF6sJHibBw
bandborder.com/v2/0/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/yntjtDuCKpU_DzI8Nck54TxCxB_A-u6nyZtY_3sEcL6HhbME9-5NG8my7Sr7MTZrF6sJHibBw
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
13fd18dc0f6512b498bddf7429cceeb5b9b0e30e71e06c7bef4d7c55b4ee2287
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"81a31d6743e8f8054f3d5fcaf73eac2b9d3ea5d505cacb7cecc6e3559bc23ef7"
vary
Accept-Encoding, Accept-Language
x-hostname
f8becdc5
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 21 Apr 2021 05:55:06 GMT
timing-allow-origin
*
gpt.js
www.googletagservices.com/tag/js/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eeddc146e157b9c9b65f443157044a5621ece80faee65b3aa8881159599ed52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"848 / 377 of 1000 / last-modified: 1618956773"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21114
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:06 GMT
adb.1710310.min.js
prod.adspsp.com/ 		228 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.1710310.min.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-31.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaec63d39d82ddcd8759566cd72b1fa5757b7cf44d2b768af4eec094786829c1

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:03:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 21:36:28 GMT
Server
AmazonS3
Age
4464
ETag
W/"1a03ef1697effd9801804e6036bda306"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
ZRH50-C1
X-Amz-Cf-Id
reLgvSTSYkFWbp5_mKJ6cINLJpIiUoUraTlRW2la-USjbeg68hmLbw==
tracker.gif
www.ptonline.net/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ptonline.net/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=www.ptonline.net&tnms_uri=/&tnms_ref=&rt=1618984506633
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=www.ptonline.net&tnms_uri=/&tnms_ref=&rt=1618984506633
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.ptonline.net
referer
https://www.ptonline.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		89 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFRW6D
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8cc7d08a036b8913f85dfa61280662520233a98b12f865c32c6a77d41df48fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34565
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 05:55:06 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021042001.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 08:40:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:06 GMT
b673e5f6-3840-11e8-b3ba-47d5848b489f.png
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/custom/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/custom/image/b673e5f6-3840-11e8-b3ba-47d5848b489f.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f422aa0dd0db9d46a55015f3a87450edc1dc483a93545bea85034570ddf1e8f0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 04 Apr 2018 19:45:22 GMT
content-length
4685
cf-request-id
0994982e000000cc628e27e000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5ac52b52-124d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64345c900f77cc62-ZRH
expires
Sat, 19 Mar 2022 07:18:55 GMT
6079b1386b683.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/c/32/c32fff16-9eca-11eb-9bf5-37017875c16a/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/c/32/c32fff16-9eca-11eb-9bf5-37017875c16a/6079b1386b683.image.jpg?resize=640%2C369
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c441d543d0114785019fc3524fc793824aa68ce6ce915edf1abd048a22e33b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 16 Apr 2021 15:46:01 GMT
cf-bgj
h2pri
cf-request-id
0994982e010000cc62d2907000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"1ff47e9164ce1da7630e46f1824a8ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345c900f7acc62-ZRH
expires
Sat, 16 Apr 2022 16:35:11 GMT
6079b0d9beee0.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/8/47/847b0da6-9eca-11eb-b019-f323d5b47224/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/8/47/847b0da6-9eca-11eb-b019-f323d5b47224/6079b0d9beee0.image.jpg?resize=640%2C519
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5222dff357f49a2546effa2051ef935b85283a8a284abd0bf5659b74cdb444f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 16 Apr 2021 15:44:27 GMT
cf-bgj
h2pri
cf-request-id
0994982e010000cc62e63f3000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"a287faae5d361f37d527506ad94aa6c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345c900f7ccc62-ZRH
expires
Sat, 16 Apr 2022 16:35:11 GMT
5dfd06617bc81.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/1/34/134c3b66-234f-11ea-9754-db4b7e62a874/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/1/34/134c3b66-234f-11ea-9754-db4b7e62a874/5dfd06617bc81.image.jpg?resize=225%2C225
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a65e62c8d6cdb6611bd810f6ec404f7ba95b5a688d1574b5aa874b09489f9e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 20 Dec 2019 17:35:29 GMT
cf-bgj
h2pri
cf-request-id
0994982e010000cc62719a5000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"c75f7936d16f925baa1437ebe7baf01f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345c900f7fcc62-ZRH
expires
Tue, 05 Apr 2022 23:01:57 GMT
5ec7e090b90aa.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/d/aa/daa517ee-9c37-11ea-b30e-43bf78ee7651/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/d/aa/daa517ee-9c37-11ea-b30e-43bf78ee7651/5ec7e090b90aa.image.jpg?resize=200%2C200
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcafdcad78991d3d3249143d4da35079da917e2bbbb5d2faad9a2c23e0f468b5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 22 May 2020 14:24:16 GMT
cf-bgj
h2pri
cf-request-id
0994982e020000cc62bc213000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"34abd5ab9cf62c2b4f7259ce606e964f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345c900f82cc62-ZRH
expires
Sat, 26 Mar 2022 15:11:37 GMT
604b7c1e8768e.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/1/85/1851f586-8340-11eb-bf70-37fbadfabdaf/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/1/85/1851f586-8340-11eb-bf70-37fbadfabdaf/604b7c1e8768e.image.jpg?resize=200%2C129
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c94bc66128bca13095b13eb8dc3b046da3793ba36036892489728ed0c7fb6c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
cf-cache-status
HIT
last-modified
Fri, 12 Mar 2021 14:35:10 GMT
strict-transport-security
max-age=604800
content-length
6432
cf-request-id
0994982e020000cc62db02a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"ae4d666effd90a5824d029261ecc6601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 16 Apr 2022 18:23:08 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64345c900f86cc62-ZRH
cf-bgj
h2pri
5e7e1151b964a.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/6/c5/6c5a34c4-7039-11ea-8e57-7b2dd1e003e7/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/6/c5/6c5a34c4-7039-11ea-8e57-7b2dd1e003e7/5e7e1151b964a.image.jpg?resize=200%2C120
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc6cdf797dc5770d09dc38ec5f72b9b7734f7615a35b8079c0d47b6cf7df1eea
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 27 Mar 2020 14:44:33 GMT
cf-bgj
h2pri
cf-request-id
0994982e030000cc62ea039000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"e26d5a525fae9173cbc997e0f635f76e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345c900f89cc62-ZRH
expires
Sat, 16 Apr 2022 18:23:08 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6929
date
Wed, 21 Apr 2021 03:59:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 21 Apr 2021 05:59:37 GMT
gtm.js
www.googletagmanager.com/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b6b5c6402a3e494e72873d44c9062547e3727c595d77a5fad80ad6e7afaa0a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33112
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 05:55:06 GMT
customprofiles.min.js
cdn.livefyre.com/libs/identity/v1.2.7/simple/javascripts/ 		658 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livefyre.com/libs/identity/v1.2.7/simple/javascripts/customprofiles.min.js
Requested by
Host: cdn.livefyre.com
URL: https://cdn.livefyre.com/libs/Livefyre/v1.1.16/builds/1603863197719/Livefyre.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa0b624ff4867c372d6a3b436edce8bdb4254bd8c513af21843c26b48352f22f

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 19:15:58 GMT
Content-Encoding
gzip
Age
211149
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
143208
Last-Modified
Thu, 21 Feb 2019 23:14:03 GMT
Server
AmazonS3
ETag
"0bf6a296b6ec89e4998613e5899b29d1"
x-amz-version-id
null
Via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, no-transform, public
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Amz-Cf-Id
IPk7vimDcxMHIR_EqmZlgZBkBB1jIC3so0P2vWZuFWGUSw8v97wSuQ==
liveView.php
live.sekindo.com/live/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
62140a0eebfccd7d8dcd30c68b34b1536e38e50c53428fde44a949f791184b3e

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
gtm.js
www.googletagmanager.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05f1fd3908be3ba71c0c7a1218b4d3ca91b9a94b990b8f8680d9bd3f36c41a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38208
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 05:55:06 GMT
ho2RfNts3sE
www.youtube.com/embed/ Frame 8D86 		50 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
edb5b368ed91e9d01c2207e23ae5e350ed2812d34a303928c4244a3c90393171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 21 Apr 2021 05:55:06 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=wLOQgDN2iYc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=YOrC5KCWOG4; Domain=.youtube.com; Expires=Mon, 18-Oct-2021 05:55:06 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+723; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe_api
www.youtube.com/ 		1005 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04cf12040b9fa204f13ed7707a1b3c142024dedb5ffb69d27a22f3f50f4eb7b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:06 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
apstag.js
c.amazon-adsystem.com/aax2/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:34:16 GMT
content-encoding
gzip
server
Server
age
26450
etag
24ac8c0f0d59670e43bc0b1990070642
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
bUaPP2RtxjS95_NJgmCVBjhAaNU4P77K
x-amz-cf-id
QEsM-OarPGATs0yMLifGMoXt-A8UYnBbJ6XqlAoNygn_2bLLHHuxmQ==
/
geo.adspsp.com/ 		4 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4400:1e:7118:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45eb99befd19d2d5e9c5dcae94b0fc105465f91907ed1dca5d47ef374863b966

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 21 Apr 2021 05:55:07 GMT
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-length
4
x-amz-cf-id
Q5n6cen8ZrH1341d1TOWIpegKZDjmXoCOCCAoYs3gN_E57rWURt0gg==
x-cache
Miss from cloudfront
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.ptonline.net%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.166.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-166-208.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
ee795c053b52403400d4442f187a8af1fe627e86e44c42a859bf1866e2efdbc4

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
809
expires
Mon, 1 Jan 1990 12:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
etag
"9RlLmuIKdNbmR7Vwrq8Y0A=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 28 Apr 2021 05:55:07 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
419
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Wed, 21 Apr 2021 06:48:08 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
www-widgetapi.js
www.youtube.com/s/player/ae5b2092/www-widgetapi.vflset/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5b95ce9998f059dfab5b00d4a0aa06783d06a3cb7c0a1cc2fcbdf75b1429ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 15:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
50957
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39909
x-xss-protection
0
expires
Wed, 20 Apr 2022 15:45:50 GMT
/
identity.livefyre.com/cnhi.fyre.co/api/v1.0/public/config/js-config/ 		788 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.livefyre.com/cnhi.fyre.co/api/v1.0/public/config/js-config/
Requested by
Host: cdn.livefyre.com
URL: https://cdn.livefyre.com/libs/identity/v1.2.7/simple/javascripts/customprofiles.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.251.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-251-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4f907c8d1f5a48f647cc332062abfd07fd31b4896a90d2c6f678a43fdc13bca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin, Cookie
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa OUR NOR"
Access-Control-Allow-Methods
POST, GET, DELETE
Connection
keep-alive
Content-Length
459
x-xss-protection
1; mode=block
Server
nginx
Access-Control-Max-Age
600
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.ptonline.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Content-Type, X-FORWARDED-FOR, X-FORWARDED-PROTO, X-REAL-IP, CLIENT-IP, X-FORWARDED, X-CLUSTER-CLIENT-IP, FORWARDED, VIA, REMOTE-ADDR
/
identity.livefyre.com/cnhi.fyre.co/api/v1.0/public/config/js-config/ 		788 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.livefyre.com/cnhi.fyre.co/api/v1.0/public/config/js-config/
Requested by
Host: cdn.livefyre.com
URL: https://cdn.livefyre.com/libs/identity/v1.2.7/simple/javascripts/customprofiles.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.251.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-251-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e89870dc9cf66e617d644a33a6f94b05136938be545322d83da59a77cc18bf51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin, Cookie
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa OUR NOR"
Access-Control-Allow-Methods
POST, GET, DELETE
Connection
keep-alive
Content-Length
457
x-xss-protection
1; mode=block
Server
nginx
Access-Control-Max-Age
600
Strict-Transport-Security
max-age=31536000; includeSubDomains;
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.ptonline.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Content-Type, X-FORWARDED-FOR, X-FORWARDED-PROTO, X-REAL-IP, CLIENT-IP, X-FORWARDED, X-CLUSTER-CLIENT-IP, FORWARDED, VIA, REMOTE-ADDR
js
www.googletagmanager.com/gtag/ 		124 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b011350c5c7037ae08e9630d16b2308504f0e7f57d0300b239693f35aca1277f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48553
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:07 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		3 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 08:28:21 GMT
via
1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 21:03:26 GMT
server
AmazonS3
age
77207
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
iwmNzLCXOY7vmFTGjcZOFZbNaeN5ZT5ZzpqmuqnZIkKubQUaO7075A==
/
adspsp.com/pt/1710310/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/19/1/?a=2,aX0,KzGRimUTkk&aa=&b=&e=&c=https%3A%2F%2Fwww.ptonline.net%2F&d=&f=1.knr1kn1b.1T1id&g=1T1mm&u=a3a859e5:knjejvsv:1tg&v=18g.xc.0.2cb&rnd=1618984507101
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.91.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-91-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
liveView.php
live.sekindo.com/live/ Frame 2DEC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
bdc0b003a735b81fd352c2320f54490eb7c53f1385ef1d5dfedfa6c404e63874

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
Rd_w1Bp65GU_pIFblFLX0c3hBxJTX00vs0GpatiKzx-DP9x5E3J4YA==
www-player-webp.css
www.youtube.com/s/player/ae5b2092/ Frame 8D86 		358 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b798b6daa4a405f86068d2e8f4c30af9aadf6e6f80fa93105329d61c21f37564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 15:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
50936
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53821
x-xss-protection
0
expires
Wed, 20 Apr 2022 15:46:11 GMT
www-embed-player.js
www.youtube.com/s/player/ae5b2092/www-embed-player.vflset/ Frame 8D86 		186 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e8ab925b2b97be2237c1fcfabc66708c9075a00fae6bb5428c20e9e6171ac0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 15:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
50942
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67308
x-xss-protection
0
expires
Wed, 20 Apr 2022 15:46:05 GMT
base.js
www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/ Frame 8D86 		2 MB
518 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5920f386bf3cc120731e088273377cbbd2a81d93188572c88c6028c8a1df0293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 20:47:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
32880
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530451
x-xss-protection
0
expires
Wed, 20 Apr 2022 20:47:07 GMT
fetch-polyfill.js
www.youtube.com/s/player/ae5b2092/fetch-polyfill.vflset/ Frame 8D86 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 15:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
50942
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Wed, 20 Apr 2022 15:46:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D86 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
244289
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe472&_p=1986106146&sr=1600x1200&ul=en-us&cid=158815272.1618984507&_s=1&dl=https%3A%2F%2Fwww.ptonline.net%2F&dt=ptonline.net&sid=1618984507&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.skin_version=3.155.0&ep.subscription_required=No&epn.blox_render_time=620&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-54716522-7&cid=158815272.1618984507&jid=104760187&gjid=1718761051&_gid=1232923089.1618984507&_u=aCDAgUALAAQCAE~&z=1460156782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-3858828-51&cid=158815272.1618984507&jid=1422532436&gjid=1062499687&_gid=1232923089.1618984507&_u=aCDAgUALAAQCAE~&z=1849595986
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2313981-1&cid=158815272.1618984507&jid=57336652&gjid=785312717&_gid=1232923089.1618984507&_u=aCDAgUALAAQCAE~&z=627634193
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1986106146&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ptonline.net%2F&ul=en-us&de=UTF-8&dt=ptonline.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=homepage&ev=1&_u=aCDAAUALAAQCAG~&jid=1636870386&gjid=1852470884&cid=158815272.1618984507&tid=UA-3858828-51&_gid=1232923089.1618984507&_r=1&gtm=2wg472TFRW6D&z=2049604051
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1986106146&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ptonline.net%2F&ul=en-us&de=UTF-8&dt=ptonline.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUALAAQC~&jid=104760187&gjid=1718761051&cid=158815272.1618984507&tid=UA-54716522-7&_gid=1232923089.1618984507&gtm=2wg472PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.ptonline.net%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=620&z=1157841143
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71489
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1986106146&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ptonline.net%2F&ul=en-us&de=UTF-8&dt=ptonline.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUALAAQCAE~&jid=1422532436&gjid=1062499687&cid=158815272.1618984507&tid=UA-3858828-51&_gid=1232923089.1618984507&gtm=2wg472TFRW6D&cd2=1618984506988.zowwqmlk&cd3=2021-04-21T07%3A55%3A06.988%2B02%3A00&z=1616516530
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71489
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1986106146&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ptonline.net%2F&ul=en-us&de=UTF-8&dt=ptonline.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUALAAQCAE~&jid=57336652&gjid=785312717&cid=158815272.1618984507&tid=UA-2313981-1&_gid=1232923089.1618984507&gtm=2wg472TFRW6D&z=1774807090
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71489
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
iab_consent_sdk.v1.0.js
live.sekindo.com/content/ClientDetections/ Frame 2DEC 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Apr 2022 05:55:06 GMT
DetectGDPR2.v1.1.js
live.sekindo.com/content/ClientDetections/ Frame 2DEC 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:49 GMT
server
nginx
etag
W/"6024fccd-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Apr 2022 05:55:06 GMT
DetectGDPR.v1.1.js
live.sekindo.com/content/ClientDetections/ Frame 2DEC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Apr 2022 05:55:07 GMT
hls.0.12.4_2.min.js
live.sekindo.com/content/video/hls/ Frame 2DEC 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Apr 2022 05:55:06 GMT
prebidVid.4.8.0_5.min.js
live.sekindo.com/content/prebid/ Frame 2DEC 		319 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
df8b8eed2ce43f8c47485a39b1d4b3c2b1f2253c7c74584392583da180160072

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
last-modified
Sun, 04 Apr 2021 12:51:49 GMT
server
nginx
etag
W/"6069b665-4fb4c"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Apr 2022 05:55:06 GMT
liveVideo.php
live.sekindo.com/live/ Frame 2DEC 		502 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=105129&cbuster=1618984506921&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&subId=[SUBID_ENCODED]&x=300&y=250&vp_content=plembed2218xkgopsilt&vp_template=7898&cbuster=1618984507&pubUrlAuto=https%3A%2F%2Fwww.ptonline.net%2F&videoType=normal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5d8864ba1157a8d78bef3e23ee1b1c0f8befe9b46adf11fc358dc835c1c1d339

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
error
quantcount.com/log/ 		0
0
pixel;r=880094901;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.ptonline.net%2F;uht=2;fpan=1;fpa=P0-1137521587-1618984507187;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=b0f2076b-20210419173321;cm=;gdpr=0;ref=;d=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=880094901;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.ptonline.net%2F;uht=2;fpan=1;fpa=P0-1137521587-1618984507187;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=b0f2076b-20210419173321;cm=;gdpr=0;ref=;d=ptonline.net;je=0;sr=1600x1200x24;dst=1;et=1618984507187;tzo=-120;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Eptonline%252Enet%2F%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fptonline%252Enet%2Fcontent%2Ftncms%2Fcustom%2Fi%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Ctitle.ptonline%252Enet%2Csite_name.ptonline%252Enet
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
5f523c6419ba7.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/b/07/b07d0038-eeaf-11ea-8ca6-57ebcdee0beb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/b/07/b07d0038-eeaf-11ea-8ca6-57ebcdee0beb/5f523c6419ba7.image.jpg?resize=200%2C134
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e1a2b0bc982ecd8e1f345a2b2c5fdb26b55008b497aa3e1a0d1b7c697dee7d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Sep 2020 13:08:53 GMT
strict-transport-security
max-age=604800
content-length
8890
cf-request-id
0994982f400000cc62ec3fc000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"cf75e2c213914cef859b4518f113d201"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 16 Apr 2022 16:35:11 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64345c91fb25cc62-ZRH
cf-bgj
h2pri
5ef60d533bd5f.image.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/9/8b/98b80e3a-b7bd-11ea-8d44-3786f3b73914/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/9/8b/98b80e3a-b7bd-11ea-8d44-3786f3b73914/5ef60d533bd5f.image.jpg?resize=200%2C158
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed1b9ca1bc317e3c80e4830a4a49dd2e0a70564e0f8948fa89836fb3188c326
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 26 Jun 2020 14:59:31 GMT
cf-bgj
h2pri
cf-request-id
0994982f400000cc62a8143000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6524e98f0a2c67603a2ec740fa97fc00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345c91fb29cc62-ZRH
expires
Sat, 16 Apr 2022 18:23:12 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 8D86
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af2fb48d5b43ba61b73497d8f21287ecfe8cff23734c9f25211d7be9854e3782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Apr 2021 05:55:07 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8D86 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ae5b2092/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
843
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:56:04 GMT
remote.js
www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/ Frame 8D86 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
346f0d3bc1242b22504b99836c8e2dbc0cdacbbdcd18811b43aa0523241a68dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 15:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
50870
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32778
x-xss-protection
0
expires
Wed, 20 Apr 2022 15:47:17 GMT
VKzjHU7c-rioDEVdL2UNvp3b5HYjdstssPmhv14QpB8.js
www.google.com/js/th/ Frame 8D86 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/VKzjHU7c-rioDEVdL2UNvp3b5HYjdstssPmhv14QpB8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54ace31d4edcfab8a80c455d2f650dbe9ddbe4762376cb6cb0f9a1bf5e10a41f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:47:05 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:30:00 GMT
server
sffe
age
58082
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
expires
Wed, 20 Apr 2022 13:47:05 GMT
embed.js
www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/ Frame 8D86 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ad3124894846d8d22ce097dcf9ee0a9239ae158a9e94cdb626b358a670fc44e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 23:29:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 00:28:24 GMT
server
sffe
age
23164
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24936
x-xss-protection
0
expires
Wed, 20 Apr 2022 23:29:03 GMT
truncated
/ Frame 8D86 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwni3jEVA74XqQMA7CsBog4KnTEjVwJYSAB_ozsKf=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8D86 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwni3jEVA74XqQMA7CsBog4KnTEjVwJYSAB_ozsKf=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
062210729a64576cd6b20e1a51c98a8e6cb86868f40022904d567d94b843e7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 04:13:58 GMT
x-content-type-options
nosniff
age
6069
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3951
x-xss-protection
0
server
fife
etag
"vd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Apr 2021 16:28:06 GMT
maxresdefault.jpg
i.ytimg.com/vi/ho2RfNts3sE/ Frame 8D86 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ho2RfNts3sE/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
901af9254053cc82f344b89be22cb916790bc71e0a14403153e2eb3c25db946e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 04:13:58 GMT
x-content-type-options
nosniff
server
sffe
age
6069
etag
"1617311992"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101013
x-xss-protection
0
expires
Wed, 21 Apr 2021 06:13:58 GMT
primisslate.css
live.sekindo.com/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/video/css/primisslate.css
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2DEC 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bUaPP2RtxjS95_NJgmCVBjhAaNU4P77K
content-encoding
gzip
server
Server
age
26450
etag
24ac8c0f0d59670e43bc0b1990070642
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Tue, 20 Apr 2021 22:34:17 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AAyAVv5tI7N3k5QOZqnXtxK9KTeHwcaQcDN-XY7o2BoqEo63g1K8Rw==
css
fonts.googleapis.com/ 		2 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 05:35:56 GMT
server
ESF
date
Wed, 21 Apr 2021 05:55:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Apr 2021 05:55:07 GMT
analytics.js
s.srvmath.com/2/697322/ Frame 2DEC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=www.ptonline.net&gt=CH&c1=chrome&c2=desktop&c5=&si=22235&pc=105129&_page=https%3A%2F%2Fwww.ptonline.net%2F&r1=37.120.137.166
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6eb9ad1e70a013805db74096fc23f295bf1e4d843760a5296f67c0a6c3ef7c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2513
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6633 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ptonline.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=61393
Expires
Wed, 21 Apr 2021 22:58:20 GMT
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
liveCS.php
live.sekindo.com/live/ Frame ABFD
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=94&advUuid=203594a6-a266-11eb-bb5d-15758c631506
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=94&advUuid=203594a6-a266-11eb-bb5d-15758c631506
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.sekindo.com
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=94&advUuid=203594a6-a266-11eb-bb5d-15758c631506
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

server
nginx
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=203594a6-a266-11eb-bb5d-15758c631506; expires=Thu, 21-Apr-2022 07:01:47 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=94&advUuid=203594a6-a266-11eb-bb5d-15758c631506
X-fe
64
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.sekindo.com/live/ Frame A7D3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D98%2...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=98&advUuid=8c90ff2b-0a3e-4d06-8728-c77ddd8f15c0
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=98&advUuid=8c90ff2b-0a3e-4d06-8728-c77ddd8f15c0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.sekindo.com
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=98&advUuid=8c90ff2b-0a3e-4d06-8728-c77ddd8f15c0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

server
nginx
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=a89926c2-efff-4a02-999b-99b655e06528|1618984507; Version=1; Expires=Thu, 21-Apr-2022 05:55:07 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=98&advUuid=8c90ff2b-0a3e-4d06-8728-c77ddd8f15c0
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
sync.html
s.console.adtarget.com.tr/ Frame 922E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
6be11d672572f6e36879b3176f2cef760ae7484118acf77a4ca7ddab9bbe6cf3

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ptonline.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
928
Access-Control-Allow-Origin
https://www.ptonline.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.sekindo.com/live/ Frame 2DEC 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn21%2Fvideo%2Fusers%2Fconverted%2F22235%2Fvideo_5df2c67d5a683172725343%2Fvid5df32607564c5818143911.mp4&vid_content_id=602406&vid_content_desc=Best+Carrot+Cake+Ever&vid_content_title=Best+Carrot+Cake+Ever&vid_content_duration=77&debugInformation=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=607fbe3b1ec4c&cbuster=1618984507478&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
302f8127bc68f55a4f667cd16e4faad5ef65b3068b8de0c10cd5dc56c71c0921

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.ptonline.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1576
vid5df32607564c5818143911.jpg
video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df32607564c5818143911.jpg?cbuster=1576216072
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
c4e6a4bb5d12bacbf06738f609004c64f4dad714d035d16d421662473522e7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:16:09 GMT
Server
Tengine
ETag
"5f5d48a9-306b"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
12395
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df32608a5565013794175.jpg
video.primis.tech/uploads/cn12/video/users/converted/22235/video_5df2c67d5a683172725343/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df32608a5565013794175.jpg?cbuster=1576216074
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
07138985d660e64a70aba4711bec1871c576f3a24bf99989683b349aa21db2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:16:14 GMT
Server
Tengine
ETag
"5f5d48ae-497a"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
18810
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325f6ec3d5347242166.jpg
video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325f6ec3d5347242166.jpg?cbuster=1576216055
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
93cc3e9c530b86e3d4fea45ba60a7c564d3adc357129a6bbfa47bfa4b0c6b4f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:12:25 GMT
Server
Tengine
ETag
"5f5d47c9-5d7b"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
23931
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325f442faf279621645.jpg
video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325f442faf279621645.jpg?cbuster=1576216053
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
92de3d21ac49770c657801e6e2fb1120fcb29ad42615f3bce226bfa67c0929fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:12:15 GMT
Server
Tengine
ETag
"5f5d47bf-3222"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
12834
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325f19bf4b498986750.jpg
video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325f19bf4b498986750.jpg?cbuster=1576216050
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
74b0e5c3be7648cf0f8036d7ab7db44dfda0b0a349d518f4f43222a7b32e329c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:12:03 GMT
Server
Tengine
ETag
"5f5d47b3-3b93"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15251
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df3260059764319813155.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df3260059764319813155.jpg?cbuster=1576216065
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
17d6df2f6bb3c5591df2d30cd50d6d77891e40ef74234a7161c8477aee6332ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:15:49 GMT
Server
Tengine
ETag
"5f5d4895-4a1d"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
18973
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df32601e9356361613765.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df32601e9356361613765.jpg?cbuster=1576216067
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
d392f062b6e8044d9a6e5c44000127a870d8a4a82077dfb68138940bc6bae041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:15:52 GMT
Server
Tengine
ETag
"5f5d4898-5027"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20519
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df32604c10f5675256846.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df32604c10f5675256846.jpg?cbuster=1576216071
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
33f2bc088a94dd420347882deee79b37e6b583de95d9e6f8f76990961ebfc6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:16:08 GMT
Server
Tengine
ETag
"5f5d48a8-399f"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14751
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325f81ee0c626466840.jpg
video.primis.tech/uploads/cn12/video/users/converted/22235/video_5df2c67d5a683172725343/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn12/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325f81ee0c626466840.jpg?cbuster=1576216057
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
d0a459ced7f9a74beb956c785b60f549ac1327734d29fdc687d31c0beeea2ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:15:18 GMT
Server
Tengine
ETag
"5f5d4876-3dd7"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325db2d49e840128764.jpg
video.primis.tech/uploads/cn20/video/users/converted/22235/video_5df2c67d5a683172725343/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn20/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325db2d49e840128764.jpg?cbuster=1576216028
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
1c51f08a13dcc8932c9a442e006e6ba4808449dde191bf325bef4accfd4791b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:51 GMT
Server
Tengine
ETag
"5f5d476b-3b5e"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15198
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325d549f01879161031.jpg
video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325d549f01879161031.jpg?cbuster=1576216022
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
791f8cc9a7cfb87e5aa55429391ddc6f0fc5196f5395c131ff7b990b157d545e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:33 GMT
Server
Tengine
ETag
"5f5d4759-5449"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
21577
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325d41bcef580840534.jpg
video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325d41bcef580840534.jpg?cbuster=1576216021
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
164f19b43513ca3b3cec320b5429a41fbc8419d22d9ba65fe95980c3d5d2a80c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:09:30 GMT
Server
Tengine
ETag
"5f5d471a-321f"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
12831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325d2d78ce983616218.jpg
video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325d2d78ce983616218.jpg?cbuster=1576216019
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
3f49d8a7b27ca2f31e64da70ea5d8b82c076e4218a24d699b6a57e385435131f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:22 GMT
Server
Tengine
ETag
"5f5d474e-500b"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20491
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325d1a6455538132234.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325d1a6455538132234.jpg?cbuster=1576216018
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
2a15eb19709208c24860afb8126296485223d9d810f102a25483ba8a997ef495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:36 GMT
Server
Tengine
ETag
"5f5d475c-4253"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
16979
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325ca25fd2380440669.jpg
video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325ca25fd2380440669.jpg?cbuster=1576216011
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
ea424354a5d3fdffea6b64ba5cd40f5b8866008d43dc4f0e87080a20a4a381d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:07 GMT
Server
Tengine
ETag
"5f5d473f-41f6"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
16886
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325c797954636844934.jpg
video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325c797954636844934.jpg?cbuster=1576216008
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
c7b857128531c4fa34f1eefd82c475e6845c704aabf1d4344cfdde0fe2037fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:08:46 GMT
Server
Tengine
ETag
"5f5d46ee-4407"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
17415
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325c66addf505795434.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325c66addf505795434.jpg?cbuster=1576216007
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
94f1bdd4c9be8697889866dbd75d7aa63bd152444c1f021cd57c2b109d80e191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:09:57 GMT
Server
Tengine
ETag
"5f5d4735-3cd7"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15575
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325c531779757761499.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325c531779757761499.jpg?cbuster=1576216006
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
59fc0b6bb83e7b8889b36821684285ae763345c811b2d055345a0f5b3b9e06f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:09:54 GMT
Server
Tengine
ETag
"5f5d4732-371f"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14111
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325c24a72c022826479.jpg
video.primis.tech/uploads/cn15/video/users/converted/22235/video_5df2c67d5a683172725343/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn15/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325c24a72c022826479.jpg?cbuster=1576216003
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
9471a2c1d71ac8940442c69fefde8b31202bf5ef4045bd5bbb5eec8fcedc661c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:07:33 GMT
Server
Tengine
ETag
"5f5d46a5-38a7"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14503
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325bd44c63225301636.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325bd44c63225301636.jpg?cbuster=1576215998
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
237936020ffa469a7f88ab945fb45350c745aa6e2f5d4697a878a438a5f98246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:21 GMT
Server
Tengine
ETag
"5f5d474d-2d57"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
11607
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325bc0edc9025765003.jpg
video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325bc0edc9025765003.jpg?cbuster=1576215997
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
1df98cd9b2074fdb87ef7b6f61e2204ac7fe3efda616a193663b00122110d685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:18 GMT
Server
Tengine
ETag
"5f5d474a-3d48"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15688
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325b839c12686551893.jpg
video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325b839c12686551893.jpg?cbuster=1576215993
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
3037210ebdb87c12604c6da341bbdd1c4ade3256fce922eb86e9f6c7a3739aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:09:57 GMT
Server
Tengine
ETag
"5f5d4735-505c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20572
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325dda5b74426125890.jpg
video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325dda5b74426125890.jpg?cbuster=1576216031
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
8e8d3e0327df9bff3e149e3994dd243188ac2457f7f0791cf5eca45e767c1d84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:10:59 GMT
Server
Tengine
ETag
"5f5d4773-4bef"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
19439
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325fb37633343637102.jpg
video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325fb37633343637102.jpg?cbuster=1576216061
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
020b56f49559267c913a47a78d946acc88f728befcd4c57e1f186fc3b1e7e27c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:14:17 GMT
Server
Tengine
ETag
"5f5d4839-500d"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20493
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5df325f04a5ad213402765.jpg
video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn22/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325f04a5ad213402765.jpg?cbuster=1576216049
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Tengine /
Resource Hash
08acd600bd33fcde03a370554e4ce9721995576b692d8a749ecdcca3756e00d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:54:54 GMT
Last-Modified
Sat, 12 Sep 2020 22:11:50 GMT
Server
Tengine
ETag
"5f5d47a6-31c0"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
12736
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sync
x.bidswitch.net/ Frame 2DEC 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=607fbe3b1ec4c&custom_data=607fbe3b1ec4c&gdpr=1&gdpr_consent=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.180.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-180-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
liveCS.php
live.sekindo.com/live/ Frame 2DEC
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=93&advUuid=d5b79ff0-f9fd-4d24-b0a5-a32ae68d0b28
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=93&advUuid=d5b79ff0-f9fd-4d24-b0a5-a32ae68d0b28
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=93&advUuid=d5b79ff0-f9fd-4d24-b0a5-a32ae68d0b28
date
Wed, 21 Apr 2021 05:55:07 GMT
server
_
content-length
0
liveCS.php
live.sekindo.com/live/ Frame 2DEC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D99%26advUuid%3D&C=1
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=99&advUuid=YH--O-fjRDxYPWnCDDm56gAABHIAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=99&advUuid=YH--O-fjRDxYPWnCDDm56gAABHIAAAAB
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=99&advUuid=YH--O-fjRDxYPWnCDDm56gAABHIAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 21 Apr 2021 05:55:07 GMT
liveCS.php
live.sekindo.com/live/ Frame 2DEC
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D607fbe3b1ec4c%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=105&advUuid=1500623958703733180
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=105&advUuid=1500623958703733180
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:14 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid
7768a31d-b945-4e3c-91e8-2a66d108d944
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=607fbe3b1ec4c&pixel=&advId=105&advUuid=1500623958703733180
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
liveView.php
live.sekindo.com/live/ Frame 2DEC 		63 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn21%2Fvideo%2Fusers%2Fconverted%2F22235%2Fvideo_5df2c67d5a683172725343%2Fvid5df32607564c5818143911.mp4&vid_content_id=602406&vid_content_desc=Best+Carrot+Cake+Ever&vid_content_title=Best+Carrot+Cake+Ever&vid_content_duration=77&debugInformation=&x=440&y=248&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=607fbe3b1ec4c&cbuster=1618984507503&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
426507e055ff10bb69ef264e5ce21a9b53f29f06423c6bafa2334a0bff5a5f2a

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:06 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.ptonline.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3600
liveView.php
live.sekindo.com/live/ Frame 2DEC 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn21%2Fvideo%2Fusers%2Fconverted%2F22235%2Fvideo_5df2c67d5a683172725343%2Fvid5df32607564c5818143911.mp4&vid_content_id=602406&vid_content_desc=Best+Carrot+Cake+Ever&vid_content_title=Best+Carrot+Cake+Ever&vid_content_duration=77&debugInformation=&x=440&y=248&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=607fbe3b1ec4c&cbuster=1618984507503&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
d6881a327f1339c11846a375fd71e0dad78964bda0eaf1876ff37c7daee97855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.ptonline.net
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1575
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ptonline.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
117587
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:20 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8D86 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ae5b2092/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:07 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2DEC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
ZRH50-C1
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
Tl1rvgLK-qzBS9VvEMCTHa-ceQB9v1c08ZBtEuPzte1YWdQjd6BDtg==
sp.css
livefyre-cdn.s3.amazonaws.com/libs/identity/v1.2.3/simple/css/default/ 		51 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livefyre-cdn.s3.amazonaws.com/libs/identity/v1.2.3/simple/css/default/sp.css
Requested by
Host: cdn.livefyre.com
URL: https://cdn.livefyre.com/libs/identity/v1.2.7/simple/javascripts/customprofiles.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.229.115 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b672ffba8de657c98368891d2d2cf0f44e7c97a79a6ab219598f13175cd3215

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 May 2018 00:16:32 GMT
Server
AmazonS3
x-amz-request-id
C454SQ0AEF80BTGB
ETag
"a70a8f3df16efe2c0e513d07e73b0aa6"
x-amz-version-id
null
Cache-Control
max-age=315360000, no-transform, public
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
Content-Length
16559
x-amz-id-2
uewGslJYTHkDPSGz/t31l069TWmzoSDpfxYp6RCj++JtoV8mOo+vVQ09iWumNgcSR7S8SkYvFOU=
/
bootstrap.livefyre.com/api/v4/configuration/cnhi.fyre.co/ 		59 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.livefyre.com/api/v4/configuration/cnhi.fyre.co/?section=translations&translations.lang_code=en-US&translations.app=identity
Requested by
Host: cdn.livefyre.com
URL: https://cdn.livefyre.com/libs/identity/v1.2.7/simple/javascripts/customprofiles.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.136.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
gunicorn/19.6.0 /
Resource Hash
79f07fe10edf4d842913bd2121283f4bdc01044ef113f53e85d247f67f914f4e
Security Headers
Name Value
Strict-Transport-Security max-age=14400; includeSubDomains; preload;

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 21 Apr 2021 05:54:10 GMT
Vary
Origin
Age
57
X-TR-TTL
60.000
X-Cache
HIT
Strict-Transport-Security
max-age=14400; includeSubDomains; preload;
Content-Length
59
X-Index-Last-Modified
2021-04-21 05:53:19.178888
Accept-Ranges
bytes
Server
gunicorn/19.6.0
Cache-Control
max-age=60
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.ptonline.net
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-TR-Cached
yes
Access-Control-Allow-Headers
Content-Type, accept, authorization, dnt, x-dnt
X-Cache-Hits
98
generate_204
www.youtube.com/ Frame 8D86 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?vTibPw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
openrtb
ads.adaptv.advertising.com/rtb/ Frame 2DEC 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.ptonline.net
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=14020
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
0B0CA0B90C88DB3A
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=42171
accept-ranges
bytes
content-length
55696
x-amz-id-2
pjbrJFbt4QFRzKYMM5XzevVYn7TQUBxhW0n53CWVULC77/Xh7qs+EZWLr8k9n7lfgRjcD0Xe9pU=
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f531f224-026c-4857-bde8-964b2ea1f9d1&ntv_fl=5j6K0SrXS9BkMDZOoNh3cibhqbOhrUBXxCtyZ0yLAyJxVxhzO5Evb2WtzypxoNaQvcFtsO8j3DbeulVmbRVycZLWJhaGJsDv5PJzo8TYf5aIN6YTfKa66BpqLweQSj6Dr_VUjryAhIKCPwe1kQm-j0g-D7ETUNqsRMEWlGL40HI=&ntv_ht=O75_YAA&ntv_at=303,302&ntv_a=AAAAAAAAAAFrAQA&ord=1618984507672&ntv_dpl=1009,1011,1028,1016,1050,1003,1019,1007&ntv_it
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.166.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-166-208.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
pbsync.html
js.adscale.de/ Frame 63FF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Host
js.adscale.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

x-amz-id-2
gP4kyJgm9jhO0VUUdLTBT2FWpFhQmCAW/re9IS8ZQIJX8fTLSq2/YHJz4jHPt+LSgIODv8ND+4c=
x-amz-request-id
TJ1Q7NA6JYQADF0B
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
ETag
"5550fca00caf055568d6ced373f2721f"
x-amz-version-id
ljUMRnw1Ux.L_G6sluuTuNwF_kYaf8ny
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1509
Cache-Control
max-age=300
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
cookie
cm.adform.net/ Frame 57AF 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 816A 		251 B
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-632
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
CH
cdn-edgestorageid
601
cdn-storageserver
DE-51
cache-control
public, max-age=3600
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-04-21 07:51:45
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
f269de05f9075d2805ba7a42c4569228
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame 4741 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
75f62120b95e617215684e9aef305a9c4db72d7f2326b69e9e4ee78a4c07a353

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 21 Apr 2021 05:55:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
887
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
Cookie set csync
sync.console.adtarget.com.tr/ Frame DE43
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=p7Q0v7Ht1K7qOILlV2mn&pi=admatic&tc=1
43 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=p7Q0v7Ht1K7qOILlV2mn&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 21 Apr 2021 05:55:08 GMT
Content-Type
image/gif
Content-Length
43
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=ae0c920efc93046f; expires=Tue, 22 Jun 2021 05:55:08 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=p7Q0v7Ht1K7qOILlV2mn; expires=Tue, 22 Jun 2021 05:55:08 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Wed, 21 Apr 2021 05:55:07 GMT Wed, 21 Apr 2021 05:55:07 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=p7Q0v7Ht1K7qOILlV2mn&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame B7A1
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
5674e4a7cca510a204d86ab8c60d0361ce6c3a54e02155ff793ca7af25ab0c3b

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=ADt/zR1nPXA2QfBt; path=/; domain=e-planning.net; expires=Wed, 19-Apr-2028 05:55:07 GMT; SameSite=None; Secure
expires
Wed, 21 Apr 2021 05:55:07 GMT
x-sid
AMS-749
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 21 Apr 2021 05:55:07 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-749
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B096 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=61393
Expires
Wed, 21 Apr 2021 22:58:20 GMT
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame 922E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=494&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D306709%26extuid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-4630061f-ff57-4323-9cc8-022820c38740
43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-4630061f-ff57-4323-9cc8-022820c38740
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.console.adtarget.com.tr/csync?t=a&ep=306709&extuid=av-4630061f-ff57-4323-9cc8-022820c38740
date
Wed, 21 Apr 2021 05:55:07 GMT
server
Apache-Coyote/1.1
content-length
0
csync
sync.console.adtarget.com.tr/ Frame 922E 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
showad.js
ads.pubmatic.com/AdServer/js/ Frame 76D6 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D607fbe3b1ec4c%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46822
Expires
Wed, 21 Apr 2021 18:55:29 GMT
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?oz_pl=1&_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=www.ptonline.net&gt=CH&c1=chrome&c2=desktop&c5=&si=22235&pc=105129&_page=https%3A%2F%2Fwww.ptonline.net%2F&r1=37.120.137.166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvmath.com/2/2.0.3/ Frame 2DEC 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/main.js?o=1
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=www.ptonline.net&gt=CH&c1=chrome&c2=desktop&c5=&si=22235&pc=105129&_page=https%3A%2F%2Fwww.ptonline.net%2F&r1=37.120.137.166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
50a250273f9720c6ab2526c8f6d9288f25b8a261403d08d0b530b7ac38dda883
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
40899
Expires
Sat, 28 Dec 2052 06:57:40 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame FA22 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46822
Expires
Wed, 21 Apr 2021 18:55:29 GMT
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 76D6 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=37314352&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:07 GMT
Content-Length
0
/
de.tynt.com/deb/ Frame D1FD
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
75 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=CmUMKWB/vj+B1xUUGCcjAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://s.adtelligent.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Wed, 21 Apr 2021 05:55:10 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

server
nginx/1.16.1
date
Wed, 21 Apr 2021 05:55:11 GMT
content-type
text/html; charset=utf-8
content-length
171
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
set-cookie
uid=CmUMKWB/vj+B1xUUGCcjAg==; expires=Thu, 21-Apr-22 05:55:11 GMT; domain=tynt.com; path=/; Secure; SameSite=None
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
csync
sync.adtelligent.com/ Frame 4741
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=51236efa6009a992bbb06388
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=51236efa6009a992bbb06388
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Wed, 21 Apr 2021 05:55:13 GMT
Server
nginx
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=51236efa6009a992bbb06388
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 4741
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=42eb9654-ffe7-461c-a8c1-914bb09c9458
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=42eb9654-ffe7-461c-a8c1-914bb09c9458
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:14 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=42eb9654-ffe7-461c-a8c1-914bb09c9458
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
2psoo203o9t26vfse179b5j8daic18o1
csync
sync.adtelligent.com/ Frame 4741
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1517893553390067857
43 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1517893553390067857
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:13 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.46:80
AN-X-Request-Uuid
be969acf-dd07-4a54-ae59-fa58f18bf447
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=1517893553390067857
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 4741
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7dafec5e8c8ee1c4
35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7dafec5e8c8ee1c4
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:09 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=7dafec5e8c8ee1c4
Date
Wed, 21 Apr 2021 05:55:08 GMT
Server
VertaMedia 1.0
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 4741
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=7dafec5e8c8ee1c4
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=7dafec5e8c8ee1c4
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=7dafec5e8c8ee1c4
Date
Wed, 21 Apr 2021 05:55:08 GMT
Server
VertaMedia 1.0
Content-Length
0
uu
ih.adscale.de/ Frame 63FF
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1618984507
  • https://ih.adscale.de/uu?cbfn=receive&t=1618984507&nut&uu=3881d01bfd53465a8702a90f060b8b90
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1618984507&nut&uu=3881d01bfd53465a8702a90f060b8b90
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2fba95b94aec59efcd75d9122bee13f1a3083f95b645a4bcb37e2f71cd7a2e6e

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1618984507&nut&uu=3881d01bfd53465a8702a90f060b8b90
date
Wed, 21 Apr 2021 05:55:15 GMT
content-length
0
bundle.js
cdn.admatic.com.tr/user/ Frame 816A 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.15 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-15.cdn77.com
Software
BunnyCDN-DE1-632 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
br
cdn-edgestorageid
601
cdn-storageserver
DE-51
cdn-cachedat
2021-04-21 07:15:54
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-632
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
75eb409dc96255ba7a139e2afc02deb1
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
um
u-ams02.e-planning.net/ Frame B7A1
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0882392d948a7407
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D0882392d948a7407
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D9bd09e30-28...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D9bd09...
  • https://u-ams02.e-planning.net/um?uid=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&dc=0abbcb4eba840e59&fi=0882392d948a7407
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&dc=0abbcb4eba840e59&fi=0882392d948a7407
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:09 GMT
server
openresty
content-type
image/gif

Redirect headers

date
Wed, 21 Apr 2021 05:55:08 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://u-ams02.e-planning.net/um?uid=9bd09e30-2885-48e7-814c-41cb93322f6f-607fbe3c-4348&dc=0abbcb4eba840e59&fi=0882392d948a7407
alt-svc
clear
content-length
0
um
sync.e-planning.net/ Frame B7A1
Redirect Chain
  • https://sync.1rx.io/usersync2/eplanning
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=571421152
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=571421152
  • https://sync.1rx.io/usersync/tradedesk/f6e00b4b-f3b3-4f36-8663-aa5947badd95
  • https://sync.targeting.unrulymedia.com/csync/RX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3DRX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003%26dc%3D1079...
  • https://sync.e-planning.net/um?uid=RX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003&dc=1079cc634ca638f8&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=RX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003&dc=1079cc634ca638f8&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:11 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=RX-5704ac89-72e8-4cc5-bc00-57c6c6be425c-003&dc=1079cc634ca638f8&iss=1
date
Wed, 21 Apr 2021 05:55:11 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5704ac8972e84cc5bc0057c6c6be425c003
content-type
text/html
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame B7A1 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:14 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 20 Apr 2026 05:55:14 GMT
tm60118.js
tag.navdmp.com/ Frame B7A1 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm60118.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2759
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
09949831c60000c2fe7780a000000001
last-modified
Wed, 18 Nov 2020 16:32:07 GMT
server
cloudflare
etag
W/"5fb54c87-2ef4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
64345c96086fc2fe-FRA
expires
Wed, 21 Apr 2021 06:09:08 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame B7A1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:14 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 20 Apr 2026 05:55:14 GMT
um
u-ams02.e-planning.net/ Frame B7A1
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D0882392d948a7407%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0882392d948a7407&uid=42eb9654-ffe7-461c-a8c1-914bb09c9458
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0882392d948a7407&uid=42eb9654-ffe7-461c-a8c1-914bb09c9458
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:14 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=0882392d948a7407&uid=42eb9654-ffe7-461c-a8c1-914bb09c9458
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ongsukt7hgcuh9ug1af0fitktmko75i7
ptag
a.audrte.com/ Frame B7A1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e22d01e09b89bc0a0089ecf820846df00d5da70eff8f412d7a11df56f35400b9

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:15 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame B7A1 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:14 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 20 Apr 2026 05:55:14 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame B7A1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D0882392d948a7407%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame B7A1
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D0882392d948a7407
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:09 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Wed, 21 Apr 2021 05:55:08 GMT
server
nginx/1.10.3
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame B7A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D0882392d948a7407%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D0882392d948a7407%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0882392d948a7407&uid=7640132656411727853
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0882392d948a7407&uid=7640132656411727853
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:13 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:13 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid
f44431e9-7730-4dd6-b5f1-1885aa67aec9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=0882392d948a7407&uid=7640132656411727853
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame B7A1
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D0882392d948a7407%26uid%3D%5BUID%5D
  • https://u-ams02.e-planning.net/um?dc=e52415579699e09f&fi=0882392d948a7407&uid=d7877eb6-9502-4939-83c0-4fb2b960e74d
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e52415579699e09f&fi=0882392d948a7407&uid=d7877eb6-9502-4939-83c0-4fb2b960e74d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:09 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:08 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://u-ams02.e-planning.net/um?dc=e52415579699e09f&fi=0882392d948a7407&uid=d7877eb6-9502-4939-83c0-4fb2b960e74d
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame B7A1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-AibUCEpE2uEnTN6A6TXO4Q.uDHACNI9oiKdhyVg-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-AibUCEpE2uEnTN6A6TXO4Q.uDHACNI9oiKdhyVg-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:09 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 21 Apr 2021 05:55:09 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-AibUCEpE2uEnTN6A6TXO4Q.uDHACNI9oiKdhyVg-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame B7A1
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D0882392d948a7407%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=0882392d948a7407&uid=74bfa5c68e33522b8e66e838c1ae13ba8957e7ce
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=0882392d948a7407&uid=74bfa5c68e33522b8e66e838c1ae13ba8957e7ce
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:10 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=0882392d948a7407&uid=74bfa5c68e33522b8e66e838c1ae13ba8957e7ce
Date
Wed, 21 Apr 2021 05:55:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
test_dmp.html
s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/ Frame B7A1 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/29c512b3a85254c8/test_dmp.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame DC78
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Apr 2021 05:55:10 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Wed, 21 Apr 2021 05:55:09 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F24 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0882392d948a7407%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=61393
Expires
Wed, 21 Apr 2021 22:58:20 GMT
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5392 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0882392d948a7407%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0882392d948a7407%26uid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0882392d948a7407%26uid%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46822
Expires
Wed, 21 Apr 2021 18:55:29 GMT
Date
Wed, 21 Apr 2021 05:55:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?oz_pl=1&_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=www.ptonline.net&gt=CH&c1=chrome&c2=desktop&c5=&si=22235&pc=105129&_page=https%3A%2F%2Fwww.ptonline.net%2F&r1=37.120.137.166
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
/
adspsp.com/pt/1710310/17/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/17/1/?a=2,aX0,KzGRimUTkk&aa=&b=GDPRBlockAll&e=&c=https%3A%2F%2Fwww.ptonline.net%2F&d=&f=1.knr1kn1b.1T1id&g=1T29t&u=a3a859e5:knjejvsv:1tg&v=18g.xc.0.2ho&rnd=1618984507937
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.91.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-91-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984507933&oz_l=34&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
14020
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/14020?t=2021321711
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-10-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oMoNJd6DOYQ4eJmQYR3jyGE_GQDGT8lU
last-modified
Tue, 20 Apr 2021 06:01:20 GMT
server
AmazonS3
x-amz-request-id
RBECTP8FKRT3MWFW
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
binary/octet-stream
date
Wed, 21 Apr 2021 05:55:08 GMT
accept-ranges
bytes
content-length
0
x-amz-id-2
vzpHJpGMHddgov1QnKJoVvEhAKLJFAZfdtiOZWzUHom6VdPxKwhBWyoIO/sRPpUFPXegN8hzLuo=
310481
search.spotxchange.com/openrtb/2.3/dados/ Frame 2DEC 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/310481
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_5.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 21 Apr 2021 05:55:08 GMT
X-SpotX-Timing-Transform
0.000320
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux
0.000255
X-spotx-Exception-0-RESULT
failure
X-SpotX-Timing-Page-Require
0.000349
X-spotx-Exception-0-ID
MARKET_HALTED
Connection
keep-alive
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Page-Cookie
0.000006
X-SpotX-Timing-Page
0.010232
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000287
X-fe
124
Last-Modified
Wed, 21 Apr 2021 05:55:08 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005651
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ptonline.net
X-SpotX-Timing-Page-Misc
0.003331
X-SpotX-Timing-Page-Exception
0.000020
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.005651
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984508100&oz_l=5141&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1618984507&vid_playerVer=3.1.0&s=105129&sta=0&x=300&y=250&vid_passDomain=www.ptonline.net&subId=www.ptonline.net&debugInformation=&isApp=0&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=607fbe3b1ec4c&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1618984508131&uid=SekindoSPlayer607fbe3b3259f&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&floatStatus=false
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
advertiserwidget.css
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202103220/css/ 		522 B
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202103220/css/advertiserwidget.css
Requested by
Host: d1gzrgn7m19oq9.cloudfront.net
URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Apr 2021 07:23:11 GMT
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Last-Modified
Tue, 06 Apr 2021 18:06:54 GMT
Server
AmazonS3
Age
81117
ETag
"b325bb01ffc184ad1cb95dcd96959b45"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
522
X-Amz-Cf-Id
pDFYILX-W_TDH_HWRV_u_Hok8RmX3r8w1Wj2caJJym-nnOWrft6GLQ==
advertiserwidget.js
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202103220/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202103220/js/advertiserwidget.js
Requested by
Host: d1gzrgn7m19oq9.cloudfront.net
URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.bdtonline.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe87433fa1130af12f23ff8ecc0fc3dd20d3d3f82bacbaca450b708467965cda

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 21 Apr 2021 00:28:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Apr 2021 18:06:55 GMT
Server
AmazonS3
Age
19614
ETag
W/"818bf56af8bae4d989b6fe947c57fae2"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
4HrE9QhDHwQeDvmEvcpZ2404iuwpbjcamqbpstlb_h5Oa8OOv8CWdA==
truncated
/ Frame 4721 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984508254&oz_l=3549&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gtm.js
www.googletagmanager.com/ 		99 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7164b4a9a18dde7fb69cc729c426d69d59ff5277bda51abbbb93dff8248877a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38207
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 05:55:08 GMT
widgetinfo
p.cityspark.com/api/widgets/ 		487 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=&callback=jsonp1618985495891
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa0883def316e8dccb187ce4cbdf67d0cca2edb105defd04c779b9c97e923867

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:08 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
458
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 21:44:51 GMT
via
1.1 google
last-modified
Wed, 17 Mar 2021 21:41:14 GMT
server
nginx
age
1584617
x-who
gcloud-web-5
cache-control
max-age=31536000,public
accept-ranges
bytes
content-type
image/png
alt-svc
clear
content-length
22292
expires
Sat, 02 Apr 2022 21:44:51 GMT
EQFCU-6fdCrGWMFPi1d5xw_dkyLjyLfCwAoRBcASayAEBF9Xrj78tySHyJK6EesLIsUMQIegkorKVh04o1ueX8-IkpDXVLEoMHQO2m8=w350-l75
lh3.googleusercontent.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/EQFCU-6fdCrGWMFPi1d5xw_dkyLjyLfCwAoRBcASayAEBF9Xrj78tySHyJK6EesLIsUMQIegkorKVh04o1ueX8-IkpDXVLEoMHQO2m8=w350-l75
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a9c463daa489cf76b737778dacf45b6916fcc37e69c9740b52065728198b8bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:08:20 GMT
x-content-type-options
nosniff
age
13608
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13618
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Apr 2021 01:09:26 GMT
lZBrxZxQwvT9KlTdXlUm57rvEvGtFgca1D8NAFoTS5H10TxSZU4oMtScdJxhQ20pkaTuEKDwamTi3JfLp_qUOdJJ-w0ul8UGzLWPabfVQUbMVVntxUwoBA=w350-l75
lh3.googleusercontent.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/lZBrxZxQwvT9KlTdXlUm57rvEvGtFgca1D8NAFoTS5H10TxSZU4oMtScdJxhQ20pkaTuEKDwamTi3JfLp_qUOdJJ-w0ul8UGzLWPabfVQUbMVVntxUwoBA=w350-l75
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9f39d071c45b8152af9d7b905a61f96f3b4aa221b245a182c52b51feefb220b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 03:31:34 GMT
x-content-type-options
nosniff
age
8614
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16142
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 21 Apr 2021 01:18:04 GMT
LTUuS3vfLY3Kbfv260SfOterQZZe0jxOkq8-G4m68OpMQXqFWhPgfF5NfXZiJdYA7IL-8Tl5Vx3IfZ4sJFFxOeBHR6oayRi8wZffgHI=w350-l75
lh3.googleusercontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/LTUuS3vfLY3Kbfv260SfOterQZZe0jxOkq8-G4m68OpMQXqFWhPgfF5NfXZiJdYA7IL-8Tl5Vx3IfZ4sJFFxOeBHR6oayRi8wZffgHI=w350-l75
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bc07ea3a7f4d4feeb20de2ebc6e72c2fa045cb4e4f5987818094e377e4baca26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:24:56 GMT
x-content-type-options
nosniff
age
1812
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20079
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 21 Apr 2021 07:43:26 GMT
fontawesome-webfont.e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2
bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/fontawesome-webfont.e6cf7c6ec7c2d6f670ae9d762604cb0b.woff2?v=4.6.3
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://www.ptonline.net
Referer
https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Mon, 06 Jun 2016 15:20:27 GMT
content-length
71896
cf-request-id
09949833ad000023738da7e000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"575594bb-118d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64345c991f782373-ZRH
expires
Fri, 08 Apr 2022 16:38:51 GMT
v2
api.viafoura.co/v2/www.ptonline.net/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.ptonline.net/bootstrap/v2
Protocol
H2
Server
2600:1f18:44f0:4840:562f:2028:6b66:1a65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.ptonline.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
server
nginx/1.18.0 (Ubuntu)
expires
Wed, 21 Apr 2021 05:55:08 GMT
cache-control
max-age=0
access-control-allow-origin
https://www.ptonline.net
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-max-age
1728000
v2
api.viafoura.co/v2/www.ptonline.net/bootstrap/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.ptonline.net/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:562f:2028:6b66:1a65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
970317c7c85a76296dc8b7a5d6550981195da0742eccbe616fcd54b6d3ee8098

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-0f1c8e8906b1a0092
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Wed, 21 Apr 2021 05:55:08 GMT
diberp-tcx-v4.29.0-v2.js
www.americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 15:20:32 GMT
content-encoding
gzip
age
1348476
x-guploader-uploadid
ABg5-Ux9qyuyxOJ7Tahq9zb193uFw4DAH-NBwnjUTuyfQRjTiyoEiggYLnDhHI9NeaYBnkX-xEzGkriNFRZFVykmKOE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 05 Apr 2022 15:20:32 GMT
gpt.js
www.googletagservices.com/tag/js/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16f58455517f49038c24343d1a864f50e6e1e995ab6754263930143638b3cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"848 / 675 of 1000 / last-modified: 1618956683"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21113
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:08 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 06:08:18 GMT
Acqbko
ad.doubleclick.net/ddm/adj/Bhjr/ 		11 B
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/Bhjr/Acqbko
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984508408&oz_l=43&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 1C92 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Sat, 17 Apr 2021 20:30:04 GMT
expires
Sun, 17 Apr 2022 20:30:04 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
293104
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984508590&oz_l=310&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984508741&oz_l=1123&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
0a80eae2-5d8d-4a13-af19-344a96db1ca4
https://www.ptonline.net/ Frame 0ECA 		476 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ptonline.net/0a80eae2-5d8d-4a13-af19-344a96db1ca4
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
476
Content-Type
javascript
thirdpartycookie
api.viafoura.co/v2/www.ptonline.net/ 		45 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.ptonline.net/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4840:562f:2028:6b66:1a65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:08 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
x-instance-id
i-07c60169a44b72fda
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Wed, 21 Apr 2021 05:55:08 GMT
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984508951&oz_l=10229&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sync
pixel.advertising.com/ups/55986/ Frame 2DEC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YH__PQAAV2C_ZgA4&_origin=0&gdpr=1&gdpr_consent=&_test=YH__PQAAV2C_ZgA4
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55986/sync?uid=YH__PQAAV2C_ZgA4&_origin=0&gdpr=1&gdpr_consent=&_test=YH__PQAAV2C_ZgA4
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-47-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:09 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:09 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618984509.191219,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://pixel.advertising.com/ups/55986/sync?uid=YH__PQAAV2C_ZgA4&_origin=0&gdpr=1&gdpr_consent=&_test=YH__PQAAV2C_ZgA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/57304/ Frame 2DEC
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAyMTM2ZGU2My1hMjY2LTExZWItODA2OC0wNmZjNDVjM2ZiM2M%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEJW32F8GxW8XLIIs3oCvKiA&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJW32F8GxW8XLIIs3oCvKiA&google_cver=1&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJW32F8GxW8XLIIs3oCvKiA&google_cver=1&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:09 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJW32F8GxW8XLIIs3oCvKiA&google_cver=1&apid=UP2136de63-a266-11eb-8068-06fc45c3fb3c
date
Wed, 21 Apr 2021 05:55:09 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/ Frame 2DEC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=dd444542-72a3-4be3-b861-d663455d81b0&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=dd444542-72a3-4be3-b861-d663455d81b0&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:10 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=dd444542-72a3-4be3-b861-d663455d81b0&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
intl-messageformat.90484bbd11a18be65b1d.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.90484bbd11a18be65b1d.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b982947ed100a1c899a9646485f14b8df3be4d0f1282fc95f985fe290eb90707

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
5106
last-modified
Tue, 20 Apr 2021 16:59:13 GMT
server
AmazonS3
etag
"921ad9c6fff6eef461cbaa5a05feeb28"
x-amz-version-id
q39JnyFNi1DL83c3CQTXU3NhOWRrpxyz
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
MA3ZokVCWiSiHiazcOtKPhSj9zvr8-z8e5X3AtUvPyXWCJaCWGGuWA==
intl-messageformat.faa4eb52d28c991a728b.js
cdn.viafoura.net/chunks/languages/ 		134 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.faa4eb52d28c991a728b.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e280ca8223f6efccb98b5101569d569346cbb718c22e12b1a90383bed2c2db9

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
143
last-modified
Tue, 20 Apr 2021 16:59:20 GMT
server
AmazonS3
etag
"c796f96c461e8a9ec2a91302fc81e69c"
x-amz-version-id
nRaE3GrRZmlLvckiW.ChdNPqm1yOPsK8
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
3tsZSTC5_0LvaSC0lm9LbUtOgzMtqXKU_VRey4Ulp5ysWrYfoib2_A==
en-us-base-json.7005fb1985ed73258ece.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.7005fb1985ed73258ece.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fa11fd36d780a6ae796ccc7f6ab9bbe9cec26ce9716768fcd5a9462c00611ad

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
4892
last-modified
Tue, 20 Apr 2021 16:59:15 GMT
server
AmazonS3
etag
"e73b497582a43a635ef33ea6a5a7f416"
x-amz-version-id
.rngOLOPrL7uRa28x8IlQLP_00jC3lsS
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
wM0y0YuZryhShpQUBlxxIoybAw_V6UoA7tDQPIm674unXYLQ-z9Q4Q==
vf-css.71dab3a7e531daa0c199.js
cdn.viafoura.net/chunks/ 		119 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.71dab3a7e531daa0c199.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6825131d57a33a6cdd2bc72327e9510aa86d555dc277d78509234cb9b52566f3

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16645
last-modified
Tue, 20 Apr 2021 16:59:45 GMT
server
AmazonS3
etag
"f33328d52bb157e5120fbd4497bdc19e"
x-amz-version-id
dDVPOXX_IjJPOhrQj99354uwqLxEDf5J
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
hrdGcNki5QBPt2hEVyuiiQ6U5XMOyhAz_5rIdy8bdZGQ5vHZC8QKsw==
css
fonts.googleapis.com/ 		16 KB
951 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 05:38:45 GMT
server
ESF
date
Wed, 21 Apr 2021 05:55:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Apr 2021 05:55:09 GMT
0.120a1c32b95eddaff6d6.css
cdn.viafoura.net/ 		85 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.120a1c32b95eddaff6d6.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84d61a54cefec1104fcd83b2de7951b101658cee3f5ac93877ff9cf8bafc546e

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
9634
last-modified
Tue, 20 Apr 2021 16:59:57 GMT
server
AmazonS3
etag
"b78e87cb53b039a62b4c79f2caababf9"
x-amz-version-id
ERwB6RJky_XMJiFGdsis6MIXZFef__4A
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-cf-id
gRkT_WUAJqyQpaGE5AXKvw0kr96wS7U06v780Dsf4Ri8MmmqX1FTqA==
da.60db686ee8d4b75b5225.js
cdn.viafoura.net/chunks/ 		142 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.60db686ee8d4b75b5225.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2a7206a7ed19b4107e1b1d78b0e01d0355d280cf424a65a02bb32a02fd3fd6f

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
34981
last-modified
Tue, 20 Apr 2021 16:59:43 GMT
server
AmazonS3
etag
"4c1ad9361baa98626db1f725dda67363"
x-amz-version-id
vV819ooviyGPzB_bGYoWZ1zwbbhgbZyh
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
4HqBdBLmdKIjyQfS4kJ56m0_rzL-4_VBDBeEXSWhMcj4JSQf19JOqg==
117.e6384fefd84d1abc1698.css
cdn.viafoura.net/ 		1 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/117.e6384fefd84d1abc1698.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cfbcbdf6d39487853065c6770cb7b9ca5969bb971409a101fa0b84b545e3ccf

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
493
last-modified
Tue, 20 Apr 2021 16:59:56 GMT
server
AmazonS3
etag
"cbc436e42f318dc93aca3bfb4e82f16f"
x-amz-version-id
gBWjDF6fVknpx.ut5P.0B68ow43Flhwh
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-amz-cf-id
bopCDx58OuTmjcBPj-A5l6PfhC42fOWN8f6XwIOSyk4_K_J8LeaZeA==
tray-trigger.f5f8774fad3b9dad38c0.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.f5f8774fad3b9dad38c0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90bcb301e8aa04d6c267956f7670ba335fd87ea7f9523b5c7f98335e6c6a9787

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1852
last-modified
Tue, 20 Apr 2021 16:59:48 GMT
server
AmazonS3
etag
"be4856bbb557d96d0dc1a5807457e90a"
x-amz-version-id
YObc3cDI.U5Xa3IBD2LdfIxQMgRFegi3
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
b2DWdApYRuFouYEQL74lxfB6WpRkfg3NCG6fJBIIWwHFdoNgeNf_vw==
ingest
i.viafoura.co/v3/www.ptonline.net/ 		67 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.ptonline.net/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.ptonline.net%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-76ed52f4d513%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1618984509%2C%22isRecirculation%22%3Afalse%2C%22referrerStart%22%3A1618984509%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%2C%22uniqueId%22%3A%22fa4c0b87-7ba5-455c-8c2e-88062a96be3b%22%2C%22firstVisit%22%3A1618984509%2C%22previousVisit%22%3A1618984509%2C%22currentVisit%22%3A1618984509%2C%22visitCount%22%3A1%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.ptonline.net%22%2C%22site%22%3A%2200000000-0000-4000-8000-76ed52f4d513%22%2C%22section%22%3A%2200000000-0000-4000-8000-76ed52f4d513%22%2C%22pageImage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fptonline.net%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F2041f18a-7c05-11e5-a309-5fcf70555776.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.ptonline.net%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22ptonline.net%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22website%22%2C%22topics%22%3A%5B%5D%2C%22git%22%3A%228c57122380894d49c050d2c54f61b1779b1203da%22%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Atrue%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-US%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22ptonline.net%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22bfa17e9f-593c-4b36-8389-18c5f92d8f2e%22%2C%22rs%22%3A0%2C%22w%22%3A%5B%22vf-tray-trigger%22%2C%22vf-tray%22%5D%2C%22v%22%3A5%2C%22event_type%22%3A%22analytics.view%22%7D
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.199.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:10 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.17.8
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984509138&oz_l=346&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
content-module-js.00d2289cf7de58b99d86.js
cdn.viafoura.net/chunks/vuex_store/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.00d2289cf7de58b99d86.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4c00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7ff5e9fa5e9efe0e51ea63772a4af692f3cf08f5c14056d2a8d268c4a0ebbe8

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 17:00:41 GMT
content-encoding
gzip
age
46469
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2741
last-modified
Tue, 20 Apr 2021 16:59:34 GMT
server
AmazonS3
etag
"2ed4fc9d0defc5506c190e9270f0ae35"
x-amz-version-id
.W.LiCjM387iOdyINNE_V1fLav0XJwaL
via
1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
jHHdyszvWQig8n3KuWVM_gWaFcpq30rnCopkVaA4fN1IyoC7D-AOpQ==
usync.js
eus.rubiconproject.com/ Frame DC78 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1c1e298c19bf83ab21ac9f37d27a20d6068e98c648c306c11ef18f9f7eb1da49

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:33:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=34729
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Wed, 21 Apr 2021 15:33:59 GMT
khaos.jpg
token.rubiconproject.com/ Frame DC78 		284 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
um
sync.e-planning.net/ Frame DC78
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
  • https://sync.e-planning.net/um?uid=KNR1KREQ-1F-5KHF&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=KNR1KREQ-1F-5KHF&dc=9bcc91305985f0db&iss=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:10 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.e-planning.net/um?uid=KNR1KREQ-1F-5KHF&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DC78
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YH__PgAAVc9tRABg
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YH__PgAAVc9tRABg&_test=YH__PgAAVc9tRABg
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YH__PgAAVc9tRABg&_test=YH__PgAAVc9tRABg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618984511.907666,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YH__PgAAVc9tRABg&_test=YH__PgAAVc9tRABg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame DC78
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNR1KREQ-1F-5KHF&sigv=1&esig=2~f44936259f2dc841f7af7aac299b8784e95a785b
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNR1KREQ-1F-5KHF&sigv=1&esig=2~f44936259f2dc841f7af7aac299b8784e95a785b
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:10 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KNR1KREQ-1F-5KHF&sigv=1&esig=2~f44936259f2dc841f7af7aac299b8784e95a785b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DC78
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f3ec607f-be3e-4900-be27-9ccce7a10340
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f3ec607f-be3e-4900-be27-9ccce7a10340
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Date
Wed, 21 Apr 2021 05:55:05 GMT
Server
MT3 3660 495c301 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=f3ec607f-be3e-4900-be27-9ccce7a10340
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 21 Apr 2021 05:55:04 GMT
709414.gif
id.rlcdn.com/ Frame DC78 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:11 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame DC78
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nldo11fgeWXFNIyOQBVDzsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3039255667877585307
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3039255667877585307
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

date
Wed, 21 Apr 2021 05:55:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3039255667877585307
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC78
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05SMUtSRVEtMUYtNUtIRg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05SMUtSRVEtMUYtNUtIRg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05SMUtSRVEtMUYtNUtIRg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame DC78 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.101.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame DC78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELhBFpgNiLV6Ti7tKpZgIJA&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELhBFpgNiLV6Ti7tKpZgIJA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELhBFpgNiLV6Ti7tKpZgIJA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveMatching.php
live.sekindo.com/live/ Frame 2DEC 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveMatching.php
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30342D32315F30387D7B7331353038393436337D7B433236307D7B53643364334C6E4230623235736157356C4C6D356C64413D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583330307D7B593235307D7B66317D7B4C373839387DFEFE&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=607fbe3b1ec4c&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2218xkgopsilt&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:12 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984513189&oz_l=106&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:13 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
bid
ap.lijit.com/rtb/ 		94 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
e825050f91bfef74631e336f86835ba63607b87ccc4d09ef5545a417293683ab

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 21 Apr 2021 05:55:13 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.ptonline.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
352464f14d330ebebaeea9dc323318309779144595456c7caa92dfae63afef20
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:13 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid
19da0fb6-473b-4436-ae57-75264a40550c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.ptonline.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		903 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F281191609%2Ftrx_cnhi%2Fptonline.net%7C80f3f558ce7db1%22%3A%22300x250%22%2C%22%2F281191609%2Ftrx_cnhi%2Fptonline.net%7C9215f07366a1d7%22%3A%22300x250%22%7D&ref=https%3A%2F%2Fwww.ptonline.net%2F&s=0794ac3e-86a4-48df-98ca-8cefa26a8043&pv=ebe9eef0-72b1-4e82-9f65-963297feefb9&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
c0e02a9b1cbdd259d8af73b77e59eccf5a4d1e69423573d2361f994ce437010b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:13 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.ptonline.net
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
510
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=594615&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22105b8326ebc6c6d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ptonline.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22110413bcfd9f40b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22594615%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221207cbf6b0b686d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22594615%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b184e55d1b56f5687d293d0ded018b6ce5a472941340afa711fe05c70577c69

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:13 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[37.120.137.166], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.ptonline.net
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
45
x-ak-client-geo
12
expires
Wed, 21 Apr 2021 05:55:13 GMT
v2mwjm_c3iCwJQDEEMXMz0KDcOPWpFh9BtppXnWMWNyNvZth9l1QT5T0kv9138S-WGXVHU4-I
bandborder.com/ 		216 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2mwjm_c3iCwJQDEEMXMz0KDcOPWpFh9BtppXnWMWNyNvZth9l1QT5T0kv9138S-WGXVHU4-I
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c1a49dfd3cc757ef9aad0afc804589ee00b0141f08b3fa85e6d17e3cf80d6e55
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 21 Apr 2021 05:55:14 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
f8becdc5
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Wed, 21 Apr 2021 05:55:13 GMT
v2rkeI182KqsPOFU_9up8_8_29YNoCxMRicmr_QHpKl65F2CQoMbsb91o8t2OWDnsAK0uZXWi
bandborder.com/ 		3 B
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2rkeI182KqsPOFU_9up8_8_29YNoCxMRicmr_QHpKl65F2CQoMbsb91o8t2OWDnsAK0uZXWi
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 21 Apr 2021 05:55:14 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptonline.net
access-control-allow-credentials
true
x-hostname
f8becdc5
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
userconnect.js
js.adscale.de/ Frame 63FF 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Vg_Jp.ZJ2u3YbQXNKkA7T4fbgrmEYgFi
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
EDC715E2D26061E9
ETag
"98f37b242862929d9aef4bde91abc8ad"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Wed, 21 Apr 2021 05:55:15 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4485
x-amz-id-2
pg2juwEhgbhKwRzUK6AnbhHVUA4qO3OtkoMVfN1BVox6+pHHc4w7pE0EPBQCfVP/z/Ntjig6z78=
csync
sync.console.adtarget.com.tr/ Frame 63FF 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=3881d01bfd53465a8702a90f060b8b90
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
postback
s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/ Frame 2DEC 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.0.3/697322/AHu5I00QEeRA4mCx/postback?_page=https%3A%2F%2Fwww.ptonline.net%2F&dt=6973221530105335325000&gt=CH&c2=desktop&pc=105129&r1=37.120.137.166&ci=697322&di=www.ptonline.net&c1=chrome&c5=&si=22235&sid=AHu5I00QEeRA4mCx&oz_sc=4a11fb61fcecc795bbdedd54&oz_df=1618984515061&oz_l=321&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.0.3/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Apr 2021 05:55:14 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
Cookie set usermatch
ssum.casalemedia.com/ Frame EC47
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c1e63d26a2f2c60ac56cd95c6afd9f6029a575a0a7ba4eb89fbf655ff1c6a1a

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YH..QwLdEFh7y.Ej7jw0qwAA; CMPS=3272
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|45|188|221|73|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1621
Expires
Wed, 21 Apr 2021 05:55:15 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Connection
keep-alive
Set-Cookie
CMID=YH..QwLdEFh7y.Ej7jw0qwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Apr 2022 05:55:15 GMT CMPS=3272;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 20 Jul 2021 05:55:15 GMT CMPRO=1202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 20 Jul 2021 05:55:15 GMT CMST=YH++Q2B-vkMA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 22 Apr 2021 05:55:15 GMT CMRUM3=dd607fbe4327600&49607fbe4305a00&bc607fbe4305a00&f1607fbe4305a0&04607fbe4305a0&2d607fbe4305a0&e6607fbe4327600&27607fbe430b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Apr 2022 05:55:15 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 21 Apr 2021 05:55:15 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Connection
keep-alive
Set-Cookie
CMID=YH..QwLdEFh7y.Ej7jw0qwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Apr 2022 05:55:15 GMT CMPS=3272;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 20 Jul 2021 05:55:15 GMT
/
spl.zeotap.com/ Frame E4C0 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea228055ad7b24fdcb45505f958c43ee0de170ef7aba3d7482f29cef4fe9e6e5

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
content-type
text/html
set-cookie
__cfduid=dbc13a49405d1a4540e4bc52c31580d881618984515; expires=Fri, 21-May-21 05:55:15 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=e3094235-d56c-4c2a-791a-c3db6c3ce5a4; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%DE%14%9C%823%DA%D7%9F%BB%C1%DA%06%7C%D4%B9Ok%F4%19%ECgqI%EA%CF%AD%C55%AA%CC%C5%FA%1B%04%EF%B1QU%B6%D7%CF%E4%BA%199%D4%C6%F1%B7%3F8%23kg%90%C52%22%82~%8A7%1C%21HK%C9%FFd%E8%85V%40%23%B5%5D%92%1D%AC%08%B50%5C%CA%08%ED%5D%0B9%0B%FDk%11%04%1B%82%29%7BQ%FD%82%0Ec%E4%BFh%E6%064%F2a%B8%B8%0Ff%A9h%5D%8BP%F1E%90%ED%24%F26%89%5Dk.7%B1%16K%E0%E7%AC%AC%99%115%2A%12%D8%BF%EDV%B6T%95%9Fk%0B%16%A8%B6y%E3%A6l%95%13%8B%5E%CB%7C%80; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0994984e2f0000177266a70000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64345cc379271772-FRA
content-encoding
br
userconnect
ih.adscale.de/ Frame 63FF 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1618984515096&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame 241F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fbf3fa4dfff70293768ef29053161a97cae578bf29be810fc189ae75338821f5

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=3881d01bfd53465a8702a90f060b8b90; cct=1618984515033
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
set-cookie
tu=4#3109825868#48~~449717~449717~1#101~~449717~449717~1#39~~449717~449717~1#40~~449717~449717~1#42~~449717~449717~1#75~~449717~449717~1#108~~449717~449717~1#63~~449717~449717~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1618984515139; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
match.js
js.adscale.de/ Frame 241F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.237.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-88.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wLpT08_wLXVkyJ1J8XFuEEwEpe2lwEj_
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 00:56:54 GMT
Server
AmazonS3
x-amz-request-id
0CJGEPQ2ZKSDZJTR
ETag
"b75124846aec28a28b7a3441813682d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=300
Date
Wed, 21 Apr 2021 05:55:15 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1700
x-amz-id-2
rTeXxEVlmwvubu+6mFW79yFbR/gN1X2gq0lQgaMPHQj754I0ueECxgXGlb1NT3Jw/38xunNd2r8=
img
ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/ Frame 241F
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=3881d01bfd53465a8702a90f060b8b90&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=101&tpuid=BBID-01-02936985152819047-16267320
49 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=101&tpuid=BBID-01-02936985152819047-16267320
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=101&tpuid=BBID-01-02936985152819047-16267320
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ptonline.net
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ptonline.net
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=851321485963777&correlator=1342161984013402&output=ldjh&impl=fif&eid=31060860%2C31060809&vrg=2021042001&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=281191609%2Ctrx_cnhi%2Cptonline.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=slotName%3Dldgr1%26pubDom%3Dptonline.net%26atab%3Dtrue%26frstlk%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1618984505&dt=1618984515242&dlt=1618984506397&idt=602&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=1285&adks=2740354699&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ptonline.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x250&msz=300x-1&ga_vid=158815272.1618984507&ga_sid=1618984515&ga_hid=1986106146&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8dbbc590e7a28069f01bceac5fdfd244d7fdcabf7b850fc473ea8e7e82fa7d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7514
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=851321485963777&correlator=1342161984013402&output=ldjh&impl=fif&eid=31060860%2C31060809&vrg=2021042001&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=281191609%2Ctrx_cnhi%2Cptonline.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=slotName%3Dldgr4%26pubDom%3Dptonline.net%26atab%3Dtrue%26frstlk%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1618984505&dt=1618984515251&dlt=1618984506397&idt=602&frm=20&biw=1600&bih=1200&oid=3&adxs=674&adys=1848&adks=3101312882&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ptonline.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=158815272.1618984507&ga_sid=1618984515&ga_hid=1986106146&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
57f7c383f55d0c72e58ee276831fdc45889623aac1a6a8bbe8a4cef66b038774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7478
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EC47
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB&dcc=t
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EC47
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOY-XsNwEs6f4hh8bnndhD0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOY-XsNwEs6f4hh8bnndhD0&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOY-XsNwEs6f4hh8bnndhD0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EC47 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YH..QwLdEFh7y.Ej7jw0qwAA
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.101.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EC47
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YH..QwLdEFh7y.Ej7jw0qwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame EC47 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.120.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame EC47
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
49 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.212
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
cache-control
no-cache
x-server
10.45.13.138
content-length
0
expires
0
YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EC47 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EC47
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3695498927344935404
43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3695498927344935404
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3695498927344935404
pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-ams02.e-planning.net/ Frame EC47 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=0882392d948a7407&uid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0882392d948a7407%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
server
openresty
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 241F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=0c609724172ec2439393984...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
49 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 21 Apr 2021 05:55:09 GMT
Server
MT3 3660 495c301 master zrh-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 21 Apr 2021 05:55:08 GMT
img
ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/ Frame 241F
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808d77abd272d%2F1618984515139%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=75&tpuid=1500623958703733180&gdpr=0
49 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=75&tpuid=1500623958703733180&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 831.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid
a69557c2-a025-4601-bccd-1b33b1cf96eb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=75&tpuid=1500623958703733180&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame B7A1 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-8.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 20 Apr 2021 18:35:08 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
40808
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
GVkV1Bog0VNsH8ZzXRNuE3oKGWSZ3RS4XPvp-NuFblgRfm5JHZZNmg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 3816 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 21 Apr 2021 05:55:14 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 20 Apr 2026 05:55:14 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame F8A5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2440272a79827248096d04768920192fec05ae31627007a7cc0e15f223b2b8a5

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-type
text/html
set-cookie
__cfduid=d17cf8240402bd3fe47b3abbf872ad7f71618984515; expires=Fri, 21-May-21 05:55:15 GMT; path=/; domain=.quantumdex.io; HttpOnly; SameSite=Lax uid=67f58ed0-65d3-4788-939d-5dbb239fd8bd; expires=Tue, 11 May 2021 05:55:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0994984f8700004e32c89bc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLZVA4w48QNolfskzClQ9qhSxHD7Ae8pvquGOoJ2aONgKiROfYDdc71HRTI%2FgDBAtrBhC2HJ1qynJaJj5PRvIU98FNiNzfhsk1heFXhSGIJ%2FwnEo4hsdQk0wv3Xcafw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64345cc5a9964e32-FRA
content-encoding
br
Cookie set csync
sync.console.adtarget.com.tr/ Frame BADB 		43 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=ADt%2fzR1nPXA2QfBt
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 21 Apr 2021 05:55:15 GMT
Content-Type
image/gif
Content-Length
43
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=996ae665ca7a13c7; expires=Tue, 22 Jun 2021 05:55:15 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=ADt/zR1nPXA2QfBt; expires=Tue, 22 Jun 2021 05:55:15 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
GS.d
js.cookieless-data.com/ Frame 3816 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1618984515475
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 241F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=1ccb02afb9672607334ec2876...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
49 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=YH..QwLdEFh7y.Ej7jw0qwAA%261202
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
299
Expires
Wed, 21 Apr 2021 05:55:15 GMT
container.html
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9723 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 21 Apr 2021 05:55:15 GMT
expires
Thu, 21 Apr 2022 05:55:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831909828443"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:15 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3643 		478 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGLOm9ZQBMAE&v=APEucNXEjgYPOs56Ritk3cVgtQEetRij1B9OP5bCrRv44RHBPQl4HpqS_OAWOVqpp9j_LZcQA9BF2ZLILX96NeO8dR6ChdXq2A
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJjjZhCPtKICGLOm9ZQBMAE&v=APEucNXEjgYPOs56Ritk3cVgtQEetRij1B9OP5bCrRv44RHBPQl4HpqS_OAWOVqpp9j_LZcQA9BF2ZLILX96NeO8dR6ChdXq2A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnbqR_4al-KvAem2zulE1i5XEGxZPciKpCtvpGQBe9nZh6ekGZnrM1MZs7YaY4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 21 Apr 2021 05:55:15 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 21 Apr 2021 05:55:15 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9723 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy2V4rgrfUYnwExkGh0HyjLqIjRPkssCHWVMO3HrNQCbo_G3k-6-6mFQad2uxG-WmtrVNwaEKQ5-b6soNEtGJtIbfMcBmDBKLXY38tA7YoRlYyfCcwAraOwE2K9KHcVdUPSZ1UAkTUUCYZIqGCa7MFcIIKSw&dbm_d=AKAmf-CAWJDB2UX1ZacSj9Fcs3cZj7nq-HKUMcKy6r8nc2fJdkWz7RGJLgb1z8iHmgAseRFDOJ1x2HwsY0vlO2d2LIg-WnLLVfnUL-SzMCku0qb7CsfOyKvFDeZw5RwBZPqn0PhQJmSYNXpZ_ZY5-RKhHceWK8F_4xismtgHzt15qwyEzM0dcAbTiyhtbcYmXkYCV4AA8hOGFu2NRV-qcj0tjZWDDgv-DAcMfq-fDAKaNYvo3KiiVhdF63o39UT9t0hVQ4a7c5sPEIyNdr0TrYm-9AbdYLdaNO0V58HS0YtjvsQ5GcoELGqOuSVdT4JCTNkrwLQ0198mXe74Cx26_1xMC-9Ix-7ZVQFUYsM_RvBWUUgvHEP-6ja1S7cbQvxRTcHTDz7nyXnk9qFOB8M9Uq54KEsebVzAtlSIje_vTAzO9DaOl4IzS_gt1eddNndpxT8krJJ8MTfCfbAUGdV8vQ14jndt2WRdTcnnkVcR9nGbojPzqsXBtBcHpHDWZwScMFI1gGgPkzmU0_ih8eBXC4Wk9rTyuYVtZxC8MqY9wFkYHN-8IT8Bfquyqq5A7maNw5LkXm30BX61y5A_YTP8SgpUx_J0tSqeY5ofv0kUcu5IV5ISS63oEainEfNrrTUGjuHDp4XfrtJPVp-F2CUEQcJFwVGplSfn-P_PSMYakWIM-sdoDDYFiOBglHi1HaA8ze_-Jvw8kWioOXZtJjkdi-Yk6wndvwF1IozcWEC-O8F908SJ2f2Q82HC36hWAzdrvptrvK2HtOtUUWM7VTafN7Acpqg5psSm-Ln1RvgOVqHvaAr8A4VKL4TizQze9B-oM8SGddp47JNLf6K9waXLyw_TdtfEFIDqUYE2wWONqvpNDH69opRZkUQf8XGVqE-Hvf-DDUbh2nppYGwjRHStDFlXMwYBOJDxAQKb6EvYWe0Yp9TXVZHkH1D9OlqFig8p7HH_xSXBv1t7LnQ58LPGMxHPGADro7CSsC-fStnA_s8V8Wk6cwXkJ2QR-5Xb4yuAiS0LHnv2_VhS_S12qUJ9V6kHtwZGA5aZXXJViUWtImYt1WHPySLIweIHYJFLREs9crLzh_KabHntjWFJR7DUPmJ5IZEDRpylkHthy-7Nlv_3jPqrovGA25a1ppyS_Pv0dfI7XAtsqSlfhWqRauQbbb7DnQ3G7vZ8ejbvpoVPGqfilWt-sXGBIv9M0AsjG2sb_1QPWhsUS5026Nw4RiXTHXSrgVldwZc8aVkNawBttsWrJs_KEoCeiOA5gM0_6kslxsmF7EeBdTyOHdJrxDesLahK0gNgI-guHMHbpD0M2MwScxF_QuSYg2Z8GrdrNC-DCTxC8JQ6A4KhxOgToJRrcyQeRbsxhQXSHs5h8tbuEfVCa-2BrDdtBGKzlSA2Jia_lTy-_j6Dh92dPVekMjHyqs748HR7jLxXjyqrxRjgVzFkLra7qHCjYDv7itPzhZmYOblFaDQ8FSqBv-e7yLSzeUYS8LcWtm-LV-wgmYuNNsTeluq6IOy1JK20s3OqJMJm2O-jxFO2TOezjBoPYhSrUsOg5WiYVdkdb95znmmN_rJ677mZeOtXj4rZ11c-36lnZOTjLy_0WN0JzNiyPJxx5G_QKtyf180dCjOSF35VBltd5EnEVYWksY02sTIDkMu8fBDg6gIBCpjWLOm78v_bf4VJHv4Mr9LlDlTfXzeS_JHmiF-yTiFnLqNLj82aUESKbJLoIwDhu28nHXdyvuqoianN9hPaVRUlq6ndoLh2ZjNVDYvfuiF8zDIrsXhad1s0rZh-u4ejuPCApsIXuJTr8E6LB7NI9w3vZGFceOVmzqAXec1goE-ZnxQYEe0qJMl9elPqi2nGSlTKrb-4RTBYYpQGZNVIbjh_7ukPued8kjhXqT3dhkXeb2dT5oRE6kP_51doQ44L6ST4NWQ1p375mYPimb2tqJ44Ez8lL_gBXMOfSb7uctFeAvrlm0l3JgFN0NTDuQhDMplgr-swhpY5_lVEyNH4TibHsNmZBo8PPdFbuHECrhuiS-WACk6yjBAuNGfyClWvTA3Plb_UsUgG1Sh-m75AN11Lz6gVmC61polp_PIfWXCvOChgjeptJohxBFbw6oIRYnvgx6oohdO8UyGcZn7_7jasEYXhA7ZaRRD-QNrr3F_Fey2S6Vby3aG7XhPn406_FJOU3B4bYR8SA1EFfKvoVPv7QNi9tGAVF5TqQ2QTBHDR5tHylNkS55R6t2W4dEGZct1LvN_18lD_x_ZkgFltKqMi8qZYM7peCfAtbR81E5ztQsA1P42O464TPeduqcJdC-M1mQMcso5WHuPffBhCA0XrIm2EijZmXSpTYCwlCXNGH4k4oAbkYD3blrpxUHH5MBsAdYO4PuPybtVT2gQa9ZXpbNS5taekuCedYaU_rEHMw3cWpVkIcj84XRHXzHvaeEixepTPS6TV4jtygJ2-HSGLoWMoj5stEuZHnAJe84SBsOTm7hluws3_rrlPtgS2RvZbyOo0XqEkflUWwVzl1PCLB_tDOAAXljnfzDyS6elOOhsJm782QEvpjdO_oQd7P1d0GCCzyE_rDmAVkcWcUSfzBeWccE0AhLgwYJpzJtQhLwFxeVWdCZnzv0SdqXqh5CtbxUwFgmyJMpAG2kRTHFG__dxdHIag8NjiaBz_g-ID1l4o-Wp-Ki5sN473XEQGhLXUqxzLsnorNd8WEJg8lVdCvWsUW2oJ9YMNuNrgd1iPGx4f5Wc0w9eGefowhOS-5SA0VsM1xCnUl5jXg2ThFbC5mjwCdrljMHqPjmm0WwAYQT1IUfIU-iIZEmT3a1m_EQ3TWh57di1bbUN9vcvO9cQHIHGPE9C3wkQI3iAnfFSGV1HHrqVhRAY2V0DDR-7Ms4HlAfXnc_A3CRXgEFF775W5kNO5yRDJVXL7_O9W9jeu84UPQFNWCcKf-z4toCV-Uez8clsafl-tmv0f_Kx1eyqDPVsn4_vl9cPPdYeVxrk417AxJ7e1DCgUimI2rFP9W5aelr1y4vbg4392L2vOi6PaOlW_wobZuO2QJU0sNzKQtALKn2bFZkMMzdpnZbyKakP5loKYk7_fX7p28Yy0Sm6wldRhjYkLt7cx7ptlUYQDkoI9PeEkgBxcEaFjQTHGIUFq86uFHIQSGogqxqpCwymT1YxIYZVVDHdiF5H4F-t-HVOmiK_RgNpxoMInAkLlFolo&cid=CAASPeRoBTz54ZhZ1Er842ZVfTmDBPyfojJ-30C98pvIZTHz5xeM4SGTv8GZNW3CfEPH7gtjqTQPtkUWBXQq2Ko&rfl=1%2Chttps%253A%252F%252Fwww.ptonline.net%252F%240
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfe48cbead9fe57141e141e80074bb1df3e7028612b8fe59928195b9626bb728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23178
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9723 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8hx1UtYN2OCZoOc0rv1mvjRL8Y94CdzbP-rJoGAcCYrPI2TFdgrInZLq9IH74QgLDJe8aZPOPjrsuhGneexhhOhxm_vRrTwWTt_Xb3FSM1Kjed8Q
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9723 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:49:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9723 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 9723 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:51:33 GMT
l
www.google.com/ads/measurement/ Frame 9723 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRv6X7kjqn9lJa4852w6JeBqKCrIob1GsTfvWOpEKsqy2ZHeFEbSVmjf6MhWuXSURD9OH3p
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/ Frame 241F
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=8675c7b1d3a9941b1d0e8b5cd8775a59a8dc5e0b752eebcc9115fa535f0f590b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d6924808...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=8675c7b1d3a9941b1d0e8b5cd8775a59a8dc5e0b752eebcc9115fa535f0f590b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140d69...
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=42&gdpr=0&tpuid=5552835721824521810
49 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=42&gdpr=0&tpuid=5552835721824521810
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
nginx
location
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/img?tpid=42&gdpr=0&tpuid=5552835721824521810
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
sync.quantumdex.io/ Frame F8A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1500623958703733180
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1500623958703733180
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CuvI5penvWwYCFDyp8%2F2FCAIhw65uAHOi6bT0A2FnkmJcOgibou14vIAXrV2ba3Et4JfQ7KXJqaS6WhbdxDK7bggKrNFMf83KSulZTDLIOL7%2B3bbY8wHXOZ7M4jT3oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64345cc6ebaa4e32-FRA
content-length
43
cf-request-id
099498505400004e3287aa5000000001

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid
f7143558-2e72-447f-a51e-9ebbe3bce703
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1500623958703733180
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F8A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1500623958703733180
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1500623958703733180
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jK3Zj4lAIOnW1%2BUDUDTb6HhOg2LLVHeYP4u4snMEdsTzU6mP%2B1IIz2h%2BYs01yIDhMVSkRC2SvkoVFEjVL10YSMfJ91xcGBeGcB2duMuZYReFhxb%2Fz9itTzQf14gKGY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64345cc6ebad4e32-FRA
content-length
43
cf-request-id
099498505700004e32edbc5000000001

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
5acd880e-88d9-4435-8fdf-5007de897de6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1500623958703733180
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame F8A5
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
  • https://sync.quantumdex.io/setuid?bidder=sonobi&uid=2a388928-f611-40fb-a7b1-556dd136e6be
43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=2a388928-f611-40fb-a7b1-556dd136e6be
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B5FcWxeIOFh20WIsMFo7kFi8Wyq0xK48SPU3jjNsyIMLjoB42XbZXX0I3RAahmks%2FFxUJz96LSF9Lu%2FfnYj8L1sSk1f4XHq5bZl%2FOjw5CDv4ZwEKf4Uas6Ed%2F3CHPzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64345cc79ca14e32-FRA
content-length
43
cf-request-id
09949850ba00004e32b402b000000001

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://sync.quantumdex.io/setuid?bidder=sonobi&uid=2a388928-f611-40fb-a7b1-556dd136e6be
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame F8A5
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=ee3db00f-02b5-526f-8a57-2f18ea28915b
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=ee3db00f-02b5-526f-8a57-2f18ea28915b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Z76GwaNClSOqDy4WKXcnloc2SYnsiHQ5WVjr4PWIbptFAxxwTIgCN2cOZGLvMvdeb8WlrjH%2BEJZeEmm7Qt%2F5pzQWmDb4ZwBaYRo1C4gJdnvBmIadJKj9Q9qOkXrTTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64345cc94f744e32-FRA
content-length
43
cf-request-id
09949851ca00004e32c13cf000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=ee3db00f-02b5-526f-8a57-2f18ea28915b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame F8A5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-q_i0PIZE2uEpebia_it08c37W7A.si11kMIZavM-~A
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-q_i0PIZE2uEpebia_it08c37W7A.si11kMIZavM-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1lOm3ZmeXY0XNU42QkQYytg0WLiHFrXujhuQXv7m5h3aWB6veZMU%2Fho5khr60RHP5ZUuk0OHcfUd9i5lsLEM2oWVvEpI3D2Jul1mEZmUHxTWrYsn3wUEMjdnYhdj%2BnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64345cc6eb9a4e32-FRA
content-length
43
cf-request-id
099498504e00004e32eeb76000000001

Redirect headers

Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-q_i0PIZE2uEpebia_it08c37W7A.si11kMIZavM-~A
Connection
keep-alive
Content-Length
0
um
sync.e-planning.net/ Frame F8A5 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=67f58ed0-65d3-4788-939d-5dbb239fd8bd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
server
openresty
content-type
image/gif
/
onetag-sys.com/usync/ Frame BCF8 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
/
de.tynt.com/deb/ Frame E214
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
774 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
508af9280405aecc35c5bc8eb4682c8c043977a49e313abc8f19d1007401245b

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=CmUMLmB/vkMCZP5OfzCtAg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
set-cookie
pids=%5B%5D;Version=1;Domain=tynt.com;Path=/;Max-Age=7776000;Secure;SameSite=None
content-type
text/html
content-length
774
date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

server
nginx/1.16.1
date
Wed, 21 Apr 2021 05:55:15 GMT
content-type
text/html; charset=utf-8
content-length
171
location
https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
set-cookie
uid=CmUMLmB/vkMCZP5OfzCtAg==; expires=Thu, 21-Apr-22 05:55:15 GMT; domain=tynt.com; path=/; Secure; SameSite=None
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
Cookie set uc.html
sync.go.sonobi.com/ Frame 0553 		884 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
0aacf9f9bb317571931f09468c2b03be8600f7ac44a75b0aaf19f06f8c202de3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Wed, 21 Apr 2021 05:55:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Set-Cookie
__uqc=1; expires=Wed, 21 Apr 2021 07:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uis=9667915c-8d0a-4367-8f01-c934455cc24d; expires=Fri, 21 May 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bw=1; expires=Wed, 21 Apr 2021 17:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_td=1; expires=Thu, 22 Apr 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_mm=1; expires=Thu, 06 May 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_pp=1; expires=Tue, 04 May 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_rx=1; expires=Thu, 06 May 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_zt=1; expires=Tue, 04 May 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_eb=1; expires=Tue, 04 May 2021 05:55:14 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5S=s579|YH++R; path=/; domain=.go.sonobi.com
Content-Encoding
gzip
Server
sonobi-go
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 0F70 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56b8ca084904656708c99101577be9f649c90fbc3b21943de4c70b6a07d43d32

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YH..QwLdEFh7y.Ej7jw0qwAA; CMPS=3272; CMPRO=1202; CMST=YH++Q2B-vkMA; CMRUM3=dd607fbe4327600&49607fbe4305a00&bc607fbe4305a00&f1607fbe4305a0&04607fbe4305a0&2d607fbe432760CAESEDyJW2BENajX0Bzdu0PVoGM&e6607fbe4327600&27607fbe430b40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|130|88|206|13|31|105|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1598
Expires
Wed, 21 Apr 2021 05:55:15 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Connection
keep-alive
Set-Cookie
CMID=YH..QwLdEFh7y.Ej7jw0qwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Apr 2022 05:55:15 GMT CMPS=3272;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 20 Jul 2021 05:55:15 GMT CMPRO=1202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 20 Jul 2021 05:55:15 GMT CMRUM3=98607fbe4305a00&dd607fbe4327600&82607fbe43a8c0&ce607fbe4305a00&49607fbe4305a00&bc607fbe4305a00&f1607fbe4305a0&69607fbe4305a0&2d607fbe432760CAESEDyJW2BENajX0Bzdu0PVoGM&2e607fbe4305a0&58607fbe4305a0&1f607fbe4305a00&0d607fbe4305a0&04607fbe4305a0&e6607fbe4327600&27607fbe430b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 21 Apr 2022 05:55:15 GMT
pixel
cm.g.doubleclick.net/ Frame 3643 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGLOm9ZQBMAE&v=APEucNXEjgYPOs56Ritk3cVgtQEetRij1B9OP5bCrRv44RHBPQl4HpqS_OAWOVqpp9j_LZcQA9BF2ZLILX96NeO8dR6ChdXq2A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGLOm9ZQBMAE&v=APEucNXEjgYPOs56Ritk3cVgtQEetRij1B9OP5bCrRv44RHBPQl4HpqS_OAWOVqpp9j_LZcQA9BF2ZLILX96NeO8dR6ChdXq2A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3643
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YH..QwLdEFh7y.Ej7jw0qwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGLOm9ZQBMAE&v=APEucNXEjgYPOs56Ritk3cVgtQEetRij1B9OP5bCrRv44RHBPQl4HpqS_OAWOVqpp9j_LZcQA9BF2ZLILX96NeO8dR6ChdXq2A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyJW2BENajX0Bzdu0PVoGM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 9723 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 19:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37782
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Apr 2021 19:25:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame 9723 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy2V4rgrfUYnwExkGh0HyjLqIjRPkssCHWVMO3HrNQCbo_G3k-6-6mFQad2uxG-WmtrVNwaEKQ5-b6soNEtGJtIbfMcBmDBKLXY38tA7YoRlYyfCcwAraOwE2K9KHcVdUPSZ1UAkTUUCYZIqGCa7MFcIIKSw&dbm_d=AKAmf-CAWJDB2UX1ZacSj9Fcs3cZj7nq-HKUMcKy6r8nc2fJdkWz7RGJLgb1z8iHmgAseRFDOJ1x2HwsY0vlO2d2LIg-WnLLVfnUL-SzMCku0qb7CsfOyKvFDeZw5RwBZPqn0PhQJmSYNXpZ_ZY5-RKhHceWK8F_4xismtgHzt15qwyEzM0dcAbTiyhtbcYmXkYCV4AA8hOGFu2NRV-qcj0tjZWDDgv-DAcMfq-fDAKaNYvo3KiiVhdF63o39UT9t0hVQ4a7c5sPEIyNdr0TrYm-9AbdYLdaNO0V58HS0YtjvsQ5GcoELGqOuSVdT4JCTNkrwLQ0198mXe74Cx26_1xMC-9Ix-7ZVQFUYsM_RvBWUUgvHEP-6ja1S7cbQvxRTcHTDz7nyXnk9qFOB8M9Uq54KEsebVzAtlSIje_vTAzO9DaOl4IzS_gt1eddNndpxT8krJJ8MTfCfbAUGdV8vQ14jndt2WRdTcnnkVcR9nGbojPzqsXBtBcHpHDWZwScMFI1gGgPkzmU0_ih8eBXC4Wk9rTyuYVtZxC8MqY9wFkYHN-8IT8Bfquyqq5A7maNw5LkXm30BX61y5A_YTP8SgpUx_J0tSqeY5ofv0kUcu5IV5ISS63oEainEfNrrTUGjuHDp4XfrtJPVp-F2CUEQcJFwVGplSfn-P_PSMYakWIM-sdoDDYFiOBglHi1HaA8ze_-Jvw8kWioOXZtJjkdi-Yk6wndvwF1IozcWEC-O8F908SJ2f2Q82HC36hWAzdrvptrvK2HtOtUUWM7VTafN7Acpqg5psSm-Ln1RvgOVqHvaAr8A4VKL4TizQze9B-oM8SGddp47JNLf6K9waXLyw_TdtfEFIDqUYE2wWONqvpNDH69opRZkUQf8XGVqE-Hvf-DDUbh2nppYGwjRHStDFlXMwYBOJDxAQKb6EvYWe0Yp9TXVZHkH1D9OlqFig8p7HH_xSXBv1t7LnQ58LPGMxHPGADro7CSsC-fStnA_s8V8Wk6cwXkJ2QR-5Xb4yuAiS0LHnv2_VhS_S12qUJ9V6kHtwZGA5aZXXJViUWtImYt1WHPySLIweIHYJFLREs9crLzh_KabHntjWFJR7DUPmJ5IZEDRpylkHthy-7Nlv_3jPqrovGA25a1ppyS_Pv0dfI7XAtsqSlfhWqRauQbbb7DnQ3G7vZ8ejbvpoVPGqfilWt-sXGBIv9M0AsjG2sb_1QPWhsUS5026Nw4RiXTHXSrgVldwZc8aVkNawBttsWrJs_KEoCeiOA5gM0_6kslxsmF7EeBdTyOHdJrxDesLahK0gNgI-guHMHbpD0M2MwScxF_QuSYg2Z8GrdrNC-DCTxC8JQ6A4KhxOgToJRrcyQeRbsxhQXSHs5h8tbuEfVCa-2BrDdtBGKzlSA2Jia_lTy-_j6Dh92dPVekMjHyqs748HR7jLxXjyqrxRjgVzFkLra7qHCjYDv7itPzhZmYOblFaDQ8FSqBv-e7yLSzeUYS8LcWtm-LV-wgmYuNNsTeluq6IOy1JK20s3OqJMJm2O-jxFO2TOezjBoPYhSrUsOg5WiYVdkdb95znmmN_rJ677mZeOtXj4rZ11c-36lnZOTjLy_0WN0JzNiyPJxx5G_QKtyf180dCjOSF35VBltd5EnEVYWksY02sTIDkMu8fBDg6gIBCpjWLOm78v_bf4VJHv4Mr9LlDlTfXzeS_JHmiF-yTiFnLqNLj82aUESKbJLoIwDhu28nHXdyvuqoianN9hPaVRUlq6ndoLh2ZjNVDYvfuiF8zDIrsXhad1s0rZh-u4ejuPCApsIXuJTr8E6LB7NI9w3vZGFceOVmzqAXec1goE-ZnxQYEe0qJMl9elPqi2nGSlTKrb-4RTBYYpQGZNVIbjh_7ukPued8kjhXqT3dhkXeb2dT5oRE6kP_51doQ44L6ST4NWQ1p375mYPimb2tqJ44Ez8lL_gBXMOfSb7uctFeAvrlm0l3JgFN0NTDuQhDMplgr-swhpY5_lVEyNH4TibHsNmZBo8PPdFbuHECrhuiS-WACk6yjBAuNGfyClWvTA3Plb_UsUgG1Sh-m75AN11Lz6gVmC61polp_PIfWXCvOChgjeptJohxBFbw6oIRYnvgx6oohdO8UyGcZn7_7jasEYXhA7ZaRRD-QNrr3F_Fey2S6Vby3aG7XhPn406_FJOU3B4bYR8SA1EFfKvoVPv7QNi9tGAVF5TqQ2QTBHDR5tHylNkS55R6t2W4dEGZct1LvN_18lD_x_ZkgFltKqMi8qZYM7peCfAtbR81E5ztQsA1P42O464TPeduqcJdC-M1mQMcso5WHuPffBhCA0XrIm2EijZmXSpTYCwlCXNGH4k4oAbkYD3blrpxUHH5MBsAdYO4PuPybtVT2gQa9ZXpbNS5taekuCedYaU_rEHMw3cWpVkIcj84XRHXzHvaeEixepTPS6TV4jtygJ2-HSGLoWMoj5stEuZHnAJe84SBsOTm7hluws3_rrlPtgS2RvZbyOo0XqEkflUWwVzl1PCLB_tDOAAXljnfzDyS6elOOhsJm782QEvpjdO_oQd7P1d0GCCzyE_rDmAVkcWcUSfzBeWccE0AhLgwYJpzJtQhLwFxeVWdCZnzv0SdqXqh5CtbxUwFgmyJMpAG2kRTHFG__dxdHIag8NjiaBz_g-ID1l4o-Wp-Ki5sN473XEQGhLXUqxzLsnorNd8WEJg8lVdCvWsUW2oJ9YMNuNrgd1iPGx4f5Wc0w9eGefowhOS-5SA0VsM1xCnUl5jXg2ThFbC5mjwCdrljMHqPjmm0WwAYQT1IUfIU-iIZEmT3a1m_EQ3TWh57di1bbUN9vcvO9cQHIHGPE9C3wkQI3iAnfFSGV1HHrqVhRAY2V0DDR-7Ms4HlAfXnc_A3CRXgEFF775W5kNO5yRDJVXL7_O9W9jeu84UPQFNWCcKf-z4toCV-Uez8clsafl-tmv0f_Kx1eyqDPVsn4_vl9cPPdYeVxrk417AxJ7e1DCgUimI2rFP9W5aelr1y4vbg4392L2vOi6PaOlW_wobZuO2QJU0sNzKQtALKn2bFZkMMzdpnZbyKakP5loKYk7_fX7p28Yy0Sm6wldRhjYkLt7cx7ptlUYQDkoI9PeEkgBxcEaFjQTHGIUFq86uFHIQSGogqxqpCwymT1YxIYZVVDHdiF5H4F-t-HVOmiK_RgNpxoMInAkLlFolo&cid=CAASPeRoBTz54ZhZ1Er842ZVfTmDBPyfojJ-30C98pvIZTHz5xeM4SGTv8GZNW3CfEPH7gtjqTQPtkUWBXQq2Ko&rfl=1%2Chttps%253A%252F%252Fwww.ptonline.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:51:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 9723 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy2V4rgrfUYnwExkGh0HyjLqIjRPkssCHWVMO3HrNQCbo_G3k-6-6mFQad2uxG-WmtrVNwaEKQ5-b6soNEtGJtIbfMcBmDBKLXY38tA7YoRlYyfCcwAraOwE2K9KHcVdUPSZ1UAkTUUCYZIqGCa7MFcIIKSw&dbm_d=AKAmf-CAWJDB2UX1ZacSj9Fcs3cZj7nq-HKUMcKy6r8nc2fJdkWz7RGJLgb1z8iHmgAseRFDOJ1x2HwsY0vlO2d2LIg-WnLLVfnUL-SzMCku0qb7CsfOyKvFDeZw5RwBZPqn0PhQJmSYNXpZ_ZY5-RKhHceWK8F_4xismtgHzt15qwyEzM0dcAbTiyhtbcYmXkYCV4AA8hOGFu2NRV-qcj0tjZWDDgv-DAcMfq-fDAKaNYvo3KiiVhdF63o39UT9t0hVQ4a7c5sPEIyNdr0TrYm-9AbdYLdaNO0V58HS0YtjvsQ5GcoELGqOuSVdT4JCTNkrwLQ0198mXe74Cx26_1xMC-9Ix-7ZVQFUYsM_RvBWUUgvHEP-6ja1S7cbQvxRTcHTDz7nyXnk9qFOB8M9Uq54KEsebVzAtlSIje_vTAzO9DaOl4IzS_gt1eddNndpxT8krJJ8MTfCfbAUGdV8vQ14jndt2WRdTcnnkVcR9nGbojPzqsXBtBcHpHDWZwScMFI1gGgPkzmU0_ih8eBXC4Wk9rTyuYVtZxC8MqY9wFkYHN-8IT8Bfquyqq5A7maNw5LkXm30BX61y5A_YTP8SgpUx_J0tSqeY5ofv0kUcu5IV5ISS63oEainEfNrrTUGjuHDp4XfrtJPVp-F2CUEQcJFwVGplSfn-P_PSMYakWIM-sdoDDYFiOBglHi1HaA8ze_-Jvw8kWioOXZtJjkdi-Yk6wndvwF1IozcWEC-O8F908SJ2f2Q82HC36hWAzdrvptrvK2HtOtUUWM7VTafN7Acpqg5psSm-Ln1RvgOVqHvaAr8A4VKL4TizQze9B-oM8SGddp47JNLf6K9waXLyw_TdtfEFIDqUYE2wWONqvpNDH69opRZkUQf8XGVqE-Hvf-DDUbh2nppYGwjRHStDFlXMwYBOJDxAQKb6EvYWe0Yp9TXVZHkH1D9OlqFig8p7HH_xSXBv1t7LnQ58LPGMxHPGADro7CSsC-fStnA_s8V8Wk6cwXkJ2QR-5Xb4yuAiS0LHnv2_VhS_S12qUJ9V6kHtwZGA5aZXXJViUWtImYt1WHPySLIweIHYJFLREs9crLzh_KabHntjWFJR7DUPmJ5IZEDRpylkHthy-7Nlv_3jPqrovGA25a1ppyS_Pv0dfI7XAtsqSlfhWqRauQbbb7DnQ3G7vZ8ejbvpoVPGqfilWt-sXGBIv9M0AsjG2sb_1QPWhsUS5026Nw4RiXTHXSrgVldwZc8aVkNawBttsWrJs_KEoCeiOA5gM0_6kslxsmF7EeBdTyOHdJrxDesLahK0gNgI-guHMHbpD0M2MwScxF_QuSYg2Z8GrdrNC-DCTxC8JQ6A4KhxOgToJRrcyQeRbsxhQXSHs5h8tbuEfVCa-2BrDdtBGKzlSA2Jia_lTy-_j6Dh92dPVekMjHyqs748HR7jLxXjyqrxRjgVzFkLra7qHCjYDv7itPzhZmYOblFaDQ8FSqBv-e7yLSzeUYS8LcWtm-LV-wgmYuNNsTeluq6IOy1JK20s3OqJMJm2O-jxFO2TOezjBoPYhSrUsOg5WiYVdkdb95znmmN_rJ677mZeOtXj4rZ11c-36lnZOTjLy_0WN0JzNiyPJxx5G_QKtyf180dCjOSF35VBltd5EnEVYWksY02sTIDkMu8fBDg6gIBCpjWLOm78v_bf4VJHv4Mr9LlDlTfXzeS_JHmiF-yTiFnLqNLj82aUESKbJLoIwDhu28nHXdyvuqoianN9hPaVRUlq6ndoLh2ZjNVDYvfuiF8zDIrsXhad1s0rZh-u4ejuPCApsIXuJTr8E6LB7NI9w3vZGFceOVmzqAXec1goE-ZnxQYEe0qJMl9elPqi2nGSlTKrb-4RTBYYpQGZNVIbjh_7ukPued8kjhXqT3dhkXeb2dT5oRE6kP_51doQ44L6ST4NWQ1p375mYPimb2tqJ44Ez8lL_gBXMOfSb7uctFeAvrlm0l3JgFN0NTDuQhDMplgr-swhpY5_lVEyNH4TibHsNmZBo8PPdFbuHECrhuiS-WACk6yjBAuNGfyClWvTA3Plb_UsUgG1Sh-m75AN11Lz6gVmC61polp_PIfWXCvOChgjeptJohxBFbw6oIRYnvgx6oohdO8UyGcZn7_7jasEYXhA7ZaRRD-QNrr3F_Fey2S6Vby3aG7XhPn406_FJOU3B4bYR8SA1EFfKvoVPv7QNi9tGAVF5TqQ2QTBHDR5tHylNkS55R6t2W4dEGZct1LvN_18lD_x_ZkgFltKqMi8qZYM7peCfAtbR81E5ztQsA1P42O464TPeduqcJdC-M1mQMcso5WHuPffBhCA0XrIm2EijZmXSpTYCwlCXNGH4k4oAbkYD3blrpxUHH5MBsAdYO4PuPybtVT2gQa9ZXpbNS5taekuCedYaU_rEHMw3cWpVkIcj84XRHXzHvaeEixepTPS6TV4jtygJ2-HSGLoWMoj5stEuZHnAJe84SBsOTm7hluws3_rrlPtgS2RvZbyOo0XqEkflUWwVzl1PCLB_tDOAAXljnfzDyS6elOOhsJm782QEvpjdO_oQd7P1d0GCCzyE_rDmAVkcWcUSfzBeWccE0AhLgwYJpzJtQhLwFxeVWdCZnzv0SdqXqh5CtbxUwFgmyJMpAG2kRTHFG__dxdHIag8NjiaBz_g-ID1l4o-Wp-Ki5sN473XEQGhLXUqxzLsnorNd8WEJg8lVdCvWsUW2oJ9YMNuNrgd1iPGx4f5Wc0w9eGefowhOS-5SA0VsM1xCnUl5jXg2ThFbC5mjwCdrljMHqPjmm0WwAYQT1IUfIU-iIZEmT3a1m_EQ3TWh57di1bbUN9vcvO9cQHIHGPE9C3wkQI3iAnfFSGV1HHrqVhRAY2V0DDR-7Ms4HlAfXnc_A3CRXgEFF775W5kNO5yRDJVXL7_O9W9jeu84UPQFNWCcKf-z4toCV-Uez8clsafl-tmv0f_Kx1eyqDPVsn4_vl9cPPdYeVxrk417AxJ7e1DCgUimI2rFP9W5aelr1y4vbg4392L2vOi6PaOlW_wobZuO2QJU0sNzKQtALKn2bFZkMMzdpnZbyKakP5loKYk7_fX7p28Yy0Sm6wldRhjYkLt7cx7ptlUYQDkoI9PeEkgBxcEaFjQTHGIUFq86uFHIQSGogqxqpCwymT1YxIYZVVDHdiF5H4F-t-HVOmiK_RgNpxoMInAkLlFolo&cid=CAASPeRoBTz54ZhZ1Er842ZVfTmDBPyfojJ-30C98pvIZTHz5xeM4SGTv8GZNW3CfEPH7gtjqTQPtkUWBXQq2Ko&rfl=1%2Chttps%253A%252F%252Fwww.ptonline.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
15267579076523134137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:54:35 GMT
crum
dsum-sec.casalemedia.com/ Frame 0F70
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1500623958703733180
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1500623958703733180
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid
ba83a97e-f95a-4e0b-b5f5-53dd68ea8c5f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1500623958703733180
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 0F70 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0F70
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YH__QwAAU6QPnQAC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH__QwAAU6QPnQAC&_test=YH__QwAAU6QPnQAC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH__QwAAU6QPnQAC&_test=YH__QwAAU6QPnQAC
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618984516.831613,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YH__QwAAU6QPnQAC&_test=YH__QwAAU6QPnQAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0F70
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
43 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 0F70
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0623220438f66a45d73d8cc2&expiration=[EXPIRATION]
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0623220438f66a45d73d8cc2&expiration=[EXPIRATION]&C=1
43 B
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0623220438f66a45d73d8cc2&expiration=[EXPIRATION]&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:19 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0623220438f66a45d73d8cc2&expiration=[EXPIRATION]&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
316
Expires
Wed, 21 Apr 2021 05:55:19 GMT
noop
px.owneriq.net/ Frame 0F70
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6722709221482085691&uid=Q6722709221482085691&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 0F70
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:23 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 21 Apr 2021 05:55:23 GMT
server
nginx/1.18.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 0F70
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=755e5f82-a85d-4b1e-bec9-be6d65020b3e
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=755e5f82-a85d-4b1e-bec9-be6d65020b3e&C=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=755e5f82-a85d-4b1e-bec9-be6d65020b3e&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 21 Apr 2021 05:55:19 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=755e5f82-a85d-4b1e-bec9-be6d65020b3e&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
301
Expires
Wed, 21 Apr 2021 05:55:19 GMT
setuid
sync.quantumdex.io/ Frame 0F70 		43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YH--QwLdEFh7y-Ej7jw0qwAABLIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jvCwhopnB%2BHKq1Q9ZTPgCyK3B9kBH%2B4%2BAnDCHf%2BkQoP0TiODCo2jak0mDc%2Bfpq76EjLnnPJqD6Cd3vnlO5%2F5jTTXvpwEKVxBCEDvhcCsbNEwp6b%2FmfsxG0DogzNWe5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
64345cc71c064e32-FRA
content-length
43
cf-request-id
099498507400004e32ab3a6000000001
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9723 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 10:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70087
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:27:08 GMT
truncated
/ Frame 9723 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78fe1c46f2d4251b1e3ece55347d8d603b7380ee0691df19805a8ed90b9fa508

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DA65 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 20 Apr 2021 14:36:31 GMT
expires
Wed, 20 Apr 2022 14:36:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55124
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		166 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1605078249191/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f612b17f06a64bcf4683b3b04e54c313ede809fe59d10ffc691b80abdf4ff6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9506911/1605078249191/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
25581
date
Wed, 21 Apr 2021 05:32:56 GMT
expires
Thu, 22 Apr 2021 05:32:56 GMT
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
1339
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9723 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEPOq5Xpj1c3zCQPIGp0cataGOClrOagU0V72IKKUvDzXOnk8-0-sRGiW9keGWPcsqwpRAvg4UB0BfFF-_XASUSe9E6Oxs3K-u7i0zGNjp8_bN_07xujHrQp8UJNzZcnIDXViKWztw_Z9vrseAoZcZVMnp8rO0sQ5uwxnAyj_Tx3l24U62mi97scFbY8OPg1I3Yj6vwHPb5tcYFfH7L23Inoj3Yf9vHVbIFMOSPhR1Y8xG0lpfbgNI9tbqxX4elM1XDq-Us0NzKktxw7Xu0hWx9iAqrvqWNO3gdKcav5P4499kAsctVn2hL3NOBXIING6TsKDalYflr71PLuWqVrpxwUDEQXL--DybIROs6_WcDdpCqdtPyUU0_g-z2ZBHxqMkTAUSs8z-nNk2ccb4zl-ijfeQP_whH9XpZyCnrH39e8v78TGi9NYsJLLh2vY6t30iZNeXFrZw9ZwC76IMyt-q6zOwwmKt67R5Z0z9-8rqk_Iypo7-nk1-bPsR_emCkizZQAWzOjX6Uobehetj09rYNTnmGYJm9HbY7odvfHZf0FHl7J_BmMpBPEO_YN0BABa3J-xfPQHn2Bx4kUajj5HAmydARegJ1XCkmaA97D398GwgptOmga2q3z9Tf8WiZUAAckoajPdVsOFRm66Aq9B2n94T86-lH4iHL6wQ9uBfDSCGzmAOqxftshnu6uvc22rcQElqlXhLU70WrbFhb4ECtIsUMPjjcdcxICC0duXmso18SkE3rr9tyqpZb72VhyretIveMcX1oMEP1xY612FDwdDq7mAOZmlYuxaAS46wIfAbuKGnjSvYk6jG0Kcd1R5NjWcuQUWkv3QbX12xkehJPdvYwxDCVhci9wCX8D17Bv4KxWzdWvL3qVXsL9iKl60B4d57wnOfhOo1OJXGF_NxrIN58fByUfDkmpkK1doTnj60ch0b0NUhx_zC4P0g09wUeG1P5AH0u6BCUAVjpf7fmqiUuH3SyY1pe4VqjnEoLGUMJojwDXPZwV8He3FcsVHr1fhRHg_JWagCmv7DFR9XP2fow7EUQppe2PGBsVc8NB07OuHbkNtzA8ukXqlCFsMnC_K4fzIXWazJbJgKanbV3e0kSNohLVq7hbxNUECgejhLi_3zi104-uYfg7eRbzK_J7S2Ct1kz9wiK79mnAA7VWnb3l1g2wlOShja6Jf5We5ma5lkoVZSGKSggKAAq5K07oJHfaaQ4tGJWKHh0dbL9RCmE96PNizIsCMgt8TKgBXUmimf7C4LOUzE54s0&sai=AMfl-YTC0I6N2OTdTUvkuYQx5XbNGSt2t3wGBmPcbxU9TzPXLmMm3BgcWio47nmrpePc2sRWNvpMDP5PiLJcNfI3t_L3WdHHu7W2qIWJhlFth_z5vNr0QTqbHvulyNqIiR33cWrIKjWi08VqA0vZD0ZvveZJicem1x3Q20Q0cWSv9ctU81qYjHVetiDNpiKv_zVS9yUp5xF-z_7f-xLXS7Z3wHgcHfbzVUrtq6Zwh7z0nhzsWFrDMST65eWKuVwbsNghXQ&sig=Cg0ArKJSzK2tfs_LS9I3EAE&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=105&cisv=r20210415.91915&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 21 Apr 2021 05:55:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
us.gif
sync.go.sonobi.com/ Frame 0553
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&bsw_user_id=9072911b-3954-4807-b04f-cb56b03d8384
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi&bsw_user_id=9072911b-3954-4807-b04f-cb56b03d8384
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ec1a1380-9377-4e25-8ec0-b75032492fee&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9072911b-3954-4807-b04f-cb56b03d8384
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9072911b-3954-4807-b04f-cb56b03d8384
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=9072911b-3954-4807-b04f-cb56b03d8384
date
Wed, 21 Apr 2021 05:55:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/ Frame 0553
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4d443a3ea2
49 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4d443a3ea2
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4d443a3ea2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/ Frame 0553
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
49 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:09 GMT
Server
MT3 3660 495c301 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 21 Apr 2021 05:55:08 GMT
rtset
bh.contextweb.com/bh/ Frame 0553
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=9667915c-8d0a-4367-8f01-c934455cc24d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=T0F5YUVvalN5ZmswX0xlOVhtcVZNQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEpRTAhLsWLYSajdGi4uhMU&google_cver=1
49 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEpRTAhLsWLYSajdGi4uhMU&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-7c488d4f5b-q7vxw
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEpRTAhLsWLYSajdGi4uhMU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 0553
Redirect Chain
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=438280698
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=438280698
  • https://sync.1rx.io/usersync/tradedesk/ccd80e17-7f4b-403d-b333-1e186ad90222
  • https://sync.targeting.unrulymedia.com/csync/RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-01aeb30f-6c31-49e1-add9-bfa...
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
49 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
date
Wed, 21 Apr 2021 05:55:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX01aeb30f6c3149e1add9bfaa0904b50a003
content-type
text/html
us.gif
sync.go.sonobi.com/ Frame 0553
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471594465557388
49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471594465557388
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1870471594465557388
Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usg.gif
sync.go.sonobi.com/ Frame 0553
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=OTY2NzkxNWMtOGQwYS00MzY3LThmMDEtYzkzNDQ1NWNjMjRk
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGgT_koUiJp9aUI5-2XCz0Y&google_cver=1
49 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGgT_koUiJp9aUI5-2XCz0Y&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:15 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGgT_koUiJp9aUI5-2XCz0Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 241F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b3389716-179a-4aba-998e-bfdca856ca4c
49 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b3389716-179a-4aba-998e-bfdca856ca4c
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Wed, 21 Apr 2021 05:55:16 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=b3389716-179a-4aba-998e-bfdca856ca4c
cache-control
no-cache
server-processing-duration-in-ticks
2974
content-type
text/html; charset=utf-8
content-length
237
expires
Wed, 21 Apr 2021 00:00:00 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame DA65 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27932
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 20 Apr 2022 22:09:43 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 0C5C 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1605078249191/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 04:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5187
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Apr 2021 04:28:48 GMT
CoopCondBd.woff
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1605078249191/CoopCondBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1605078249191/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 09:09:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
74742
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29944
x-xss-protection
0
expires
Wed, 21 Apr 2021 09:09:33 GMT
CoopBd.woff
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9506911/1605078249191/CoopBd.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1605078249191/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 09:09:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
74742
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32612
x-xss-protection
0
expires
Wed, 21 Apr 2021 09:09:33 GMT
container.html
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 78A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 21 Apr 2021 05:55:15 GMT
expires
Thu, 21 Apr 2022 05:55:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9723 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEPOq5Xpj1c3zCQPIGp0cataGOClrOagU0V72IKKUvDzXOnk8-0-sRGiW9keGWPcsqwpRAvg4UB0BfFF-_XASUSe9E6Oxs3K-u7i0zGNjp8_bN_07xujHrQp8UJNzZcnIDXViKWztw_Z9vrseAoZcZVMnp8rO0sQ5uwxnAyj_Tx3l24U62mi97scFbY8OPg1I3Yj6vwHPb5tcYFfH7L23Inoj3Yf9vHVbIFMOSPhR1Y8xG0lpfbgNI9tbqxX4elM1XDq-Us0NzKktxw7Xu0hWx9iAqrvqWNO3gdKcav5P4499kAsctVn2hL3NOBXIING6TsKDalYflr71PLuWqVrpxwUDEQXL--DybIROs6_WcDdpCqdtPyUU0_g-z2ZBHxqMkTAUSs8z-nNk2ccb4zl-ijfeQP_whH9XpZyCnrH39e8v78TGi9NYsJLLh2vY6t30iZNeXFrZw9ZwC76IMyt-q6zOwwmKt67R5Z0z9-8rqk_Iypo7-nk1-bPsR_emCkizZQAWzOjX6Uobehetj09rYNTnmGYJm9HbY7odvfHZf0FHl7J_BmMpBPEO_YN0BABa3J-xfPQHn2Bx4kUajj5HAmydARegJ1XCkmaA97D398GwgptOmga2q3z9Tf8WiZUAAckoajPdVsOFRm66Aq9B2n94T86-lH4iHL6wQ9uBfDSCGzmAOqxftshnu6uvc22rcQElqlXhLU70WrbFhb4ECtIsUMPjjcdcxICC0duXmso18SkE3rr9tyqpZb72VhyretIveMcX1oMEP1xY612FDwdDq7mAOZmlYuxaAS46wIfAbuKGnjSvYk6jG0Kcd1R5NjWcuQUWkv3QbX12xkehJPdvYwxDCVhci9wCX8D17Bv4KxWzdWvL3qVXsL9iKl60B4d57wnOfhOo1OJXGF_NxrIN58fByUfDkmpkK1doTnj60ch0b0NUhx_zC4P0g09wUeG1P5AH0u6BCUAVjpf7fmqiUuH3SyY1pe4VqjnEoLGUMJojwDXPZwV8He3FcsVHr1fhRHg_JWagCmv7DFR9XP2fow7EUQppe2PGBsVc8NB07OuHbkNtzA8ukXqlCFsMnC_K4fzIXWazJbJgKanbV3e0kSNohLVq7hbxNUECgejhLi_3zi104-uYfg7eRbzK_J7S2Ct1kz9wiK79mnAA7VWnb3l1g2wlOShja6Jf5We5ma5lkoVZSGKSggKAAq5K07oJHfaaQ4tGJWKHh0dbL9RCmE96PNizIsCMgt8TKgBXUmimf7C4LOUzE54s0&sai=AMfl-YTC0I6N2OTdTUvkuYQx5XbNGSt2t3wGBmPcbxU9TzPXLmMm3BgcWio47nmrpePc2sRWNvpMDP5PiLJcNfI3t_L3WdHHu7W2qIWJhlFth_z5vNr0QTqbHvulyNqIiR33cWrIKjWi08VqA0vZD0ZvveZJicem1x3Q20Q0cWSv9ctU81qYjHVetiDNpiKv_zVS9yUp5xF-z_7f-xLXS7Z3wHgcHfbzVUrtq6Zwh7z0nhzsWFrDMST65eWKuVwbsNghXQ&sig=Cg0ArKJSzK2tfs_LS9I3EAE&urlfix=1&omid=0&rm=1&ctpt=232&vt=11&dtpt=124&dett=3&cstd=105&cisv=r20210415.91915&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Kontrast-300.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/Kontrast-300.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96e96292bf35ab4cfa60cf8f26578f55bacf27297ed4d97f7110a70e29229e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:26:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
84546
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31808
x-xss-protection
0
expires
Wed, 21 Apr 2021 06:26:09 GMT
spaghetti-200.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/spaghetti-200.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df32c5ecbbd376bb8d8ed9c4ac41376dc50f4523b8d43e7165d710ba8a1095e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 09:09:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
74742
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8962
x-xss-protection
0
expires
Wed, 21 Apr 2021 09:09:33 GMT
malbec-190.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/malbec-190.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ed2acc4abf47252212c74fa79892db172ac16781d484cec7810649a591e388f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 11:49:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
65125
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5813
x-xss-protection
0
expires
Wed, 21 Apr 2021 11:49:50 GMT
peperoni-200.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/peperoni-200.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6681ebe8f1adb7cb3140002cd40223d5d4e240adb9d92527e83147e621a65c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 09:09:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
74742
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
expires
Wed, 21 Apr 2021 09:09:33 GMT
pesto-60.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/pesto-60.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eddef88f07ba5f97a16767e5dd2bd191cb49eca86caa5c56ecec4f3e6a06d34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:32:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
1339
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4720
x-xss-protection
0
expires
Thu, 22 Apr 2021 05:32:56 GMT
Kontrast-300-Henkel.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/Kontrast-300-Henkel.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cbb58dea630e6854e6c5912004d1ec97ad9829d50725234801b850bc811d3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:26:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
84545
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2632
x-xss-protection
0
expires
Wed, 21 Apr 2021 06:26:10 GMT
Coop-Icon.png
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/Coop-Icon.png
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 09:09:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
74742
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3753
x-xss-protection
0
expires
Wed, 21 Apr 2021 09:09:33 GMT
coop.jpg
s0.2mdn.net/9506911/1605078249191/ Frame 0C5C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9506911/1605078249191/coop.jpg
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9506911/1605078249191/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 09:09:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 07:04:09 GMT
server
sffe
age
74742
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7509
x-xss-protection
0
expires
Wed, 21 Apr 2021 09:09:33 GMT
/
ssc-cms.33across.com/ps/ Frame E214 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?_=1618984515829.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP003 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=zzz000000000002zzz&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status
2020008
date
Wed, 21 Apr 2021 05:55:17 GMT
server
33XP003
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0D86 		611 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnbqR_4al-KvAem2zulE1i5XEGxZPciKpCtvpGQBe9nZh6ekGZnrM1MZs7YaY4; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 21 Apr 2021 05:55:15 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 21 Apr 2021 05:55:15 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 78A9 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFHpslnkk9jPhZ0h1D7osy1S1LhmxzR-wMcMgyRi8xS8TIe_o9fWTe1XKQt0_Ia6hjBbRujSny6WJH0dIgzMr7SeNplNI0Rw9emf3GlOt0hSpNtS0yjWN_CxI55hH-hi-K7_fPGAW7LZEcc3C9-AQWbemIgQ&dbm_d=AKAmf-A_244RZA68EERcRTKZvC28-gFOxy_7PY5SVkrozfmLLJqC_PTBz9T-PWu4SlMjCD0GLNrdEPRt8dkgGdSyCNUfPQfm2-Nd-Hh6pC6L6y2aKIS6cyhtmBq1FFGjQpU2RbLkp09stJlgrUxdrW5rw_2X0ss2gCbpbZ0FAFe0eif_rVNjc2-MoDIv9zXdflOM3xbyC9V9HOzmOqO100ouVGRFL4qEYnzoXN77J2aC-Qe4NzZ_9XClFwSL80GfvwbmQxvSdvkAFrC479OTUmbujLwp6qO1XPb48SPrCWxXWR98_CB2kFc0KmhDsH-RDSG2YNX2vM5_nIXCilQOw8yLJiGD0uo1Kkpx4_nuppS7KyJCkZJNRjnoBcf09vh4S7VkD8hQmxRLjkkNQt7agqS1Y0pXXieEw7IF1pjaOFIV26fH6o_3QDoHnOcEhj4LsHkkAEJkZkHSWP5tbrS5fWyc5gt-JbEr0PcXY1flVw6JcF21oYKwgOapuX3DBkuvYKVbz-EofCwKlDzGTiUDaCWRXRPFXDftUmbu0aeX5uYn6Jug4jK40j8EkYyma5UkBNSlhE7Fy4hsSPlxLHF8m8aH-sOiIzwNXKO26KVZ_-QflLer8c7uFBoQW_4Rf9rO3CYYAKwvIjMjkJNH9Qhpgj0ozNeOgx00Sh4rB80WAUnDgkhGTAlxr1uASjiNMP9m-cog4BkoHsN0QsxmYO8vCS3KGhsePegc-_dvN0UKYHUgZXs-8-BB1ZUzW3DPtSeYKU_li4TSn1zPqFVFCt57PDQYUUxjo0UYY1gWJWygObTa8lc43NW3RQKpNzAs_ZHuTvVvOfrEw6Hx8ePy3nvRsqz3eV-z4zWfeglZnTQBzoKkj_wiKk_IGSxTK39PM7TQowVT3aJxhvozCfVUvglIaCUIo8EnmWGB9PVBb5S84yTK2zDlozErdhydUTzimyc9A-9bYs3Q9eFoVZXwl-b32b_ozEWBuPYocmNQtcn89G5G8fcx28Orrx4vHkfq-XYyfetFFSoUjnAjEZ1uBWKXjUpYuk1E8srEhMYW2FZI7ANT0B84bc8ACwJfotWQ2GQPanvLnYsmoVHZ6HpoTsS8k2ItONW6wXIMQEMlNUV6mVOtDJ9d-ZKIddxfUGYXXBw514SMzjZeeQuTyRuq2eb6qscOs1bh6Hxv_vnJNFayE2c62i6yy72TtTWVQ9adarAcHL6s-BY1n-ZzAFr--ZiLt12AbLdfAVVU8O2okzjpmSVRbV_oyWznQHacWN_EZqiDNJamt8RygmckzXobWLEHYXjfp0R8IPUMs_g6HYy7loUL3Qv34r9GN-zHpljCzzOQ0avyncC0cRdrgfEnEd2kaRoLflrmMiOqJNpndJd-3vdHFu3Ki8nuDV1sVW0-ww4zhqBUUAB2uNkdTGvhYFhDyhrWB-WGEGKO_JDHgz76r76HU7508eNFRhjZmxS3d7_kJV6owFOZy2RgQ4fNf37V5rH9UpGLRDziFeiuVhRgVczHMaWGkYy21dseo08AgQJ3ZJCl7YAm-iEO6cCbFR-JxyKlHBcqbE7qis3wPqAEZIrZLSZS1srwVDp_xQ8G_0CwdtukIQZ8gjj0NFl9oWyGon206SNVUsdf5YWrAlshMUhWxJJe0ZZHA98rBwSZQ7oBSu6ZHjIqvDuTdLfTbcHevk9YFUkNICwNDBKpOTpHft_k8R2FJsvja7uyt5YFYzUyL6DJXcuSAuHYR5zbexIXIEpAW1vYX57UnwMRqg2-1xSBTZKvusw7-kHQ90mZvuYTsTyjJQiuIYER7xMAQ_FimWdmnTuu2DjSi02ylySend1F5Af1j6Yg6Fkp1TMjByeYyZMgjwH88bpegexcdm4vLJrZ3R8GktLDXvxulQIz9fJ1DFAuvlAt6cDkM9b0-2Xj-iAORigcblO_FDHJBMANCOcThbTGG_N66pOgyq96z9qC7WYlus-9U2UAWj13Ou3IFG00xL-4QPW8etU5pf8ZoxnjMDc6V9mB6HnreCtrxtSBoSnu5dQ7jummlOd10X65_BvKuuiEe2MmKgU8uy2guHyAFZ4CWaDu11XCSExSXZtPIVQu-A1Dqg15BQ90hfOXn-sFwkXPzJvZ9v-HVC_zB92-xdAB8c2Qv5fw3a1GnMMAfmqK6HHRoVyb3p9NTJ1Foe2WC2KgqnD8IagYUXtBh4V6CSgoLd-qw_ef6YvsHA_oxkV88c2aRGoEAYgaPl18jJYwAJGwY_HKZdvpNRhaiQiPOCLduznKdruNaw7wTCFLzwxY9UO-EUvyXzwaZtCxEA7accd93lj8eG5tAwJKnu-jPkQYgQF0MujZvsn9CQzzUFP233yGZ6sh0DKTrEqccNPw9EE-uMnN4kYhUF9hj_rBGHobFol1ZmO0VHG3ev0XdiZTFyQAPK1ee0aFUeusoXZd1QM-G6gaDxMffy1iUFaY6OSz5iIeMxwIxM1yfUOqZvbOnuYU_XYi3ZcsAcqDaW5WglGzX_6J8RHHXQUqcIZkkO4M5duFQ14doz_qyLfmbCHB9GW2YLFr2gq4q2u-yEAhfFkZVOf_Com1S27zQ79jhQlFfMUNNf_ZnFzmhNR5yINHlxp_E-25L4leFpLM0aPIfKE4gGyXgU3OIQy_pCSoL9ZYPJJWX0D3fDqgNR8IScEGQoOVret8WLVmi-MMMd3WmptKmOvpOdr4Ai7BZqcKsruZbBxUFnMA_Yk5L-tJFpb4I04jnVdPjkGMBxkH-pf5RGEqvIwBEfSOiv70uC56mQdKXk1rRc0OXLuUzhIUt9m3fRkofL2S3wSW_enjfWg0oyVsRonmFD49ENrjEmgWJOEL1deegOVgpE6EAdHTA-TkzE9rf3bfFtGO98DSK5182hlHD_aV4rGuCb6I0N7L_2b_ALrk9j0njC1PIRR_fsZZoaRjIeBx-eKaYN2J5KDbS2XrjJH56cVcqXJiE3ut97vAxgyjBHEx_Yh9h_ib5FVyKhb1odVJqR5KAeNFWLzDBHeuYU_VhhPfDj4POca0B7dft8bqnbhrZ7mYcsPhLQKGE-miUYIc_vFgqa_Ta61YdKDBSSMRoIHWog9YznhH7p10HZknzJv8utbatQTvVOFYzsmrkB4Ap96r_q4DPCBxR6wlRIr5bo2ZDmNX1_TrSTC4L4i67DQRGYcgLJ7kGmy1ROg6_itFLop1AhqjGP_R7Mw0jMKOWmchAUPWWHw2arYprkDZCg&cid=CAASPeRov-R8PXNgZvq7G0RqqCEjA6iRGVRlzVrhDlT83FN9WEeBxThnvkmRHzKjnDklm0N0VHp0TsrFQbmmcaU&rfl=1%2Chttps%253A%252F%252Fwww.ptonline.net%252F%240
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0144b9f00ff003421057703d4a922402df371b2c4d65223c4ee70f1c982a7a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22902
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 78A9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_w899Ppv3X_GhtQSf5-J_wOy8tYId9QbTQU3CzssLVMCLFBAYwygpa-2kL6Usq5wQm7p2JWx6iPU2QJ4ZQax0idBwuLVEbBF_iPaCfCoSJXi_r1U
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 78A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:49:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 78A9 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 78A9 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:51:33 GMT
l
www.google.com/ads/measurement/ Frame 78A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjwq5XxaJ-yt1zjEpLnx7UMsNMDIAQIK925u-UGq_ABQ6EYpRV4o93XM50o9TgSLziXSkA
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/ Frame 0D86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDCHr60GmucnWY0wiRiD3gY&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCHr60GmucnWY0wiRiD3gY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid
d4ecfddc-8b22-434a-9bf5-a80e5dc1994d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDCHr60GmucnWY0wiRiD3gY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D86
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMDYyMzk1ODcwMzczMzE4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMDYyMzk1ODcwMzczMzE4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
X-Proxy-Origin
37.120.137.166; 37.120.137.166; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid
04696747-075c-49cd-a3fb-d631ef24c5b9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMDYyMzk1ODcwMzczMzE4MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0D86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENU9OtNj3VKRCsDTMGEnmzs&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENU9OtNj3VKRCsDTMGEnmzs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENU9OtNj3VKRCsDTMGEnmzs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D86
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDM3MjlkMzktNWFlYS0yZmNiLWRlZmMtYjQ3ZWU5YjJmM2Jl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDM3MjlkMzktNWFlYS0yZmNiLWRlZmMtYjQ3ZWU5YjJmM2Jl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBD53UMYwL3WoAEwAQ&v=APEucNWuY0NyEDaE9vxL7NGWlBJqfKFZNEe_WTSVwDf6JsL-8RcqTSzgTzDsuf_Dv4zMcs0P_-FYTjsOfHwW969_e5PPDfld9A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDM3MjlkMzktNWFlYS0yZmNiLWRlZmMtYjQ3ZWU5YjJmM2Jl
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 78A9 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 19:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37783
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Apr 2021 19:25:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame 78A9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFHpslnkk9jPhZ0h1D7osy1S1LhmxzR-wMcMgyRi8xS8TIe_o9fWTe1XKQt0_Ia6hjBbRujSny6WJH0dIgzMr7SeNplNI0Rw9emf3GlOt0hSpNtS0yjWN_CxI55hH-hi-K7_fPGAW7LZEcc3C9-AQWbemIgQ&dbm_d=AKAmf-A_244RZA68EERcRTKZvC28-gFOxy_7PY5SVkrozfmLLJqC_PTBz9T-PWu4SlMjCD0GLNrdEPRt8dkgGdSyCNUfPQfm2-Nd-Hh6pC6L6y2aKIS6cyhtmBq1FFGjQpU2RbLkp09stJlgrUxdrW5rw_2X0ss2gCbpbZ0FAFe0eif_rVNjc2-MoDIv9zXdflOM3xbyC9V9HOzmOqO100ouVGRFL4qEYnzoXN77J2aC-Qe4NzZ_9XClFwSL80GfvwbmQxvSdvkAFrC479OTUmbujLwp6qO1XPb48SPrCWxXWR98_CB2kFc0KmhDsH-RDSG2YNX2vM5_nIXCilQOw8yLJiGD0uo1Kkpx4_nuppS7KyJCkZJNRjnoBcf09vh4S7VkD8hQmxRLjkkNQt7agqS1Y0pXXieEw7IF1pjaOFIV26fH6o_3QDoHnOcEhj4LsHkkAEJkZkHSWP5tbrS5fWyc5gt-JbEr0PcXY1flVw6JcF21oYKwgOapuX3DBkuvYKVbz-EofCwKlDzGTiUDaCWRXRPFXDftUmbu0aeX5uYn6Jug4jK40j8EkYyma5UkBNSlhE7Fy4hsSPlxLHF8m8aH-sOiIzwNXKO26KVZ_-QflLer8c7uFBoQW_4Rf9rO3CYYAKwvIjMjkJNH9Qhpgj0ozNeOgx00Sh4rB80WAUnDgkhGTAlxr1uASjiNMP9m-cog4BkoHsN0QsxmYO8vCS3KGhsePegc-_dvN0UKYHUgZXs-8-BB1ZUzW3DPtSeYKU_li4TSn1zPqFVFCt57PDQYUUxjo0UYY1gWJWygObTa8lc43NW3RQKpNzAs_ZHuTvVvOfrEw6Hx8ePy3nvRsqz3eV-z4zWfeglZnTQBzoKkj_wiKk_IGSxTK39PM7TQowVT3aJxhvozCfVUvglIaCUIo8EnmWGB9PVBb5S84yTK2zDlozErdhydUTzimyc9A-9bYs3Q9eFoVZXwl-b32b_ozEWBuPYocmNQtcn89G5G8fcx28Orrx4vHkfq-XYyfetFFSoUjnAjEZ1uBWKXjUpYuk1E8srEhMYW2FZI7ANT0B84bc8ACwJfotWQ2GQPanvLnYsmoVHZ6HpoTsS8k2ItONW6wXIMQEMlNUV6mVOtDJ9d-ZKIddxfUGYXXBw514SMzjZeeQuTyRuq2eb6qscOs1bh6Hxv_vnJNFayE2c62i6yy72TtTWVQ9adarAcHL6s-BY1n-ZzAFr--ZiLt12AbLdfAVVU8O2okzjpmSVRbV_oyWznQHacWN_EZqiDNJamt8RygmckzXobWLEHYXjfp0R8IPUMs_g6HYy7loUL3Qv34r9GN-zHpljCzzOQ0avyncC0cRdrgfEnEd2kaRoLflrmMiOqJNpndJd-3vdHFu3Ki8nuDV1sVW0-ww4zhqBUUAB2uNkdTGvhYFhDyhrWB-WGEGKO_JDHgz76r76HU7508eNFRhjZmxS3d7_kJV6owFOZy2RgQ4fNf37V5rH9UpGLRDziFeiuVhRgVczHMaWGkYy21dseo08AgQJ3ZJCl7YAm-iEO6cCbFR-JxyKlHBcqbE7qis3wPqAEZIrZLSZS1srwVDp_xQ8G_0CwdtukIQZ8gjj0NFl9oWyGon206SNVUsdf5YWrAlshMUhWxJJe0ZZHA98rBwSZQ7oBSu6ZHjIqvDuTdLfTbcHevk9YFUkNICwNDBKpOTpHft_k8R2FJsvja7uyt5YFYzUyL6DJXcuSAuHYR5zbexIXIEpAW1vYX57UnwMRqg2-1xSBTZKvusw7-kHQ90mZvuYTsTyjJQiuIYER7xMAQ_FimWdmnTuu2DjSi02ylySend1F5Af1j6Yg6Fkp1TMjByeYyZMgjwH88bpegexcdm4vLJrZ3R8GktLDXvxulQIz9fJ1DFAuvlAt6cDkM9b0-2Xj-iAORigcblO_FDHJBMANCOcThbTGG_N66pOgyq96z9qC7WYlus-9U2UAWj13Ou3IFG00xL-4QPW8etU5pf8ZoxnjMDc6V9mB6HnreCtrxtSBoSnu5dQ7jummlOd10X65_BvKuuiEe2MmKgU8uy2guHyAFZ4CWaDu11XCSExSXZtPIVQu-A1Dqg15BQ90hfOXn-sFwkXPzJvZ9v-HVC_zB92-xdAB8c2Qv5fw3a1GnMMAfmqK6HHRoVyb3p9NTJ1Foe2WC2KgqnD8IagYUXtBh4V6CSgoLd-qw_ef6YvsHA_oxkV88c2aRGoEAYgaPl18jJYwAJGwY_HKZdvpNRhaiQiPOCLduznKdruNaw7wTCFLzwxY9UO-EUvyXzwaZtCxEA7accd93lj8eG5tAwJKnu-jPkQYgQF0MujZvsn9CQzzUFP233yGZ6sh0DKTrEqccNPw9EE-uMnN4kYhUF9hj_rBGHobFol1ZmO0VHG3ev0XdiZTFyQAPK1ee0aFUeusoXZd1QM-G6gaDxMffy1iUFaY6OSz5iIeMxwIxM1yfUOqZvbOnuYU_XYi3ZcsAcqDaW5WglGzX_6J8RHHXQUqcIZkkO4M5duFQ14doz_qyLfmbCHB9GW2YLFr2gq4q2u-yEAhfFkZVOf_Com1S27zQ79jhQlFfMUNNf_ZnFzmhNR5yINHlxp_E-25L4leFpLM0aPIfKE4gGyXgU3OIQy_pCSoL9ZYPJJWX0D3fDqgNR8IScEGQoOVret8WLVmi-MMMd3WmptKmOvpOdr4Ai7BZqcKsruZbBxUFnMA_Yk5L-tJFpb4I04jnVdPjkGMBxkH-pf5RGEqvIwBEfSOiv70uC56mQdKXk1rRc0OXLuUzhIUt9m3fRkofL2S3wSW_enjfWg0oyVsRonmFD49ENrjEmgWJOEL1deegOVgpE6EAdHTA-TkzE9rf3bfFtGO98DSK5182hlHD_aV4rGuCb6I0N7L_2b_ALrk9j0njC1PIRR_fsZZoaRjIeBx-eKaYN2J5KDbS2XrjJH56cVcqXJiE3ut97vAxgyjBHEx_Yh9h_ib5FVyKhb1odVJqR5KAeNFWLzDBHeuYU_VhhPfDj4POca0B7dft8bqnbhrZ7mYcsPhLQKGE-miUYIc_vFgqa_Ta61YdKDBSSMRoIHWog9YznhH7p10HZknzJv8utbatQTvVOFYzsmrkB4Ap96r_q4DPCBxR6wlRIr5bo2ZDmNX1_TrSTC4L4i67DQRGYcgLJ7kGmy1ROg6_itFLop1AhqjGP_R7Mw0jMKOWmchAUPWWHw2arYprkDZCg&cid=CAASPeRov-R8PXNgZvq7G0RqqCEjA6iRGVRlzVrhDlT83FN9WEeBxThnvkmRHzKjnDklm0N0VHp0TsrFQbmmcaU&rfl=1%2Chttps%253A%252F%252Fwww.ptonline.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:51:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 78A9 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFHpslnkk9jPhZ0h1D7osy1S1LhmxzR-wMcMgyRi8xS8TIe_o9fWTe1XKQt0_Ia6hjBbRujSny6WJH0dIgzMr7SeNplNI0Rw9emf3GlOt0hSpNtS0yjWN_CxI55hH-hi-K7_fPGAW7LZEcc3C9-AQWbemIgQ&dbm_d=AKAmf-A_244RZA68EERcRTKZvC28-gFOxy_7PY5SVkrozfmLLJqC_PTBz9T-PWu4SlMjCD0GLNrdEPRt8dkgGdSyCNUfPQfm2-Nd-Hh6pC6L6y2aKIS6cyhtmBq1FFGjQpU2RbLkp09stJlgrUxdrW5rw_2X0ss2gCbpbZ0FAFe0eif_rVNjc2-MoDIv9zXdflOM3xbyC9V9HOzmOqO100ouVGRFL4qEYnzoXN77J2aC-Qe4NzZ_9XClFwSL80GfvwbmQxvSdvkAFrC479OTUmbujLwp6qO1XPb48SPrCWxXWR98_CB2kFc0KmhDsH-RDSG2YNX2vM5_nIXCilQOw8yLJiGD0uo1Kkpx4_nuppS7KyJCkZJNRjnoBcf09vh4S7VkD8hQmxRLjkkNQt7agqS1Y0pXXieEw7IF1pjaOFIV26fH6o_3QDoHnOcEhj4LsHkkAEJkZkHSWP5tbrS5fWyc5gt-JbEr0PcXY1flVw6JcF21oYKwgOapuX3DBkuvYKVbz-EofCwKlDzGTiUDaCWRXRPFXDftUmbu0aeX5uYn6Jug4jK40j8EkYyma5UkBNSlhE7Fy4hsSPlxLHF8m8aH-sOiIzwNXKO26KVZ_-QflLer8c7uFBoQW_4Rf9rO3CYYAKwvIjMjkJNH9Qhpgj0ozNeOgx00Sh4rB80WAUnDgkhGTAlxr1uASjiNMP9m-cog4BkoHsN0QsxmYO8vCS3KGhsePegc-_dvN0UKYHUgZXs-8-BB1ZUzW3DPtSeYKU_li4TSn1zPqFVFCt57PDQYUUxjo0UYY1gWJWygObTa8lc43NW3RQKpNzAs_ZHuTvVvOfrEw6Hx8ePy3nvRsqz3eV-z4zWfeglZnTQBzoKkj_wiKk_IGSxTK39PM7TQowVT3aJxhvozCfVUvglIaCUIo8EnmWGB9PVBb5S84yTK2zDlozErdhydUTzimyc9A-9bYs3Q9eFoVZXwl-b32b_ozEWBuPYocmNQtcn89G5G8fcx28Orrx4vHkfq-XYyfetFFSoUjnAjEZ1uBWKXjUpYuk1E8srEhMYW2FZI7ANT0B84bc8ACwJfotWQ2GQPanvLnYsmoVHZ6HpoTsS8k2ItONW6wXIMQEMlNUV6mVOtDJ9d-ZKIddxfUGYXXBw514SMzjZeeQuTyRuq2eb6qscOs1bh6Hxv_vnJNFayE2c62i6yy72TtTWVQ9adarAcHL6s-BY1n-ZzAFr--ZiLt12AbLdfAVVU8O2okzjpmSVRbV_oyWznQHacWN_EZqiDNJamt8RygmckzXobWLEHYXjfp0R8IPUMs_g6HYy7loUL3Qv34r9GN-zHpljCzzOQ0avyncC0cRdrgfEnEd2kaRoLflrmMiOqJNpndJd-3vdHFu3Ki8nuDV1sVW0-ww4zhqBUUAB2uNkdTGvhYFhDyhrWB-WGEGKO_JDHgz76r76HU7508eNFRhjZmxS3d7_kJV6owFOZy2RgQ4fNf37V5rH9UpGLRDziFeiuVhRgVczHMaWGkYy21dseo08AgQJ3ZJCl7YAm-iEO6cCbFR-JxyKlHBcqbE7qis3wPqAEZIrZLSZS1srwVDp_xQ8G_0CwdtukIQZ8gjj0NFl9oWyGon206SNVUsdf5YWrAlshMUhWxJJe0ZZHA98rBwSZQ7oBSu6ZHjIqvDuTdLfTbcHevk9YFUkNICwNDBKpOTpHft_k8R2FJsvja7uyt5YFYzUyL6DJXcuSAuHYR5zbexIXIEpAW1vYX57UnwMRqg2-1xSBTZKvusw7-kHQ90mZvuYTsTyjJQiuIYER7xMAQ_FimWdmnTuu2DjSi02ylySend1F5Af1j6Yg6Fkp1TMjByeYyZMgjwH88bpegexcdm4vLJrZ3R8GktLDXvxulQIz9fJ1DFAuvlAt6cDkM9b0-2Xj-iAORigcblO_FDHJBMANCOcThbTGG_N66pOgyq96z9qC7WYlus-9U2UAWj13Ou3IFG00xL-4QPW8etU5pf8ZoxnjMDc6V9mB6HnreCtrxtSBoSnu5dQ7jummlOd10X65_BvKuuiEe2MmKgU8uy2guHyAFZ4CWaDu11XCSExSXZtPIVQu-A1Dqg15BQ90hfOXn-sFwkXPzJvZ9v-HVC_zB92-xdAB8c2Qv5fw3a1GnMMAfmqK6HHRoVyb3p9NTJ1Foe2WC2KgqnD8IagYUXtBh4V6CSgoLd-qw_ef6YvsHA_oxkV88c2aRGoEAYgaPl18jJYwAJGwY_HKZdvpNRhaiQiPOCLduznKdruNaw7wTCFLzwxY9UO-EUvyXzwaZtCxEA7accd93lj8eG5tAwJKnu-jPkQYgQF0MujZvsn9CQzzUFP233yGZ6sh0DKTrEqccNPw9EE-uMnN4kYhUF9hj_rBGHobFol1ZmO0VHG3ev0XdiZTFyQAPK1ee0aFUeusoXZd1QM-G6gaDxMffy1iUFaY6OSz5iIeMxwIxM1yfUOqZvbOnuYU_XYi3ZcsAcqDaW5WglGzX_6J8RHHXQUqcIZkkO4M5duFQ14doz_qyLfmbCHB9GW2YLFr2gq4q2u-yEAhfFkZVOf_Com1S27zQ79jhQlFfMUNNf_ZnFzmhNR5yINHlxp_E-25L4leFpLM0aPIfKE4gGyXgU3OIQy_pCSoL9ZYPJJWX0D3fDqgNR8IScEGQoOVret8WLVmi-MMMd3WmptKmOvpOdr4Ai7BZqcKsruZbBxUFnMA_Yk5L-tJFpb4I04jnVdPjkGMBxkH-pf5RGEqvIwBEfSOiv70uC56mQdKXk1rRc0OXLuUzhIUt9m3fRkofL2S3wSW_enjfWg0oyVsRonmFD49ENrjEmgWJOEL1deegOVgpE6EAdHTA-TkzE9rf3bfFtGO98DSK5182hlHD_aV4rGuCb6I0N7L_2b_ALrk9j0njC1PIRR_fsZZoaRjIeBx-eKaYN2J5KDbS2XrjJH56cVcqXJiE3ut97vAxgyjBHEx_Yh9h_ib5FVyKhb1odVJqR5KAeNFWLzDBHeuYU_VhhPfDj4POca0B7dft8bqnbhrZ7mYcsPhLQKGE-miUYIc_vFgqa_Ta61YdKDBSSMRoIHWog9YznhH7p10HZknzJv8utbatQTvVOFYzsmrkB4Ap96r_q4DPCBxR6wlRIr5bo2ZDmNX1_TrSTC4L4i67DQRGYcgLJ7kGmy1ROg6_itFLop1AhqjGP_R7Mw0jMKOWmchAUPWWHw2arYprkDZCg&cid=CAASPeRov-R8PXNgZvq7G0RqqCEjA6iRGVRlzVrhDlT83FN9WEeBxThnvkmRHzKjnDklm0N0VHp0TsrFQbmmcaU&rfl=1%2Chttps%253A%252F%252Fwww.ptonline.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
15267579076523134137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:54:35 GMT
index.html
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		44 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77159fdb902dc879f725208a4884100b6e4751c55387a2b2b53b0ea7c362d659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
5057
date
Tue, 20 Apr 2021 20:54:01 GMT
expires
Wed, 21 Apr 2021 20:54:01 GMT
last-modified
Wed, 07 Apr 2021 11:09:24 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
32475
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 78A9 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjCidKJhnpsbs_Elzic1x8d-XFSrx0Bql2YZzofjwtED0ltNpYmwERzefh0jdQ1KCMhPZUtLxN6VNLh3MOoKcjIjC8VOpc81U33dkDRzU6QVNKGawtnpvz0Mk3VKUeDkI0ehS00DsPQhSGu7YK6C9BkQ1GkYZMZwTl8vP0OB1wPa-pnCqQJ06oSRqix6P79XnItM17wTTdnQbdL1jU9ZVwvOUlrRd8G5qJjRUWBIn2V1iQ8uxUQntOw8jlHho0ejynCDalLlgkKfTW8EJ4DCFIL0Y4jO3jEHsMX0Oqkt4o7ZBlwGd3hFhLeVoNkV1G49PzyVkQVSRKybxdhBBTPjhWo3X4_WaqFRdzT4k9CRcAX65_JJHbDhVzJWG1MIyPKXK_Mh_mMBFS-oncMwRwpJum1_u4VCCWy_emn_dQISOhjNQNoLTC9G5wEikSx-42W9QotrRUMmWhebuDlXIk6VbQbmROSOCo9yL0ZgFc1TGnC3P2IFHmlIQZocuIOwOBPV5NubG73vVAPd0qrNLToyXvESCoD8CQv52I6LnQDWfaTbp7muCyD4rvBnH1A09v1TfHExmCCEO8w1vanXZu14ADBWPVKUNJ40arjYtrW-VkBx6u_kwX5ogHZ5N8Nkht3NK2cSRSkcfrDhrlp3aYbcTcn5OIS327qSk5sb4GLrk65jgjT3jj2kwO8lsFCVVJoYLgFzbkTkqOz2rPyVqwwFBZgZT7lRnKFzsAWD3Ej0ivlkfKqJXtSWPXx6SgnHLxH3poAgJ_1Tt_pUtp1qNnSNoojlvEggApOM1_cd53sttyqpIvkvWv3BWqZPWcwIu1iWgLB7IBnXK7J4R7vFBvA4ELv8rpJ5xmijUPzahsy6-T4D4Ob3RjmsRZ-4Km1WGwvyM0Xuwsuff08qPrtllO75-vdbh9o-hRSz2qUHjle2EqXQDXTLQ5r9prmkSM7ZtvdskBcp12WQnb7ccGkC1J-4RW8T1EetRo9Mm-R9Kq2-v7uXFZm8eFPKJ86YAxNINSyJyb1R9hac1yeArUaA77zCxkFdH2EZT7zu4h4BfYZjuXbBwzHgD5J_641MHlWBrbtBP-giNa4SDCWmX4mZ2f-281MoCSJ8jn8SitPr8F9TLNkYnjnZR3fYiGHbjS61j0-nVZUioZyGYolTrwzY7UZTBSuTHgnSK70KG2CsTQjIvysTsPQpremq9YhIM&sai=AMfl-YQGwqhioKqrXybsVWKyxOTQODh8dse24g9mY98P2Wo7p0NtHi313UfPv167QDZOFmbB-crhyS1yTIzIdO3-URQlq490l8FNyIoxLfJ0BcK6t9ffQj4crlBS8oSK_DshKTA06ZoGJFd0Pwk7cDD1VCx5UKTTXao1OZo0GntT8ttqBlg0LbqGJ_baIbtcN2Gri7Ffomlc8LvRhpgYnU0qy0XJERpvLrlEPDnEfW2G2Q&sig=Cg0ArKJSzFcmu9Ko6FxxEAE&urlfix=1&omid=0&rm=1&ctpt=28&cbvp=1&cstd=27&cisv=r20210415.35425&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 21 Apr 2021 05:55:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA65 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiJAGQ75_YNSVJ6fU7_UP3omz0A4AAAAAOAHgBAI&bg=!ERKlElbNAAZUuIlwVLg7ACkAdvg8WqVbafa1zFUM1YsRgzZFdr8cY2JvQdHHbUXiZ_-ovBb_0cd2wgIAAACwUgAAABBoAQcKAJ-ASrEmJTFF2FAH1JViKslwOelpLGPQKXtzKoW6WBo7tO8zy1lgj2XEAOmdFCbUQVohm1MTG8B7Nko0-KlZW7gvHocEn8-Os5Ee5YWxoKwn7tTz4uS91Yy9XTlWNoJIAaYr1VLj6fofpR7Hxugfqo1zXiSkOS0RuLm_kyun5BKVS7sNrr2WFhee4Z8QLNetNutEdMKRnoxv6_c1OHPcOLyZAl9IfcgPP5tDuheZMN4pBhG_JmlJRQR5LE3QAezfF7GilprHOVUiMd9Bn7qV_fNnljqrBlVAD_HW1hYUrk3vDcaNGP3ooz_aTLGCSCfFN6fEnfvPeazmbzvXfBoahzjCiU47XI-CO7PjTMOh_BLraNAmpTr8zLLGriJfXP4meaqeRMSREDRrO4n0QJMvZsqhJDy7Ej_f7y39hxxFKPwBHbphzhx18Fvxzz3fjXmEVr6On2_qZqecL8yea8Jy2GoiGVnu1tPA7zmWSe1A7fep7hBdP26ZMNBdFaOipgSk99ckqDumE0KWXysaOEMR8TBpsDkB2adzu59m55MBc2-FmZ-vcC_QmYoACoep73-t217N152dhP28-_owq6srhIEiLAy-UmyLD9TKDYgJXF9gtVAMDv4rgHiIYbHNDimMci6lvPUmesEeg006todCeHkJ-u6jbKsLG8chAvN8yCMeOd1EUEG3pMNN3Tem00E4F1lZUnHN0wNq7S24QEtrZboMDFfADb1lvIfgIh5TZEtVYctXHrVh8SFuJivC5-khI57qWKX5fUufN8CxxJSU5O9qxzwYoo3nMLLfm9Oq0evcF7HrBlD6gTcub1O3bCq2ZjDyxeQKPsqTrwtRbM0db6K6GXwSAkqeGmDy5GZNtYIxnBj20SJt7CKUwbeT_YBFol9otJwHsBip6Oya9_yfPwqfQSV2-93_NRf_CUgARYbawnJfHjJyH2vPbe00C4UoMd6o7u6h_t0u19i2G5jSTNFs-inD8hNQ-WbkhcgPVlNTwtcnQsp5wK3CIRwqiTtBU_CC
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
background.jpg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/background.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aae10468fd39c4d67c9abee5da67dd2a8aab1f876f656567a7cd1a407928fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 04:34:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
4844
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23767
x-xss-protection
0
expires
Thu, 22 Apr 2021 04:34:32 GMT
head1.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0897bcc7608e77f4d2b457d9f9a9b54ab451d74c0365b3ea2ee81af1c6f27f22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:38:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
1031
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31421
x-xss-protection
0
expires
Thu, 22 Apr 2021 05:38:05 GMT
icon01.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94816404449911cb139dc20677777bfdf1cb22560100acf7bf4783f1d8fb88e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59536
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1973
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:00 GMT
icon02.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d40af8d9ce63995584734dae2d7f407c299dc67f0fe8ee6c11dcd15b47ebfa66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59536
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2828
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:00 GMT
icon03.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon03.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71c6f7a109f6e9abd7d82174ab74a228e323100013aa3483a21894bd406fdbaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:13:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
2490
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2135
x-xss-protection
0
expires
Thu, 22 Apr 2021 05:13:46 GMT
icon04.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon04.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed573dfe12909b2a2455f77208cc8688696830627ff4c9eb3480ada0e98c9275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59536
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3346
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:00 GMT
icon05.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon05.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f903097827467c4299d7ff56f4d3ab2f9f1d81dead5e56a368db059fdd655cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59536
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2319
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:00 GMT
icon06.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon06.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ba53ef3f4ee0a606deefde1a63c9c7f3e8b74084cb8c1350136f7cf87fbe85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:04:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
28239
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3100
x-xss-protection
0
expires
Wed, 21 Apr 2021 22:04:37 GMT
icon07.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon07.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e7746eb163cbb548f5bc32f84aeb5b4447031fef8b031ce27c0afaa17d76ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59526
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7514
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:10 GMT
icon08.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/icon08.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb84883aa3581d7a9fa1a6a8d6d8cc3e8286008e976dcc47e73ce7dc1897aeaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59526
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10438
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:10 GMT
head2.svg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05d11d516a6ab13b9e025046d3dd49cb347d487bc5f1139f805028abafba755e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13086
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1526
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 22 Apr 2021 02:17:10 GMT
head3_1.svg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head3_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7cce12a63f3cd5b161a65b890d49eafb18bd7195520ffb5d5395b86db639af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85805
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1305
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 21 Apr 2021 06:05:11 GMT
head3_2.svg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head3_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a627acd9d2843e53e11c6e3dac3b9958d15b6555b7781b92a01d02e41c3026ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85805
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1449
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 21 Apr 2021 06:05:11 GMT
head3_3.svg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		2 KB
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head3_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d7bb310d02386ea6780661d4d0545b5ba4dfe26014878c08b8f3c56b4b222c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28239
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
832
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 11:09:26 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 21 Apr 2021 22:04:37 GMT
head4_1.svg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		2 KB
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head4_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51b1a3c3571a005542497569088edfa61cfcd15a65313845fec24aa6533254b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 23:11:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24202
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
905
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 21 Apr 2021 23:11:54 GMT
head4_2.svg
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/head4_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fabd86e62d3795c7076ddf9b6e42f2fffacb5a1ecb2d4ffa01af54b0622a7713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 01:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16495
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1246
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 22 Apr 2021 01:20:21 GMT
applestore.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/applestore.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1038b537aa33a8c8b42d1e8b78ccd1a11723f98a231a66127807d3062b342bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 13:23:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
59531
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20593
x-xss-protection
0
expires
Wed, 21 Apr 2021 13:23:05 GMT
googleplay.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/googleplay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
606e4805196154794530815a0173b27dcb911da59d9f58f85364738a8dddf257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:24 GMT
server
sffe
age
85899
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15729
x-xss-protection
0
expires
Wed, 21 Apr 2021 06:03:37 GMT
logo.png
s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/ Frame A340 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b886c2215858e165c0a06b6ad93e6e81fbe4db89717eeac133698c1147ee165b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/5660323/1617793764864/PF_Banner_LOGIN_300x250_DE/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:25:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 11:09:25 GMT
server
sffe
age
1758
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2212
x-xss-protection
0
expires
Thu, 22 Apr 2021 05:25:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 78A9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 10:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70088
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:27:08 GMT
truncated
/ Frame 78A9 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e466dbc6b9d6e8349016aa0e7cb7d257eebc135114054951471111e437fc395b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 78A9 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjCidKJhnpsbs_Elzic1x8d-XFSrx0Bql2YZzofjwtED0ltNpYmwERzefh0jdQ1KCMhPZUtLxN6VNLh3MOoKcjIjC8VOpc81U33dkDRzU6QVNKGawtnpvz0Mk3VKUeDkI0ehS00DsPQhSGu7YK6C9BkQ1GkYZMZwTl8vP0OB1wPa-pnCqQJ06oSRqix6P79XnItM17wTTdnQbdL1jU9ZVwvOUlrRd8G5qJjRUWBIn2V1iQ8uxUQntOw8jlHho0ejynCDalLlgkKfTW8EJ4DCFIL0Y4jO3jEHsMX0Oqkt4o7ZBlwGd3hFhLeVoNkV1G49PzyVkQVSRKybxdhBBTPjhWo3X4_WaqFRdzT4k9CRcAX65_JJHbDhVzJWG1MIyPKXK_Mh_mMBFS-oncMwRwpJum1_u4VCCWy_emn_dQISOhjNQNoLTC9G5wEikSx-42W9QotrRUMmWhebuDlXIk6VbQbmROSOCo9yL0ZgFc1TGnC3P2IFHmlIQZocuIOwOBPV5NubG73vVAPd0qrNLToyXvESCoD8CQv52I6LnQDWfaTbp7muCyD4rvBnH1A09v1TfHExmCCEO8w1vanXZu14ADBWPVKUNJ40arjYtrW-VkBx6u_kwX5ogHZ5N8Nkht3NK2cSRSkcfrDhrlp3aYbcTcn5OIS327qSk5sb4GLrk65jgjT3jj2kwO8lsFCVVJoYLgFzbkTkqOz2rPyVqwwFBZgZT7lRnKFzsAWD3Ej0ivlkfKqJXtSWPXx6SgnHLxH3poAgJ_1Tt_pUtp1qNnSNoojlvEggApOM1_cd53sttyqpIvkvWv3BWqZPWcwIu1iWgLB7IBnXK7J4R7vFBvA4ELv8rpJ5xmijUPzahsy6-T4D4Ob3RjmsRZ-4Km1WGwvyM0Xuwsuff08qPrtllO75-vdbh9o-hRSz2qUHjle2EqXQDXTLQ5r9prmkSM7ZtvdskBcp12WQnb7ccGkC1J-4RW8T1EetRo9Mm-R9Kq2-v7uXFZm8eFPKJ86YAxNINSyJyb1R9hac1yeArUaA77zCxkFdH2EZT7zu4h4BfYZjuXbBwzHgD5J_641MHlWBrbtBP-giNa4SDCWmX4mZ2f-281MoCSJ8jn8SitPr8F9TLNkYnjnZR3fYiGHbjS61j0-nVZUioZyGYolTrwzY7UZTBSuTHgnSK70KG2CsTQjIvysTsPQpremq9YhIM&sai=AMfl-YQGwqhioKqrXybsVWKyxOTQODh8dse24g9mY98P2Wo7p0NtHi313UfPv167QDZOFmbB-crhyS1yTIzIdO3-URQlq490l8FNyIoxLfJ0BcK6t9ffQj4crlBS8oSK_DshKTA06ZoGJFd0Pwk7cDD1VCx5UKTTXao1OZo0GntT8ttqBlg0LbqGJ_baIbtcN2Gri7Ffomlc8LvRhpgYnU0qy0XJERpvLrlEPDnEfW2G2Q&sig=Cg0ArKJSzFcmu9Ko6FxxEAE&urlfix=1&omid=0&rm=1&ctpt=108&vt=11&dtpt=80&dett=3&cstd=27&cisv=r20210415.35425&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9169 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 20 Apr 2021 14:36:31 GMT
expires
Wed, 20 Apr 2022 14:36:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55125
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 9169 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27933
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 20 Apr 2022 22:09:43 GMT
getuid
ib.adnxs.com/ Frame E4C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEL-s7Vgfy_5HbfGwVVzePB0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b126...
95 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEL-s7Vgfy_5HbfGwVVzePB0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cca49241772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498526f000017726db51000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEL-s7Vgfy_5HbfGwVVzePB0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=255937e1-a266-11eb-8c41-9e061214b81a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=255937e1-a266-11eb-8c41-9e061214b81a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cca89771772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498529300001772a3227000000001

Redirect headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=255937e1-a266-11eb-8c41-9e061214b81a&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
alt-svc
clear
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame E4C0 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D2...
  • https://mwzeom.zeotap.com/mw?cid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cca694f1772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498528600001772c495c000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame E4C0 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 varnish
server
nginx
x-timer
S1618984516.484771,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19120-FRA
u
dmp.v.fwmrm.net/ad/ Frame E4C0 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.57.158.51 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:19 GMT
Cache-Control
no-store
Expires
0
Content-Type
text/html
Content-Length
0
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E4C0 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:16 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=9058366c-dba7-4634-bf32-b0815549ed77&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=9058366c-dba7-4634-bf32-b0815549ed77&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345ccae9f81772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09949852d20000177280b8e000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=9058366c-dba7-4634-bf32-b0815549ed77&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=40155334469712157230316041238102552905&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=40155334469712157230316041238102552905&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cd209df1772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498574500001772b39d1000000001

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ATN30+peQ98=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=40155334469712157230316041238102552905&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
loadeu.exelator.com/load/ Frame E4C0 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021042107-66854-0.452413001618984516-49c5eafd1449c47d2a0b9985d33ec88a&zdid=533&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021042107-66854-0.452413001618984516-49c5eafd1449c47d2a0b9985d33ec88a&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345ccb1a1e1772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09949852eb000017726396d000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021042107-66854-0.452413001618984516-49c5eafd1449c47d2a0b9985d33ec88a&zdid=533&env=mWeb
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=6953485548959692953&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6953485548959692953&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345ccc6bd21772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09949853c400001772b632c000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=6953485548959692953&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame E4C0 		95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=/.BaVnmnsr4J6YH9bLaSHO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-47...
95 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=/.BaVnmnsr4J6YH9bLaSHO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cd189551772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09949856f900001772639a0000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
via
1.1 google
last-modified
Wed, 21 Apr 2021 05:55:17 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=/.BaVnmnsr4J6YH9bLaSHO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame E4C0 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.107 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=cd4b94c5519b9be4ec88b1f30621bfa0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=cd4b94c5519b9be4ec88b1f30621bfa0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cd94a301772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0994985bce00001772bc8d2000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=cd4b94c5519b9be4ec88b1f30621bfa0&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
cache-control
no-cache
x-server
10.45.25.177
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-qgiV55FE2oozvmYcy89Zk96uLkcK78eOsw--~A&zpartnerid=570&env=mWeb
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-qgiV55FE2oozvmYcy89Zk96uLkcK78eOsw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cd25a381772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498577300001772bc89e000000001

Redirect headers

date
Wed, 21 Apr 2021 05:55:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-qgiV55FE2oozvmYcy89Zk96uLkcK78eOsw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nESLXsIstfvS269gvP%2FlJNIp5kvG2fPQ%2BS41iYitP1U%3D
95 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nESLXsIstfvS269gvP%2FlJNIp5kvG2fPQ%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cd3bbd01772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498585300001772d3ba9000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=nESLXsIstfvS269gvP%2FlJNIp5kvG2fPQ%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame E4C0 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame E4C0 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.95.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1618984516
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame E4C0 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
server
nginx/1.10.3
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH__QwAAU6QPnQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH__QwAAU6QPnQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345ccd9d001772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498548300001772b8a81000000001

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1618984517.616215,VS0,VE93
x-served-by
cache-hhn4041-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YH__QwAAU6QPnQAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=6182607f-be42-4900-acea-1cbe90fa5603&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b1260...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=6182607f-be42-4900-acea-1cbe90fa5603&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cce7de21772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
099498550f000017729580f000000001

Redirect headers

Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
MT3 3660 495c301 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=6182607f-be42-4900-acea-1cbe90fa5603&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 21 Apr 2021 05:56:47 GMT
usermatch.gif
beacon.krxd.net/ Frame E4C0
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc6...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.95.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1618984518
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
date
Wed, 21 Apr 2021 05:55:18 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame E4C0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E4C0
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
64345cd94a2e1772-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0994985bcd000017725a22f000000001

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Wed, 21 Apr 2021 05:55:18 GMT
Connection
keep-alive
Content-Length
0
BK-Server
b514
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
zeo
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/ Frame E4C0 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De3094235-d56c-4c2a-791a-c3db6c3ce5a4%26reqId%3D23b12600-16d6-4775-5b17-2f8aefc645d9%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.236.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:18 GMT
content-length
0
cmp.min.js
spl.zeotap.com/ Frame E4C0 		557 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a4bf700b6364ed2f042de760237d3105691a544b626f7d98511cc76434d338

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
64345cca18db1772-FRA
date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cf-request-id
099498525300001772a013f000000001
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ptonline.net
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ptonline.net
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		66 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=851321485963777&correlator=2214697326997961&output=ldjh&impl=fif&eid=31060860%2C31060809%2C44714449&vrg=2021042001&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=281191609%2Ctrx_cnhi%2Cptonline.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=1&prev_scp=slotName%3Dldgr1%26pubDom%3Dptonline.net%26atab%3Dtrue%26frstlk%3Dtrue&eri=1&cookie=ID%3D530e1bf8f2c57f6c-227e2173ebc70090%3AT%3D1618984515%3AS%3DALNI_MaKgFTrpBO5wBk5Tu9I50L3pnwuVQ&bc=31&abxe=1&lmt=1618984505&dt=1618984516220&dlt=1618984506397&idt=602&frm=20&biw=1600&bih=1200&oid=3&adxs=1010&adys=1285&adks=2740354699&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ptonline.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x250&msz=300x-1&ga_vid=158815272.1618984507&ga_sid=1618984515&ga_hid=1986106146&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
0badf28d5a215290f83e31611b4d8d5b9166c2dc2d858509e8076defbcee2f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26577
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=851321485963777&correlator=2214697326997961&output=ldjh&impl=fif&eid=31060860%2C31060809%2C44714449&vrg=2021042001&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210421&iu_parts=281191609%2Ctrx_cnhi%2Cptonline.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=1&prev_scp=slotName%3Dldgr4%26pubDom%3Dptonline.net%26atab%3Dtrue%26frstlk%3Dtrue&eri=1&cookie=ID%3D530e1bf8f2c57f6c-227e2173ebc70090%3AT%3D1618984515%3AS%3DALNI_MaKgFTrpBO5wBk5Tu9I50L3pnwuVQ&bc=31&abxe=1&lmt=1618984505&dt=1618984516223&dlt=1618984506397&idt=602&frm=20&biw=1600&bih=1200&oid=3&adxs=674&adys=1848&adks=3101312882&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ptonline.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=158815272.1618984507&ga_sid=1618984515&ga_hid=1986106146&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9d9c41d0caaf97c3927bf586a8a5096ed18ab22925f3e47096bd45391bc0ad46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27124
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp
spl.zeotap.com/ Frame E4C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e3094235-d56c-4c2a-791a-c3db6c3ce5a4&reqId=23b12600-16d6-4775-5b17-2f8aefc645d9&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=e3094235-d56c-4c2a-791a-c3db6c3ce5a4; zsc=%DE%14%9C%823%DA%D7%9F%BB%C1%DA%06%7C%D4%B9Ok%F4%19%ECgqI%EA%CF%AD%C55%AA%CC%C5%FA%1B%04%EF%B1QU%B6%D7%CF%E4%BA%199%D4%C6%F1%B7%3F8%23kg%90%C52%22%82~%8A7%1C%21HK%C9%FFd%E8%85V%40%23%B5%5D%92%1D%AC%08%B50%5C%CA%08%ED%5D%0B9%0B%FDk%11%04%1B%82%29%7BQ%FD%82%0Ec%E4%BFh%E6%064%F2a%B8%B8%0Ff%A9h%5D%8BP%F1E%90%ED%24%F26%89%5Dk.7%B1%16K%E0%E7%AC%AC%99%115%2A%12%D8%BF%EDV%B6T%95%9Fk%0B%16%A8%B6y%E3%A6l%95%13%8B%5E%CB%7C%80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
set-cookie
__cfduid=dc1504372c1629825bc60862d89056c681618984516; expires=Fri, 21-May-21 05:55:16 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0994985292000017727aad6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
64345cca89761772-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9169 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByciUQ75_YN7jOqLX7_UP19et4AsAAAAAOAHgBAI&bg=!IiGlIWXNAAZUuIlwVLg7ACkAdvg8Wsx2w0zr5KU-XK-aE2Oq5fQXMcP5CJl5VO8Aa73dg6dEiUaMkwIAAABpUgAAAAxoAQcKAD3XmCZIakRKKQjs1quI1OimRFtIWiPMvRKXLIdVe3xJ7f6nw_xqTc8Sd79GkF4CDsPD1h4xnAJoAFS7G63cmQJsmfhibVSjx04HP8mifH4cThzkkikP5dd66FoiKzZXJEO7uMxy8nYRC2Q3yssLy8ULrlnU7a_vwIDxxkiTkX5bFYpU3o3sVX-6emaCoKRWhIN_sniP6VujMhEvF4lPnngSY1FMup-7IZ1xmJRDasA7cUFnGPMu9hKNRK3KvqneItTKhhwRzOp2NTFYUHCMRAMhyXhdyKkQFTtG-3Rj0lKIK-pdE9cdLZk94_pukDhE_wkegoy5mfIhVzFyTDDAHHDmL8bssZfRFgksodVIei3Nt2H7ybOTTkA6QXMzwxE7C_mZcMIeerDP6YeXDrOhu-bD84Qv4_Dbq7nNAiDI5iVM1a54xI0aHn0UERZ78wJhc5B-U9uYiQxUw53MH4PgQ8gKE41zXol535D_RtQ1Z7VltN0wl8YFKNdKETb708uXV80blzG049JLhPpuHKGiGqiaOVrc_r695ZT2jIKb4uEJrtcnSn9T99Ajr-u75Xc2RC7wRNOY5DGGpkkmkVcaVsYZ7aPGnAT6QFrv1MM9cfutEPPSFOHCSH83GdFA74QCDax-NJTqFv8f6Pm_im6Ko1pqrihH5ddSjafSr1CLnHMakUVi6mtI6fj4rTHcxngIPyDJZPhQodOSpFHCcShFMpZHnWG_Es5S98LJjOLEuGicrPViKYjGMc8YFLNDRXiunUS-KeuFfIzkpg8NtA7Tg0Vs7Z-AAT65Zb9tWwI5vE1Lbl3WifhiFm1BZN8rEqvKpErwBs1H105M_AvCHmIp0v2f0hHlyF0KfYv77H7CyGBOBiyQTr3ELFlDzMg3x0goPZfwKzmJWEmlU3po2W8
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9723 		0
0
container.html
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C671 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 21 Apr 2021 05:55:15 GMT
expires
Thu, 21 Apr 2022 05:55:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B490 		441 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYhIy0pAEwAQ&v=APEucNUcGQuklqNe7p4iFWo6nwQkbrmVHx5Wfi6vSJNy9V7u5XXdCD6OHZzq3GIX-Sk0_qs5b2Y5SI7hHWgKXTcHwimJztyW6w
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COjuwgIQ25-HuQIYhIy0pAEwAQ&v=APEucNUcGQuklqNe7p4iFWo6nwQkbrmVHx5Wfi6vSJNy9V7u5XXdCD6OHZzq3GIX-Sk0_qs5b2Y5SI7hHWgKXTcHwimJztyW6w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnbqR_4al-KvAem2zulE1i5XEGxZPciKpCtvpGQBe9nZh6ekGZnrM1MZs7YaY4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 21 Apr 2021 05:55:16 GMT
server
cafe
cache-control
private
content-length
227
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame C671 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 19:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37783
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Apr 2021 19:25:33 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame C671 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:43:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:43:26 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame C671 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:54:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C671 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrN0JNzrDg1Lhl9Vu4XT5TtOU7rOBY9mjnKdNzlCudUsEKITjg5KOJu1JdXHdlbpHjjaggnbIo7i4kzSJvtKDKnVZowl9SsggCtsGcareX4hxwwXs
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame C671 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:49:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C671 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame C671 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:51:33 GMT
l
www.google.com/ads/measurement/ Frame C671 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCpcJ-vyBWDM2j5a_rL7Vn7QQIfTdZjy1tC3DIcd-X70U8ycaF0HuVS3mihTZc5IJlShQTb5QxY7OT55v1NBtB0pbVdA
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame C671 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv801FREvXMBZTBxqUtgXO1gmM-X0ZLcH0GCOWsI6cyHButJhNyPYooW_JNo3s-0vLJTKbWMlR9oCME8Uir5eba97q-Lyr2LaOVPPwNotrQhIE7oYdCQEQHFo8UpVlxnvYtvZnhZUYFiP_MT_ewJnFSo_Wt-qE3rpwMzNiVtvrMZ2oeUSX8NG2kWQeqGMSI0dWklvSQA5_NrQjP-6Gz8SarQI2_fh2U7RYEnUdBYPGHZk6c6DAKqYAkN6mlFuc4in7NwiaNZl_F7n2DBaAlEyWMuDomGbsOYiOq9GEf2mt6d4wBhWuxTQg0VHZS97vLJS8BL89MdvnUsLDB8uJs97AVhxVzUQhZVlBD9X0T--ch7G5S1s2EGsf1pS7Dh5gXy17H2loeL2WXD8m160qsfZJ3eJXmR4SjDAJ7tmb7qGrxqaKYCdKYtR4jVW7v2JDnRe5FjyP4KHKp_T63j7kIy-l70kmRkI8Ywb3NelblMq5PDYeGNu7I71tgvgFzbzPIcoZOTi77oAz-eduAfTjsZCNS5miPAa841QAguuB5nqODuCGzKmWhFJgGNNYKlH4mygudizMmB6_EPwpncfzkW4f8c9fT2AL4tx6GHPVzAPeY_m4-q80_odhKDCUORlZbsXOOoAR_BeJSSx6LBFCnsqZHyeyJML7YuGj1lVLUIH4un9Pl_aT-mpxqdFIgw6Y2ly1TWuV3iXtCnD53KpDHq3nfAFMhE3oEmpYinTn63s4GOYM2WtCt4IKjfmOcgEUuW98beHUsVGFWOABIZqGH4cg3knZm0ARarXqQNq_YkiwZix2V7vdVehvkR8GOwlsKu4Mzy6jGKWxZVCf1A2Yb46YgoIfL2ICBOP7guUzGSZ6-sEVTcLHguounf0Hzhic_7meAeY7nLv3Q2IG9DwZYqPBDaMA2Qs1e2OZZtobf0haLPdYLAF-FVsvSqGlORKPezeKc3JpcxEJJ3edBYOK-RnyLRHXjtzCaZK4dt72sJGGkE5OTC-NafSpG9l5kp6l82pJ5dD4e-e5x2Mtt2pBn_sLR0qq68eJr4VIOP4FeehtEznhrxyQnyx24W1AulHzED4NCXb2N9D8jfpKMewrCU1tMJXj11Prx47kjVIYu0cUkPjplI01BpsMGNLimhRUo1LC6NTc1cG08XQ3Z&sai=AMfl-YRfWrxpoQ0tpLYAad5py6GflQCg-_PakPWb8IzCfw3nlnfMaA7HURvUmFiaxACZc6sxxV7eV_9edqFm4icgujMwFpxPUt2gbBWb_YiBfBySgcVJG6QkK2_oQplDgVrX7dewxiJn-8HgsmwDSe_sOuNGVgbFBQZI8PXcNkdslxkjgS6fkuDA3WNibIeSNvheghlrsOA7HxFXDQGNH1hM9HJPiGUknjGK21MnM0oV7RIxycvoGCTMrNSrUdgrFvAySZHdujjFsyFAF1Vee8fYRcRiyw&sig=Cg0ArKJSzMCnMaIs2fphEAE&urlfix=1&omid=0&rm=1&ctpt=13&cbvp=1&cisv=r20210415.57976&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 21 Apr 2021 05:55:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
3131390459031209656
s0.2mdn.net/simgad/ Frame C671 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3131390459031209656
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccbfe6dd85c35d800cf53dbe412b589f0e8cc28547ad723a4ffd74d4898695a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:23:31 GMT
x-content-type-options
nosniff
age
415905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11634
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 08:19:58 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 10:23:31 GMT
um
sync.teads.tv/ Frame B490
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJMMN1tsHCCPLEtHusdQfcY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJMMN1tsHCCPLEtHusdQfcY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYhIy0pAEwAQ&v=APEucNUcGQuklqNe7p4iFWo6nwQkbrmVHx5Wfi6vSJNy9V7u5XXdCD6OHZzq3GIX-Sk0_qs5b2Y5SI7hHWgKXTcHwimJztyW6w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 21 Apr 2021 05:55:17 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEJMMN1tsHCCPLEtHusdQfcY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B490
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmI2YzUyNTctMDc4OS00NmEyLThlZGUtMmJiMzlkODFmMDJi
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmI2YzUyNTctMDc4OS00NmEyLThlZGUtMmJiMzlkODFmMDJi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYhIy0pAEwAQ&v=APEucNUcGQuklqNe7p4iFWo6nwQkbrmVHx5Wfi6vSJNy9V7u5XXdCD6OHZzq3GIX-Sk0_qs5b2Y5SI7hHWgKXTcHwimJztyW6w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
server
akka-http/10.2.3
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmI2YzUyNTctMDc4OS00NmEyLThlZGUtMmJiMzlkODFmMDJi
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Wed, 21 Apr 2021 05:55:17 GMT
sync
partners.tremorhub.com/ Frame B490
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEHOAqp75AAPV6Cm-1wJ47G0&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEHOAqp75AAPV6Cm-1wJ47G0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYhIy0pAEwAQ&v=APEucNUcGQuklqNe7p4iFWo6nwQkbrmVHx5Wfi6vSJNy9V7u5XXdCD6OHZzq3GIX-Sk0_qs5b2Y5SI7hHWgKXTcHwimJztyW6w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:4acf:609e:729c:ab1e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEHOAqp75AAPV6Cm-1wJ47G0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C671 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 10:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70088
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:27:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7378 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 20 Apr 2021 16:59:40 GMT
expires
Wed, 21 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
46536
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C671 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdd6e63f83eb961cca245383e2fea1bce2ad8894789939adc9ae1476df5c334b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BDAE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 20 Apr 2021 14:36:31 GMT
expires
Wed, 20 Apr 2022 14:36:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55125
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
google2waycm.netmng.com/cm/ Frame 7378 		0
0
pixel
cm.g.doubleclick.net/ Frame 7378
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bzlxRzVWdmgxTHo1UHc1&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5X...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bzlxRzVWdmgxTHo1UHc1&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5X...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bzlxRzVWdmgxTHo1UHc1&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5Xj3HVOu4EvjpbqnOYa-ZGziBsSOAKxvA0z2BnmwyjlhsSjaCeCVHY&google_tc=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bzlxRzVWdmgxTHo1UHc1&google_gid=CAESEGKbOXyrQHkKGK6cQMou8XA&google_cver=1&google_push=AQvitUKxsgrq2GvMkptkfDBC6v-B1ZNt1oRBZBAfoSyNG5Xj3HVOu4EvjpbqnOYa-ZGziBsSOAKxvA0z2BnmwyjlhsSjaCeCVHY&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
477
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7378
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhfX1F3QUFVNlFQblFBQw==&google_gid=CAESEPgRWIP_mK2OpqUwaz6k7gw&google_cver=1&google_push=AQvitUKosvLtq-XlOzN1gg2MqYYSp_kl_9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhfX1F3QUFVNlFQblFBQw==&google_gid=CAESEPgRWIP_mK2OpqUwaz6k7gw&google_cver=1&google_push=AQvitUKosvLtq-XlOzN1gg2MqYYSp_kl_9Mo7BJNmqiKKl-tC0x-ufT65eHDmWOFnpyJDM0l09wnOiAxYciltp6iqtgbDpp-LigH
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618984517.616238,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhfX1F3QUFVNlFQblFBQw==&google_gid=CAESEPgRWIP_mK2OpqUwaz6k7gw&google_cver=1&google_push=AQvitUKosvLtq-XlOzN1gg2MqYYSp_kl_9Mo7BJNmqiKKl-tC0x-ufT65eHDmWOFnpyJDM0l09wnOiAxYciltp6iqtgbDpp-LigH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7378
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBH0PJ9LXquW2uIb0hab2LU&google_cver=1&google_push=AQvitUL5SphvmN644tGcEbKQZBnng32J2dpPHUmn0NgGvKEFvMEWyRHUBVtmdDGi4ECQPu_hfAtlc1lY8nFRq2OXorPY1OF...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL5SphvmN644tGcEbKQZBnng32J2dpPHUmn0NgGvKEFvMEWyRHUBVtmdDGi4ECQPu_hfAtlc1lY8nFRq2OXorPY1OF-Bb0&google_hm=NzkxMDc2MjQ0NzkwNTM2NjE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL5SphvmN644tGcEbKQZBnng32J2dpPHUmn0NgGvKEFvMEWyRHUBVtmdDGi4ECQPu_hfAtlc1lY8nFRq2OXorPY1OF-Bb0&google_hm=NzkxMDc2MjQ0NzkwNTM2NjExNA%3D%3D
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Apr 2021 05:55:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUL5SphvmN644tGcEbKQZBnng32J2dpPHUmn0NgGvKEFvMEWyRHUBVtmdDGi4ECQPu_hfAtlc1lY8nFRq2OXorPY1OF-Bb0&google_hm=NzkxMDc2MjQ0NzkwNTM2NjExNA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7378
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEO3V2nhy5i2v9CN9REGkX2A&google_cver=1&google_push=AQvitULj8ins-_a7ANpb1s9ID41XgjwDLpFwK6vUhU7xXV7nylmZsw-OhEKv-qzfSeGvA...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitULj8ins-_a7ANpb1s9ID41XgjwDLpFwK6vUhU7xXV7nylmZsw-OhEKv-qzfSeGvAzA92Uk19pE3KvPQ29VfmiILOvlNXx0&google_hm=QWlXbUVLSlVtc2ZXSUhvUjQ1Z...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitULj8ins-_a7ANpb1s9ID41XgjwDLpFwK6vUhU7xXV7nylmZsw-OhEKv-qzfSeGvAzA92Uk19pE3KvPQ29VfmiILOvlNXx0&google_hm=QWlXbUVLSlVtc2ZXSUhvUjQ1ZE1JN1E=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitULj8ins-_a7ANpb1s9ID41XgjwDLpFwK6vUhU7xXV7nylmZsw-OhEKv-qzfSeGvAzA92Uk19pE3KvPQ29VfmiILOvlNXx0&google_hm=QWlXbUVLSlVtc2ZXSUhvUjQ1ZE1JN1E=
Date
Wed, 21 Apr 2021 05:55:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 7378
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.targeting.unrulymedia.com/csync/RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUImukInO9ohV0mkUex0I...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUImukInO9ohV0mkUex0Iaz10ZZLhi3ZG4xhT_YiWg9_0_fVPYY8su-8rsn60Zum7nZpiGQaAmIJ7IAWH_0BFxYINDR7Ypc&google_hm=AwGusw9sMUnhrdm_qgkEtQo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUImukInO9ohV0mkUex0Iaz10ZZLhi3ZG4xhT_YiWg9_0_fVPYY8su-8rsn60Zum7nZpiGQaAmIJ7IAWH_0BFxYINDR7Ypc&google_hm=AwGusw9sMUnhrdm_qgkEtQo
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUImukInO9ohV0mkUex0Iaz10ZZLhi3ZG4xhT_YiWg9_0_fVPYY8su-8rsn60Zum7nZpiGQaAmIJ7IAWH_0BFxYINDR7Ypc&google_hm=AwGusw9sMUnhrdm_qgkEtQo
date
Wed, 21 Apr 2021 05:55:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX01aeb30f6c3149e1add9bfaa0904b50a003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 7378 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEEN-VDP0XFuGVSkKxGsbbA&google_cver=1&google_push=AQvitUJPJvqGw67_fYiHWWjO-Q3nQmVkfwBSZUUHbj7aGBiDj-pFiYagR1IslfuyzAxi09XxofwEKs0oVL0uqueyg8KAOxH5N_cdkw
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 22 Apr 2021 05:55:16 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7378 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOpnn24DVhKvsbuWe2KgdFzKXN7pC1B3YJNmXNKXUvrD6-rD5PA1Efl1KRyjPlrP-domqJOA
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bum
ums.acuityplatform.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi
  • https://ums.acuityplatform.com/bum?tpid=29&uid=9072911b-3954-4807-b04f-cb56b03d8384&bidswitch_ssp_id=sonobi
0
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
49 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:10 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=6182607f-be42-4900-acea-1cbe90fa5603
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 21 Apr 2021 05:55:09 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003&rndcb=5409532043
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=9072911b-3954-4807-b04f-cb56b03d8384&google_hm=OTA3MjkxMWItMzk1NC00ODA3LWIwNGYtY2I1NmIwM2Q4...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELIc3dDknO2SL8VkG6FMPG8&google_cver=1&ssp=adconductor&bsw_param=9072911b-3954-4807-b04f-cb56b03d8384
  • https://sync.1rx.io/usersync/bidswitch/9072911b-3954-4807-b04f-cb56b03d8384?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-01aeb30f-6c31-49e1-add9-bfa...
  • https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
49 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-01aeb30f-6c31-49e1-add9-bfaa0904b50a-003
date
Wed, 21 Apr 2021 05:55:16 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX01aeb30f6c3149e1add9bfaa0904b50a003
content-type
text/html
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4bd1642a73&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4bd1642a73
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4bd1642a73
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=2ee25ea6-7ec5-468f-aa05-403e9f796f55&pubid=4bd1642a73
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
227
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=8a642afe-5d17-40bb-8683-1af086bcf2f6&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ejZzOWZXd09mbHhnVXlwTDU4WnZMUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEpRTAhLsWLYSajdGi4uhMU&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=chCBhgRw7lAX
49 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=chCBhgRw7lAX
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Apr 2021 05:55:17 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=chCBhgRw7lAX
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-q7vxw
expires
-1
N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
pagead2.googlesyndication.com/bg/ Frame BDAE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 08:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
163034
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5655
x-xss-protection
0
expires
Tue, 19 Apr 2022 08:38:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 78A9 		0
0
container.html
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 62C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 21 Apr 2021 05:55:15 GMT
expires
Thu, 21 Apr 2022 05:55:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F2F 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYo4vZogEwAQ&v=APEucNVNhr2lo4TWq8wnboGkNK_caepzNpUokTnkK_h4iSczpqBkyWPKoCgL2cXXQnhcitkjtekE4dLsZx3I8oYEIVHbQpa99Q
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLvO5QIQj7KT9gEYo4vZogEwAQ&v=APEucNVNhr2lo4TWq8wnboGkNK_caepzNpUokTnkK_h4iSczpqBkyWPKoCgL2cXXQnhcitkjtekE4dLsZx3I8oYEIVHbQpa99Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnbqR_4al-KvAem2zulE1i5XEGxZPciKpCtvpGQBe9nZh6ekGZnrM1MZs7YaY4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 21 Apr 2021 05:55:16 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 62C9 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 19:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37783
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Apr 2021 19:25:33 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/ Frame 62C9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:43:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
server
cafe
etag
7752240862628680351
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:43:26 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/ Frame 62C9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210415/r20110914/abg_lite_fy2019.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
5240039360651012885
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:54:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62C9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqfZ6skzHyHl62HCCkgxtqJ84vKxjSPrebJfDF2B79C7fzG2YhhzYil51mQug233osuHqyRpRJJQdISuniOzzxo_N57x8ojJ047y01U2wUhY8Mttw
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 62C9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:49:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 62C9 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618831897855645"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36793
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/ Frame 62C9 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210415/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 May 2021 05:51:33 GMT
l
www.google.com/ads/measurement/ Frame 62C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDmb5k7MwnN2TAuFZZ07bTjGZkg48hGtwO2m-EiG-0s-X1k1AKRuchUmHZEgZ1PX3HbPqopvH8gHDfqwuYEi1YgT10HA
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
partner
sync.search.spotxchange.com/ Frame 9F2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEQIr7JLYQLOf4UQjnC0yJg&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEQIr7JLYQLOf4UQjnC0yJg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYo4vZogEwAQ&v=APEucNVNhr2lo4TWq8wnboGkNK_caepzNpUokTnkK_h4iSczpqBkyWPKoCgL2cXXQnhcitkjtekE4dLsZx3I8oYEIVHbQpa99Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEQIr7JLYQLOf4UQjnC0yJg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F2F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjViMzdlMWItYTI2Ni0xMWViLWEzZGYtMTk3ZTIyZGYwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjViMzdlMWItYTI2Ni0xMWViLWEzZGYtMTk3ZTIyZGYwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYo4vZogEwAQ&v=APEucNVNhr2lo4TWq8wnboGkNK_caepzNpUokTnkK_h4iSczpqBkyWPKoCgL2cXXQnhcitkjtekE4dLsZx3I8oYEIVHbQpa99Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjViMzdlMWItYTI2Ni0xMWViLWEzZGYtMTk3ZTIyZGYwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
128
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 9F2F 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYo4vZogEwAQ&v=APEucNVNhr2lo4TWq8wnboGkNK_caepzNpUokTnkK_h4iSczpqBkyWPKoCgL2cXXQnhcitkjtekE4dLsZx3I8oYEIVHbQpa99Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
index.html
s0.2mdn.net/sadbundle/4308604090950670236/ Frame 622D 		71 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4308604090950670236/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbb66cb88eb9f518a45c5036b56695e067bd4c4c32a8747beef9778012c2f92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/4308604090950670236/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 20 Apr 2021 22:22:32 GMT
expires
Wed, 20 Apr 2022 22:22:32 GMT
last-modified
Wed, 31 Mar 2021 14:25:18 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
20139
age
27164
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 62C9 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuc60UHBCvTyKIGiBeqS6l_azNEpvE6HaCreZ3F2Dap_gvVxxcoYItBd3e_JFU5hgk1CAkWSLuyxb2A7Qv8oO53gw6OHib_U1JlCuMWwQ1EqprLJLlS9xvjWTUPy-pDFelfu5LvRZMyvwVUpCDGh15hqUMduL3In0AxgRgSM1nDj932WBW7AF7KI-nYYwVQXS9iqNFVI-PS08JVQCwjBWBNs9pYKiFPse-rMfytFmqafCyBdcQo5vw_eZ-i1HsQshCWgNFHlgShvzozfg0T83j8hVSguYM7Nqnhh4hy58iUjYNNyLizS8weoMx8jrFfMpeR6UlL5786ypQOjKoimWKagLPWlFL5Lsypz0P19W9injLsBKDRdCMYQNFH406PgvCCiis8QqIXhPKgKx1ir2nPfiuG-9aDIe9twiLZoQjYrawrME9hcv7O93WYdRgxnAgcs7S4YCdm7-bLsTohzYMm40NEO6vpK4Zgw_JA0DvVRrBQ_jjCfPb8mAj8nGz1o7eWr9QG_bFR4Q_M7TjFeSzhr1b4O7TZslqjoT4algXeUO2XyWLCSBzY8qUIlh7ef1z-LQuyPolq45yy3mTaSV0NQAQgKTKbR511inCJtj-1QgVKaiAJiz9iiIKkJQxewc0yWPD9vAEu2WFlPZUpL_nrSKKlVKw0lhdHiCdp6mC-9yQAaDwFeQo12MCMl49Aox3OsxGVu_aZibgUwNatsnIPVpdMwMUOlVLhOSarO_gBC38lJxQadHp6EyLH6VfK2j5X88DmZ7t7WIiZ1B0kbOH0SEfX9mdy5xIu2p3YGBZiSC4DKltU7OEELx0kQOFM81yze4QfDXiDgNATMIFXrlwgeku78SrFniU66M-_CrjYO5Uu_OvZUV6mclLdcDtyRgIfxzwpvjxrWEoKf1asRUBH10KZ1ItwQn1FieaMyWBkzU2--okyrut5ctAKPK4KhMZ3F1qXzykHDiidNpntq1G599-uZgSCBUPErpTBlBllJGSUt-eQIJw2wYuAqyAyLL6qJkBIHtsToJlSa91OcjvHWd1MvKMPUCxbm9G2_eM1Ik7GGSwCXoMC02pe4yhvJEoCOca7VdUSkvMr2gikTccYx2tDbFUhAvszWL6bQ_TdV0zkzPmCf06X-guQU44fssiMOY&sai=AMfl-YQx3ZtLRQmfSJmx2StgK3DiF5mC4UrV8DrQTOMs-w69wbn_hrUAsnOxWNXY4VeP-s7tH_IogxHuILgGwL6jmXje2xnBzMqjBj6EbgTOJcx-44wHs0aaZzM4rbTlxsTASX3woweSJDndEPy6JPbd4C3jBmZrWjkAQXSrvrY7Ru6V0xcGvbQnUrccSZwpI_m6pKr98YGMb83doAD4cmKYnX4vE_XLk4CHONGNJ9rHT2S9-cU83ECijxFi4ZebLQes81ANZcuQvZ6vXkDW1CF0RpJI-Q&sig=Cg0ArKJSzKQof6R3HkrDEAE&urlfix=1&omid=0&rm=1&ctpt=27&cbvp=1&cstd=25&cisv=r20210415.43071&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 21 Apr 2021 05:55:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 62C9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 10:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70088
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:27:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1F94 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 20 Apr 2021 16:59:40 GMT
expires
Wed, 21 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
46536
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 62C9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3513817af3fdc32b9ca66e56c2c15b804789ea57b1b01e37cab49245e5b76c4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 241F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=c1b0cf8aca42a5482172768a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
49 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 21 Apr 2021 05:55:10 GMT
Server
MT3 3660 495c301 master zrh-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=6182607f-be42-4900-acea-1cbe90fa5603&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 21 Apr 2021 05:55:09 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4FB9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 20 Apr 2021 14:36:31 GMT
expires
Wed, 20 Apr 2022 14:36:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55125
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 622D 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4308604090950670236/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4308604090950670236/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 04:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5188
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Apr 2021 04:28:48 GMT
dpixel
cms.quantserve.com/ Frame 1F94 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPSuShYFGQgntKXMzlPL3V4&google_cver=1&google_push=AQvitUIvgsLNHRE1cR-EugM9JafkxyvXk1A84sd4jc8LFnTleWJ5zR9SWrTX7k1hCjTF_6g2bxixrm__nI9w33ts9j4Xvj_wWFwh
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1F94
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHQM_2jt3VvJXce319hcXL4&google_cver=1&google_push=AQvitUJrH0nkFGItdZVdaH1AP3iPxPJNU9La-h6UhAMUBQ9YH7a18UhynZPF9v4858OupqiPU2Ya1...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUJrH0nkFGItdZVdaH1AP3iPxPJNU9La-h6UhAMUBQ9YH7a18UhynZPF9v4858OupqiPU2Ya1FmqZCluiKEsVPDIao1iuTfR
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUJrH0nkFGItdZVdaH1AP3iPxPJNU9La-h6UhAMUBQ9YH7a18UhynZPF9v4858OupqiPU2Ya1FmqZCluiKEsVPDIao1iuTfR
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 21 Apr 2021 05:55:17 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUJrH0nkFGItdZVdaH1AP3iPxPJNU9La-h6UhAMUBQ9YH7a18UhynZPF9v4858OupqiPU2Ya1FmqZCluiKEsVPDIao1iuTfR
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
T/BwNtfJdxaQ4qn8hSsAAA==
pixel
cm.g.doubleclick.net/ Frame 1F94
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEJWWR7_Ejf-B32xq9w1kui0&google_cver=1&google_push=AQvitUJOC8AChT58BloPIKMK3p5p6UU3jQbspgksv5cLuaBlkJENs6zsuC-OqIIWklEtGtPUVK7F_ZXy5gWDizblwUYnAHs5pj0
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUJOC8AChT58BloPIKMK3p5p6UU3jQbspgksv5cLuaBlkJENs6zsuC-OqIIWklEtGtPUVK7F_ZXy5gWDizblwUYnAHs5pj0&google_hm=ZzVlNzBhY2E4ZWZlZDk1N...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUJOC8AChT58BloPIKMK3p5p6UU3jQbspgksv5cLuaBlkJENs6zsuC-OqIIWklEtGtPUVK7F_ZXy5gWDizblwUYnAHs5pj0&google_hm=ZzVlNzBhY2E4ZWZlZDk1NTY2ZjU=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AQvitUJOC8AChT58BloPIKMK3p5p6UU3jQbspgksv5cLuaBlkJENs6zsuC-OqIIWklEtGtPUVK7F_ZXy5gWDizblwUYnAHs5pj0&google_hm=ZzVlNzBhY2E4ZWZlZDk1NTY2ZjU=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1F94
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHdmTCieraliXyCQ5P9KLqg&google_cver=1&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wCFJcySX...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEHdmTCieraliXyCQ5P9KLqg&google_cver=1&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wC...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NT9z5khvSqKkbwHCeLLSXg&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13w...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NT9z5khvSqKkbwHCeLLSXg&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wCFJcySXgwdpQ
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NT9z5khvSqKkbwHCeLLSXg&google_push=AQvitULEtp3ijs_cvgwfsNGMafHUyZ02t-IaErxQE5lVyT8p4zTAt5JvLjpyq24Q15LjnTrUveaX3TbLY4Yp13wCFJcySXgwdpQ
date
Wed, 21 Apr 2021 05:55:18 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1F94
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOy-Pcf6zwf9trYa7FR7-bw&google_cver=1&google_push=AQvitUIXv89T0LvX-ZZk0y3iuLyzNl_vlCcU1APN6T7EFNZgNRjMZo-HJToi5u0WLJIrlTdvGY...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ2ZNUVNSRTJ1SFRCQjJjSUtLeENjcUZOUnN0Y3daX35B&google_push=AQvitUIXv89T0LvX-ZZk0y3iuLyzNl_vlCcU1APN6T7EFNZgNRjMZo-HJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ2ZNUVNSRTJ1SFRCQjJjSUtLeENjcUZOUnN0Y3daX35B&google_push=AQvitUIXv89T0LvX-ZZk0y3iuLyzNl_vlCcU1APN6T7EFNZgNRjMZo-HJToi5u0WLJIrlTdvGYNaaVN1NeVaqW_NjVZzIxWczJH7
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IQ2ZNUVNSRTJ1SFRCQjJjSUtLeENjcUZOUnN0Y3daX35B&google_push=AQvitUIXv89T0LvX-ZZk0y3iuLyzNl_vlCcU1APN6T7EFNZgNRjMZo-HJToi5u0WLJIrlTdvGYNaaVN1NeVaqW_NjVZzIxWczJH7
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 1F94 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEEN-VDP0XFuGVSkKxGsbbA&google_cver=1&google_push=AQvitUJbx-PSMFuki3Og7LZThhufEA6kxEBC6WFD7k6cT4fJocnC4minuM6gGxKwI8gJZ-we4SOWgRs09H7iM7OCsSRsl8v2Y-e3uQ
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 22 Apr 2021 05:55:16 GMT
pixel
cm.g.doubleclick.net/ Frame 1F94
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEBpgJMjZODol5fbqrY0mb7I&google_cver=1&google_push=AQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbik...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dffed401b-9d40-4d90-b62f-d2d1ff32da96%26google_push%3DAQvitUK_5J1VDGw1C9I8Z3NuMaYWv...
  • https://tech.rtb.mts.ru/?dsp_uid=ffed401b-9d40-4d90-b62f-d2d1ff32da96&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Dffed401b-9d40-4d90-b62f-d2d1ff32da96%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=ffed401b-9d40-4d90-b62f-d2d1ff32da96&google_push=AQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CP...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=ffed401b-9d40-4d90-b62f-d2d1ff32da96&google_push=AQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbikZXSuZstRXb8tw
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 21 Apr 2021 05:55:18 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=ffed401b-9d40-4d90-b62f-d2d1ff32da96&google_push=AQvitUK_5J1VDGw1C9I8Z3NuMaYWvCMZy6JM1edfRk_YFZHmMqp7TVISJgktIDSMmQtHSiAB2x_PczjF73a9CPbikZXSuZstRXb8tw
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame 1F94 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5EJ5nibzl8YJ9pUeU0TVxCtlOzXqTxzowp0l5nlBuLfjwjhjUUld3_McDLTQvcKQhzFcYHXoU
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:16 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 62C9 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuc60UHBCvTyKIGiBeqS6l_azNEpvE6HaCreZ3F2Dap_gvVxxcoYItBd3e_JFU5hgk1CAkWSLuyxb2A7Qv8oO53gw6OHib_U1JlCuMWwQ1EqprLJLlS9xvjWTUPy-pDFelfu5LvRZMyvwVUpCDGh15hqUMduL3In0AxgRgSM1nDj932WBW7AF7KI-nYYwVQXS9iqNFVI-PS08JVQCwjBWBNs9pYKiFPse-rMfytFmqafCyBdcQo5vw_eZ-i1HsQshCWgNFHlgShvzozfg0T83j8hVSguYM7Nqnhh4hy58iUjYNNyLizS8weoMx8jrFfMpeR6UlL5786ypQOjKoimWKagLPWlFL5Lsypz0P19W9injLsBKDRdCMYQNFH406PgvCCiis8QqIXhPKgKx1ir2nPfiuG-9aDIe9twiLZoQjYrawrME9hcv7O93WYdRgxnAgcs7S4YCdm7-bLsTohzYMm40NEO6vpK4Zgw_JA0DvVRrBQ_jjCfPb8mAj8nGz1o7eWr9QG_bFR4Q_M7TjFeSzhr1b4O7TZslqjoT4algXeUO2XyWLCSBzY8qUIlh7ef1z-LQuyPolq45yy3mTaSV0NQAQgKTKbR511inCJtj-1QgVKaiAJiz9iiIKkJQxewc0yWPD9vAEu2WFlPZUpL_nrSKKlVKw0lhdHiCdp6mC-9yQAaDwFeQo12MCMl49Aox3OsxGVu_aZibgUwNatsnIPVpdMwMUOlVLhOSarO_gBC38lJxQadHp6EyLH6VfK2j5X88DmZ7t7WIiZ1B0kbOH0SEfX9mdy5xIu2p3YGBZiSC4DKltU7OEELx0kQOFM81yze4QfDXiDgNATMIFXrlwgeku78SrFniU66M-_CrjYO5Uu_OvZUV6mclLdcDtyRgIfxzwpvjxrWEoKf1asRUBH10KZ1ItwQn1FieaMyWBkzU2--okyrut5ctAKPK4KhMZ3F1qXzykHDiidNpntq1G599-uZgSCBUPErpTBlBllJGSUt-eQIJw2wYuAqyAyLL6qJkBIHtsToJlSa91OcjvHWd1MvKMPUCxbm9G2_eM1Ik7GGSwCXoMC02pe4yhvJEoCOca7VdUSkvMr2gikTccYx2tDbFUhAvszWL6bQ_TdV0zkzPmCf06X-guQU44fssiMOY&sai=AMfl-YQx3ZtLRQmfSJmx2StgK3DiF5mC4UrV8DrQTOMs-w69wbn_hrUAsnOxWNXY4VeP-s7tH_IogxHuILgGwL6jmXje2xnBzMqjBj6EbgTOJcx-44wHs0aaZzM4rbTlxsTASX3woweSJDndEPy6JPbd4C3jBmZrWjkAQXSrvrY7Ru6V0xcGvbQnUrccSZwpI_m6pKr98YGMb83doAD4cmKYnX4vE_XLk4CHONGNJ9rHT2S9-cU83ECijxFi4ZebLQes81ANZcuQvZ6vXkDW1CF0RpJI-Q&sig=Cg0ArKJSzKQof6R3HkrDEAE&urlfix=1&omid=0&rm=1&ctpt=154&vt=11&dtpt=127&dett=3&cstd=25&cisv=r20210415.43071&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
js
ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/ Frame 241F
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=cf02b015bbca6aaa90f2413940520f707defaeb59e1eb194b872f45e275312ae&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=cf02b015bbca6aaa90f2413940520f707defaeb59e1eb194b872f45e275312ae&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F64602b52161140...
  • https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/js?tpid=48&tpuid=d9770ede1ccc1f9da9073463169cd244
44 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/js?tpid=48&tpuid=d9770ede1ccc1f9da9073463169cd244
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cc22b7b98e53ad479f2b438cdcc0e701cd056218ca86be6f9e63b3dc262f00ba

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Location
https://ih.adscale.de/sium/64602b52161140d6924808d77abd272d/1618984515139/0/js?tpid=48&tpuid=d9770ede1ccc1f9da9073463169cd244
Date
Wed, 21 Apr 2021 05:55:17 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
147
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
pagead2.googlesyndication.com/bg/ Frame 4FB9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N0cNQz_bqY1YohNAUNIZQryLecw2v8JwvqvBktlc8tc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 08:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
163034
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5655
x-xss-protection
0
expires
Tue, 19 Apr 2022 08:38:02 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 62C9 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
828
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20914
x-xss-protection
0
server
cafe
etag
9171160076714409937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 06:41:28 GMT
300x250_Asset_1_EN.jpg
s0.2mdn.net/sadbundle/4308604090950670236/ Frame 622D 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4308604090950670236/300x250_Asset_1_EN.jpg
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f31c5f2f08b5b71445c0123f141256e547dd41db17d7a2c75527b4f52a82e386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4308604090950670236/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 23:58:20 GMT
x-content-type-options
nosniff
age
107816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73714
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 14:25:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Apr 2022 23:58:20 GMT
300x250_Asset_2_EN.jpg
s0.2mdn.net/sadbundle/4308604090950670236/ Frame 622D 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4308604090950670236/300x250_Asset_2_EN.jpg
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a389ee9c795ac3439fd3f22a3267c285d2cbc23f1934e1eeaaf6f0e72572ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4308604090950670236/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 04:13:38 GMT
x-content-type-options
nosniff
age
524498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75747
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 14:25:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Apr 2022 04:13:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BDAE 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bm2UARL5_YO2GEpGs3gPH-LaYBQAAAAA4AeAEAg&bg=!ODulO3_NAAZUuIlwVLg7ACkAdvg8Woem1ycVHdCF5MhYwYk8ZtB1JW4c1ddzb52V-_pKUW3skeCM0gIAAADuUgAAAA9oAQcKANeEZjG3ZTaRhn5ie5ZHYJyGJhJj7rvKhvqOUg_0IggqAvLuzH7aQXao3fwi09LJe7a_AWcuvnAAPeaUkQboNfOzA8WDYuGxpBNH3jYiSr4Z9REfzT_JZoYSsn3Pi6M3W04iPLxjOl8jhktaHuWHiKn4Nj_DpCPeXXUdrx5HFeW1N838zXBFo5Sl46FbomVGCgzzSPw35O16CfHuAUS0YjeJp8Ym1oBOh7hpB6Q0GTfHHcgvin-ohD_fk3oTtJo9yajxMHagjduncrORgFauq8Xm474eBeHue5kCZuEdPZEk0haHUVZv93Zo38MThQijS00HOobgTqnYwuSL0T_JyX2J1IuIuVBGUjGxOCzlPw_5GswYw-pcm_qxBp3FdRMSKPyYbeplK8Sen1Zr8vNNtalVYAMhEp4ZDTckRr0Iad7LGuxJQSyII93H6QAGeRIjRf-yf_ciwsrVD4l6Xo8YYBqOCT1w0HXndpnK88mZGrceJXUQx0Zl87zEXegw2LPzt1sdb8Uml6Yzm0JdUPaOQ5EUd0HFCeTG7vbAnUJ9ZXYXaK8mb5B6b851D-rS0pMZ0jg5Kg_UcPf7OCdqz4QpLPoDfX2_i1MC4ETwnWP0MD97ho7aWjZYeeznSOokZaNbhQa6ngz_MYrF8ZKyjimKu0o1LqlhSvcIZRAnMVpTlAWq6KOiUvtvpBY_1A84EnrAhZgsyVwkyzKnVxzM516tCGRyN3Cn-xTa9wscwPkIZjH7LUbmgAbNBQ3qKuY4-HzCSO5zz49m63UNvIyvIO5TD6W8W18BjVZqX6Ez6aZo-2y_8jl8PzIZix3yKPmaIt1J6fe4plDZczAL3_SIolJ43zeNmpoKgU3-P_lgxSOOAnGv9sjGDfdumEIod4v0E3iAUZ-1SsCL23L8l56WiJsqYV5xzlliWPVErPrr5uyMTE4IRmgIdsj00A65exzoCM8hjBvF-QCQqIRwYAqtjhNBej-ejyE4-wLJ_EFT1XCx29mKECKA30YELgeVQI9gSyBXUsg5thLNh9tmZoFicGgjEoS-F_AYu4nrHAskT8Bqk073hC2qb1ldUh1fiIbsIAz_rJjxi3hkqDlhejVW0dZiy_6U
Requested by
Host: 3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
URL: https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 62C9 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~knr1kwbh&ctx=2&qqid=CJ3IgKjTjvACFRjzdwodkFwK5w&met.4=fb.37~lb.54~cmrload.7h~ol.8f~idt.59~dt.-bh&met.3=739.54~735.5k_1~740.5m~740.5m~740.5n~374.6v~740.6x~738.8f~740.9k~113.aq_4~112.ap_5&met.1=1.knr1kw0s~6.0~7.0~8.0~9.0~10.0~12.1~13.6~14.7~15.1f~16.54~17.54~18.54~19.8e~20.8e~21.8f&met.7=CBsQCBgBMAc4rwJoAXAHeL0YgAGkGIgBzi-wAQG4AQM~CCgQBRgBIHMoczCFATgSaHRwhAF4zgKAAbkCiAHzA7ABAbgBAw~CCkQChgBIHcodzB_OAhod3B-eJazAoAB97ICiAG9-QawAQG4AQM~CBwQChgBIHcodzCMATgVaHhwjAF4gBWAAeUUiAHBMrABAbgBAw~CBwQChgBIHkoeTCRATgXaHpwjgF45jeAAco3iAHtiQGwAQG4AQM~CBwQBhgBIHooejCXATgcaHtwlgF4P4ABKogBKrABAbgBAw~CBwQChgBIHooejCDATgIaH1wggF4sgqAAZcKiAHRE7ABAbgBAw~CCoQChgBIHsoezCNATgT~CBwQChgBIHsoezCFATgKaHxwhAF4_SuAAeIriAGVZbABAbgBAw~CBsQBhgBIHsoezCKATgP~CB8QBRgBIJMBKJMBMJ0BOApolQFwnAF4zp0BgAGrnQGIAYG5BLABAbgBAw~CCIQARgBIJQBKJQBMLkBOCVolQFwuQF4GLABAbgBAw~CCcQChgBIJwBKJwBMKQBOAhonQFwowF4gHeAAed2iAGKxQKwAQG4AQM~CBwQBRgBIJ0BKJ0BMLIBOBVonwFwsgF48QWAAdQFiAGWCbABAbgBAw~CCcQBRgBIOUBKOUBMO0BOAho5gFw7AF45EGAActBiAHqsgGwAQG4AQM~CCIQARgBIJMCKJMCMLECOB5okwJwsQJ4F7ABAbgBAw~CCgQChgBIMsCKMsCMOMCOBhozAJw4QJ4zqMBgAGyowGIAcevA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1006::78 Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sium
ih.adscale.de/ Frame 241F 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.78.164 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 21 Apr 2021 05:55:17 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FB9 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRBgCRL5_YJ2WHJjm3wOQuam4DgAAAAA4AeAEAg&bg=!dHeldzPNAAZUuIlwVLg7ACkAdvg8WsjHnrnqTpR8ewgMCtygJMOEuv1gMN9OBbrksWdGSeyqePAyvAIAAABiUgAAAApoAQcKAArx1vuRqWd0T6I0mQJqL6_XkaIE06ahZVXuGKGGO7V5oVjqc5v0JUljzIIC6GCwIg8kp3-Jrp11gV1xKzCz5s3AKHFXYo65kTqPKkLcLsQb_qnCsGhb4wvcWrSl_lBdDSuiQ3cbuJ9Mh9-YJAkqNdKcfDpH9ZOw78hsyUFQzlUVDsPssWcF7OqhN1N0reCXV8urI1JT0OlgD4HcnKSTRVoHGx5L6lvP6B3RrGy5kuVx3pETGktkxviT9Lq1tgsv0PohtJc42zKhGOQXYq73gl_yuWmh_FQVcmiWV4Z21TI6_ZwQzls-Neajubrb79DUCEgI3OrviU-RXdxS1hcusNOjhE1r0RbNMUDzuB9gfMDptzZMcBptk2mwgwUTrIFsZb2saIauJ66B1UKT0czceCEj2OkRzIjhdNufXbXPFp6zbVeSLy9zfgzs0Kz08sdwnjFiJ_TYxs2PEsz8a9aXnudH1jz6Iv7mQ7BldIBxI-unkelemVF46Nr2c98tfQgb8SEDK8R3eeG6AJqkIDcQ89aRKRVdSHjefkLuY5knLN9Zc95vtBeqd-YJWvuvYrC4s_Kv8NbyYyx-4_stvDRzIfBHlReBmLYSXwxgsy8k1U3oCUkbywQy3t2WkMuHt2vIJ1zze2rtwKwpp4X4XUEVKEaTLh0dky57YdonIEPbJ4OnAYcgsIhqeNXpCzMRd1x3FtgINTlqI_8blrhfGBVdItYLLNrf2NwDUz7tqinhWyk4sBFHFrm29aKFQ2BycCSg5iiPnNBUSmm2CfC0_-Dq3mMMb8H-DddA09QHQqU0Lprkt1peQwosZqa14MXfCIcsjiVh8xLh_Y8c
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1618984507&vid_playerVer=3.1.0&s=105129&sta=0&x=300&y=250&vid_passDomain=www.ptonline.net&subId=www.ptonline.net&debugInformation=&isApp=0&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=607fbe3b1ec4c&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1618984517481&uid=SekindoSPlayer607fbe3b3259f&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&floatStatus=false
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:16 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
log_event
www.youtube.com/youtubei/v1/ Frame 8D86 		28 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ae5b2092/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ho2RfNts3sE?enablejsapi=1&origin=https://www.ptonline.net
X-YouTube-Client-Version
1.20210419.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtZT3JDNUtDV09HNCi6_P6DBg%3D%3D
X-YouTube-Ad-Signals
dt=1618984507184&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C452&vis=1&wgl=true&ca_type=image&bid=ANyPxKpPN-bHdub0TsI0epkvhNiO42A_5EmQlHjZYLLJlMAKYc9kKUQgpO4OwSEAJCnzXdkCx-XoDcjcT-5XViYD3QIlDkAgNw

Response headers

date
Wed, 21 Apr 2021 05:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C671 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv801FREvXMBZTBxqUtgXO1gmM-X0ZLcH0GCOWsI6cyHButJhNyPYooW_JNo3s-0vLJTKbWMlR9oCME8Uir5eba97q-Lyr2LaOVPPwNotrQhIE7oYdCQEQHFo8UpVlxnvYtvZnhZUYFiP_MT_ewJnFSo_Wt-qE3rpwMzNiVtvrMZ2oeUSX8NG2kWQeqGMSI0dWklvSQA5_NrQjP-6Gz8SarQI2_fh2U7RYEnUdBYPGHZk6c6DAKqYAkN6mlFuc4in7NwiaNZl_F7n2DBaAlEyWMuDomGbsOYiOq9GEf2mt6d4wBhWuxTQg0VHZS97vLJS8BL89MdvnUsLDB8uJs97AVhxVzUQhZVlBD9X0T--ch7G5S1s2EGsf1pS7Dh5gXy17H2loeL2WXD8m160qsfZJ3eJXmR4SjDAJ7tmb7qGrxqaKYCdKYtR4jVW7v2JDnRe5FjyP4KHKp_T63j7kIy-l70kmRkI8Ywb3NelblMq5PDYeGNu7I71tgvgFzbzPIcoZOTi77oAz-eduAfTjsZCNS5miPAa841QAguuB5nqODuCGzKmWhFJgGNNYKlH4mygudizMmB6_EPwpncfzkW4f8c9fT2AL4tx6GHPVzAPeY_m4-q80_odhKDCUORlZbsXOOoAR_BeJSSx6LBFCnsqZHyeyJML7YuGj1lVLUIH4un9Pl_aT-mpxqdFIgw6Y2ly1TWuV3iXtCnD53KpDHq3nfAFMhE3oEmpYinTn63s4GOYM2WtCt4IKjfmOcgEUuW98beHUsVGFWOABIZqGH4cg3knZm0ARarXqQNq_YkiwZix2V7vdVehvkR8GOwlsKu4Mzy6jGKWxZVCf1A2Yb46YgoIfL2ICBOP7guUzGSZ6-sEVTcLHguounf0Hzhic_7meAeY7nLv3Q2IG9DwZYqPBDaMA2Qs1e2OZZtobf0haLPdYLAF-FVsvSqGlORKPezeKc3JpcxEJJ3edBYOK-RnyLRHXjtzCaZK4dt72sJGGkE5OTC-NafSpG9l5kp6l82pJ5dD4e-e5x2Mtt2pBn_sLR0qq68eJr4VIOP4FeehtEznhrxyQnyx24W1AulHzED4NCXb2N9D8jfpKMewrCU1tMJXj11Prx47kjVIYu0cUkPjplI01BpsMGNLimhRUo1LC6NTc1cG08XQ3Z&sai=AMfl-YRfWrxpoQ0tpLYAad5py6GflQCg-_PakPWb8IzCfw3nlnfMaA7HURvUmFiaxACZc6sxxV7eV_9edqFm4icgujMwFpxPUt2gbBWb_YiBfBySgcVJG6QkK2_oQplDgVrX7dewxiJn-8HgsmwDSe_sOuNGVgbFBQZI8PXcNkdslxkjgS6fkuDA3WNibIeSNvheghlrsOA7HxFXDQGNH1hM9HJPiGUknjGK21MnM0oV7RIxycvoGCTMrNSrUdgrFvAySZHdujjFsyFAF1Vee8fYRcRiyw&sig=Cg0ArKJSzMCnMaIs2fphEAE&urlfix=1&omid=0&rm=1&ctpt=1196&vt=11&dtpt=1183&dett=3&cstd=1192&cisv=r20210415.57976&adurl=
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/3273688070602409904/ Frame A8ED 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ca857a0aad68bfb1f9f3f3010e5b154f12042bd923632f4b36161a2dcb5037b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/3273688070602409904/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4313
date
Fri, 16 Apr 2021 10:23:31 GMT
expires
Sat, 16 Apr 2022 10:23:31 GMT
last-modified
Fri, 16 Apr 2021 08:19:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
415906
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
587aca0d4396b0d051096cd6cea1ad2e.js
s0.2mdn.net/sadbundle/3273688070602409904/ Frame A8ED 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3273688070602409904/587aca0d4396b0d051096cd6cea1ad2e.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3154089faaf8ff378de339de9cee5e6be03cbc67645e8c61ec0ee8d747a6369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 00:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20261
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18091
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 08:19:56 GMT
server
sffe
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 00:17:36 GMT
css
fonts.googleapis.com/ Frame A8ED 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3273688070602409904/587aca0d4396b0d051096cd6cea1ad2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e74a4ef70abf935fa8800498b5d751663e3511bbee1e3f21d0e445f7883e437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 05:17:09 GMT
server
ESF
date
Wed, 21 Apr 2021 05:55:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Apr 2021 05:55:17 GMT
ae5add6a58940473cc5714b50d328baa.png
s0.2mdn.net/sadbundle/3273688070602409904/media/ Frame A8ED 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3273688070602409904/media/ae5add6a58940473cc5714b50d328baa.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a88fcae6cee9970728bae395c928c7a0d4991310423751be4bee13b8416995a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:55:21 GMT
x-content-type-options
nosniff
age
259196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5408
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 08:19:56 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 05:55:21 GMT
dac04d73022c7ea8ad78b2b30b7e44ff.png
s0.2mdn.net/sadbundle/3273688070602409904/media/ Frame A8ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3273688070602409904/media/dac04d73022c7ea8ad78b2b30b7e44ff.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe72012046be59d37086db22f1b642c1a6847d8792db8eb10dff2d6040b5b2e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 10:23:31 GMT
x-content-type-options
nosniff
age
415906
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3436
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 08:19:56 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 10:23:31 GMT
2db6d3601e804a0177c912c322f1c854.svg
s0.2mdn.net/sadbundle/3273688070602409904/media/ Frame A8ED 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3273688070602409904/media/2db6d3601e804a0177c912c322f1c854.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3d66149f3765c6e48a9cca4e46b42a7ec2ff1776bf3a868800792d176ce000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3273688070602409904/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 04:34:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3397
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 08:19:56 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 04:34:39 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A8ED 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
117568
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:49 GMT
ptrack
a.audrte.com/ Frame B7A1 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=37.120.137.166&p=M1353665098&artime=2021-04-21T05:55:23.123Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5269b178feef17d1a3990e1252b73e2809da854aea91c291b6c10f89aca9fbfd

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 010E
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
  • https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5216aade88a9ee542976c41f7b47063d2c9257c4cd1f1d67fb6b64f952eb8501

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 21 Apr 2021 05:55:23 GMT
content-type
text/html;charset=UTF-8
content-length
1244
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.26.19
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;SameSite=None;Secure _cc_id=cd4b94c5519b9be4ec88b1f30621bfa0;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSE4xSbI0STY1NbRMskxKNUlNtrBIMkwzNjAzMkxKSzRgAIKE%2Bn3ev%2F%2F%2F%2F8%2FPAAcAyPAPLQ%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIqN%2FnzQAHABfmAek%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*

Redirect headers

date
Wed, 21 Apr 2021 05:55:23 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.21.3
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
5907
tags.bluekai.com/site/ Frame 010E 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=b619b701cd0417c5a9bb97899b9e8b72
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.150.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=YH__SwAAV0VTVQA4&_test=YH__SwAAV0VTVQA4
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 010E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YH__SwAAV0VTVQA4
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YH__SwAAV0VTVQA4&_test=YH__SwAAV0VTVQA4
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YH__SwAAV0VTVQA4&_test=YH__SwAAV0VTVQA4
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.98
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618984523.366519,VS0,VE0
x-served-by
cache-hhn4041-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YH__SwAAV0VTVQA4&_test=YH__SwAAV0VTVQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tpid=4176696962978341924
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 010E
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/cd4b94c5519b9be4ec88b1f30621bfa0/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4176696962978341924
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4176696962978341924
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.107
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=4176696962978341924
pragma
no-cache
date
Wed, 21 Apr 2021 05:55:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
image.sbxx
global.ib-ibi.com/ Frame 010E 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=cd4b94c5519b9be4ec88b1f30621bfa0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.183 Englewood, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
tpid=7cee8cc5-506d-4aa9-80c6-acfad890f414-607fbe4b-4348
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 010E
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=7cee8cc5-506d-4aa9-80c6-acfad890f414-607fbe4b-4348
49 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=7cee8cc5-506d-4aa9-80c6-acfad890f414-607fbe4b-4348
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.3
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:23 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=7cee8cc5-506d-4aa9-80c6-acfad890f414-607fbe4b-4348
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=298ef253-a266-11eb-8c41-9e061214b81a
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 010E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=cd4b94c5519b9be4ec88b1f30621bfa0&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=cd4b94c5519b9be4ec88b1f30621bfa0&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=298ef253-a266-11eb-8c41-9e061214b81a%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%2...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=298ef253-a266-11eb-8c41-9e061214b81a%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%2...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d23b2ac5-c0bf-488b-af53-2af4f7cb8584&ttd_puid=298ef253-a266-11eb-8c41-9e061214b81a%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fm...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=298ef253-a266-11eb-8c41-9e061214b81a
49 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=298ef253-a266-11eb-8c41-9e061214b81a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=15238/rand=718750314/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:23 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.39
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Wed, 21 Apr 2021 05:55:23 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=298ef253-a266-11eb-8c41-9e061214b81a
alt-svc
clear
content-length
0
p
a.audrte.com/ Frame B7A1
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8254793454157897200
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoidGFwYWQifV19&gdpr=0&gdpr_consent=&google_gid=CAESEINMpaJl_fd2A5sNdywsJ9s&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3307&partner_device_id=4hbIMcpWKe-RFq1cJItGjr1ag&partner_url=https%3A%2F%2Fa.audrte.com%2Ftp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206N...
  • https://a.audrte.com/tp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:24 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame B7A1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame B7A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent=&google_gid=CAESEINMpaJl_fd2A5sNdywsJ9s&google_cver=1
  • https://a.audrte.com/p
68 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.146.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/avif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 21 Apr 2021 05:55:23 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
rt=ifr
bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/ Frame 20AA 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
21c56a1c60c9c91cee0881267248f4e1c31e818722b80092eafdba4a8231df74

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_dc=1; _cc_id=cd4b94c5519b9be4ec88b1f30621bfa0; _cc_cc="ACZ4nGNQSE4xSbI0STY1NbRMskxKNUlNtrBIMkwzNjAzMkxKSzRgAIKE%2Bn3ev%2F%2F%2F%2F8%2FPAAcAyPAPLQ%3D%3D"; _cc_aud="ABR4nGNgYGBIqN%2FnzQAHABfmAek%3D"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

date
Wed, 21 Apr 2021 05:55:24 GMT
content-type
text/html;charset=UTF-8
content-length
1197
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.2.242
set-cookie
_cc_id=cd4b94c5519b9be4ec88b1f30621bfa0;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSE4xSbI0STY1NbRMskxKNUlNtrBIMkwzNjAzMkxKSzRgAIKE%2Bn0%2Bv%2F7%2F%2F8%2FPAAN8f3sOcTO%2BNWX4z8jIsPhojyCMPXHSC1XGtnIw%2B%2B9nSyaIMFTg44lTGqgiZ0%2BqowqcO3qIGVVk977LAqgic9Y%2F5UYVObx4DguqyKVTj9hQRd4tQVfzoeG%2BAMzdfzdOQZMFAPCwYHA%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGBIqN%2FnwwADLAyM62aCGMwau0AU4wZRMLVuPpAEAI4ZBi8%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 16-Jan-2022 05:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*
chartbeat.js
r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net/.36898.1602645843.659199./102508/js/
Redirect Chain
  • https://a248.e.akamai.net/chartbeat.download.akamai.com/102508/js/chartbeat.js
  • https://r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net/.36898.1602645843.659199./102508/js/chartbeat.js
0
0
tcx-ping.php
japfg-trending-content.appspot.com/ 		200 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=ptonline.net&h=www.ptonline.net&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
c70c19f121034ef927c5536e2b8c5cb8bddecdeec2cae9ea00dedb6c7238ae2e

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:24 GMT
via
1.1 google
server
nginx
content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
v2mwjm_c3iCwJQDEEMXMz0KDcOPWpFh9BtppXnWMWNyNvZth9l1QT5T0kv9138S-WGXVHU4-I
bandborder.com/ 		197 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2mwjm_c3iCwJQDEEMXMz0KDcOPWpFh9BtppXnWMWNyNvZth9l1QT5T0kv9138S-WGXVHU4-I
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/juk9wiR1VZ6RzdkdlQu6-asWyOtdYR6KNnoyP0MmfVHOTBL0L91etic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.246 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.39.190.35.bc.googleusercontent.com
Software
/
Resource Hash
bbbc333d2517e7fb2b4d0d817430546dfc450a1216c8fbf18b49af3bc989f9fc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 21 Apr 2021 05:55:24 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
f8becdc5
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
197
expires
Wed, 21 Apr 2021 05:55:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js?31060860
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51fb387bfaaedcbe8fe3e78c91b41d10abd73d08d8cc35997303e5f846834aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6499
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1986106146&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ptonline.net%2F&ul=en-us&de=UTF-8&dt=ptonline.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aDjAAUALAAQCAG~&jid=1392022666&gjid=1374178383&cid=158815272.1618984507&tid=UA-3858828-51&_gid=658186020.1618984524&_r=1&gtm=2wg472TFRW6D&cd1=158815272.1618984507&cd4=false&cd5=false&z=1184674306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ptonline.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 21 Apr 2021 05:55:24 GMT
pixel
cm.g.doubleclick.net/ Frame 20AA 		170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=Y2Q0Yjk0YzU1MTliOWJlNGVjODhiMWYzMDYyMWJmYTA
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.json
aa.agkn.com/adscores/ Frame 20AA 		103 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.248.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:24 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
382416.gif
idsync.rlcdn.com/ Frame 20AA 		42 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=cd4b94c5519b9be4ec88b1f30621bfa0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 21 Apr 2021 05:55:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
tpid=7cbf18d8-61f9-463b-863d-587d79dab652
sync.crwdcntrl.net/map/c=194/tp=OPNX/ Frame 20AA
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://u.openx.net/w/1.0/cm?cc=1&id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=7cbf18d8-61f9-463b-863d-587d79dab652
49 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=7cbf18d8-61f9-463b-863d-587d79dab652
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=772033478/pv=y/rb=%7B%22meta_tag%22%3A%22ptonline.net%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:24 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.226
content-type
image/gif
content-length
49
expires
0

Redirect headers

date
Wed, 21 Apr 2021 05:55:24 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=7cbf18d8-61f9-463b-863d-587d79dab652
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8BAC 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: www.ptonline.net
URL: https://www.ptonline.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ptonline.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ptonline.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 20 Apr 2021 21:04:19 GMT
expires
Wed, 20 Apr 2022 21:04:19 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
31865
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 8BAC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
27941
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Wed, 20 Apr 2022 22:09:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=851321485963777&bg=!e3ileDzNAAZUuIlwVLg7ACkAdvg8WuA6wc_5VJ-O1JDPVcGGl3Gu6cxwoaCm-YUkLmQjILG1BpOqmAIAAABdUgAAAApoAQcKAH2EAsMqqZIFrz4JS7dimmypxlYm3EQHpd5qhdgLTJ8BJOn7ufTLVoPq_b0rNPOdCeIk8resN17fwve2Wf1JlOplRph9goubmAICt-BZVbtEHYjK60v7s86AlIablk6bAMxBFW5FCC4tVQWoWOhIKPaIxooQeuMj6HnvqMYZiJkB0wh_ja0si8j00Bi0nYKzmr2STVGG5xzyHWlSWxlOpIWFyw96GF7YLWuWsJ4cBsoBF31Ft1MyEmfoj2WYDPyPN9MfCwzDCBfFnB836DwVe1kGeTAZWhsgpiMQdHY1vEjWdDeAFEcNln50ZsPoArCOSH_iK7uLt6Qf5bcoArmU7C70aNf99bs88NvMDvaQTsl6ntgik4PSpKOKQM9j_FBdCZgNUDceLrt-mrFnMSE575ERh-6myF4KzQkhHjYDmApOj2xPxdOiuTw3fCH_oAxbmoV_SufTixEZqqos4xrkxmMdWkYzJpzGGlZ6Ya5_XnuZBKJFSKKaiG8TywGcxWDGsYSJ48S_KcsR5InweeWLjSGuq5l7FlOzKHHYxpdRWxBAr8-OmGPk_CMC_4FGrqrGMu_5HeCToilv227QVj54g780oDpBCP4S8nOtUDXgfdErnINoeGz4h2BLXYXJYT2x9vwWcusxqhECj49AcPlc9FHaIV9bKKFU1y51eJF__4BhD5uVNoOXYcCHFknjWl4W2VJ7cCvEm5Ji2g6LcTOaj0Fwu3Nm9z81MNXX9mqDqgHrhf-mnoR1kupTSuDWQCyzKHoikbyBqWuQlx8ZVI9pbTpVA9kC
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6041526e2c8d1.preview.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/4/79/479874f4-1a4e-5322-a0f1-61b8890a4aeb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/4/79/479874f4-1a4e-5322-a0f1-61b8890a4aeb/6041526e2c8d1.preview.jpg?resize=200%2C290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f604ec7cd7115d27c64c2bbc700d15bc1de28e348a9c9ea7e8fb30fa5374100c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Thu, 04 Mar 2021 21:34:38 GMT
cf-bgj
h2pri
cf-request-id
09949873210000cc626e2fe000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"26ad361dc35f91621797abe81cf97219"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345cfe9883cc62-ZRH
expires
Fri, 04 Mar 2022 21:41:40 GMT
602543e15e5a1.preview.jpg
bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/4/bd/4bd0aaa2-5d73-5431-b78d-eba4972537b3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/ptonline.net/content/tncms/assets/v3/editorial/4/bd/4bd0aaa2-5d73-5431-b78d-eba4972537b3/602543e15e5a1.preview.jpg?resize=200%2C257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be39b57dfe7b19d10facaebb91fc1253d806c297b1a1d4a971c439b0ed3c2f2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 05:55:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Thu, 11 Feb 2021 14:49:05 GMT
cf-bgj
h2pri
cf-request-id
09949873210000cc627c0c5000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"8c19f4861d6e17afb2abb6f0e7c2cac0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64345cfe9885cc62-ZRH
expires
Fri, 11 Feb 2022 15:00:00 GMT
dc_oe=ChMInciAqNOO8AIVGPN3Ch2QXArnEAEYACDbmudG;met=1;&timestamp=1618984526939;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 62C9 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInciAqNOO8AIVGPN3Ch2QXArnEAEYACDbmudG;met=1;&timestamp=1618984526939;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1618984507&vid_playerVer=3.1.0&s=105129&sta=0&x=300&y=250&vid_passDomain=www.ptonline.net&subId=www.ptonline.net&debugInformation=&isApp=0&userIpAddr=37.120.137.166&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=607fbe3b1ec4c&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1618984527479&uid=SekindoSPlayer607fbe3b3259f&pubUrl=https%3A%2F%2Fwww.ptonline.net%2F&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ptonline.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:27 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
dc_oe=ChMI7bj2p9OO8AIVEZZ3Ch1HvA1TEAEYACD5wJxH;met=1;&timestamp=1618984527729;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C671 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7bj2p9OO8AIVEZZ3Ch1HvA1TEAEYACD5wJxH;met=1;&timestamp=1618984527729;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 05:55:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
quantcount.com
URL
https://quantcount.com/log/error?msg=%5BUSPAPI%5D%20unsuccessful:%20%5Bobject%20Object%5D
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKfHX7o7KFBfKcOashnqv1bG1A5dndNQFG_N9AFKyoUT7CmDH3wdi3uFIlg7WDu3Nh5I-BB2HsfK2GaWu6t7MQCYwsGqKdFLRQcCdmKymysKSX7ZzsN_65O9aSpQ&sai=AMfl-YSEIsKD75DhItIAr_XwMNZ0QDO-2Rb6F0HrhidcHD8cJO_cyoqXZiGmr_5Hz9jX74h_2UHlpjqrWnUsB1OS-7EMYljPUdOc3hhFX24EFATM4W4v6gdvD3-cyJC8WgL-&sig=Cg0ArKJSzDHL2P9pXXiAEAE&cid=CAASPeRoBTz54ZhZ1Er842ZVfTmDBPyfojJ-30C98pvIZTHz5xeM4SGTv8GZNW3CfEPH7gtjqTQPtkUWBXQq2Ko&id=lidartos&mcvt=0&p=1285,1010,1535,1310&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2740354699&rs=4&met=ce&la=0&cr=0&osd=1&vs=3&rst=1618984515578&dlt=21&rpt=175&isd=0&msd=0&r=u&uup=0
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEBykj4URz3S4u-Wp-vcSpnQ&google_cver=1&google_push=AQvitUJdodMzsw1ylo29iOkHe-dBiejDtY4Gr8qXhy0f91w08kNLFeZDHprmMU0VCeWRXiBUaHPZBAYH0XPjOb4488t6JUSZFh2O
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/bum?tpid=29&uid=9072911b-3954-4807-b04f-cb56b03d8384&bidswitch_ssp_id=sonobi
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd92jeNVBxau6Ay1vJOAKpJuU71cykX9NE_D7g_FLi-vaEPJXXZ9Ss99Y3ZxP-YT67rKBdhiJMkRzQ702gztCvVCgQrFUJyKqPRyEmDzfTxBvaMNNVfwSzTqy9qw&sai=AMfl-YR9vYZJD7-auQ83W5f5JgxpDTf3u3h1Q6K_MH3crj0QtHzz5A4b4-5Iz15qxlEec5c2cp0TF3nFDn9YmdylJev1orkfgP0ADUD2LkR8EOlJ83JG6rt8S1o5OMrm6y0&sig=Cg0ArKJSzOZHc44i4WO1EAE&cid=CAASPeRov-R8PXNgZvq7G0RqqCEjA6iRGVRlzVrhDlT83FN9WEeBxThnvkmRHzKjnDklm0N0VHp0TsrFQbmmcaU&id=lidartos&mcvt=0&p=1848,674,2098,974&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210419&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=3101312882&rs=4&met=mue&la=0&cr=0&osd=1&vs=3&rst=1618984515882&dlt=44&rpt=2&isd=0&msd=0&r=u&uup=0
Domain
r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net
URL
https://r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net/.36898.1602645843.659199./102508/js/chartbeat.js

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _cc6893 object| LOTCC function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| get object| Livefyre object| poll_config function| admiral object| googletag function| __uspapi object| AdBridg function| TNStats_Tracker object| TNTracker object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| cbuster string| puburl string| placeId string| templateId string| contentId string| sURL object| d string| s object| sParent object| sPlayer object| pbjs string| exp_string object| apstag number| window_x undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _qevents number| _sf_startpt object| _sf_async_config function| ta_popupCallback function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| gaplugins function| 4dm1r11545242527 function| postscribe object| google_tag_manager_external object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| fyre object| goog object| fyre_sp_config object| _snup function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| href object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent789 boolean| apstagLOADED object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| gaGlobal object| gaData string| pubcidCookie undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent undefined| page_ready number| ap_set_scroll number| ap_scroll_distance boolean| ap_scroll_reverse object| ap_popup_img function| ap_scroll_div function| ap_stop_scroll function| ap_create_popup_img function| ap_link_hover function| ap_get_popup function| ap_move_popup function| ap_hide_popup function| ap_show_popup object| cswidgetoverR function| dmpAction object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _vfP object| __core-js_shared__ object| core boolean| vfLoaded function| setImmediate function| clearImmediate object| vfQ object| viafoura object| vf function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| msgData function| ahmpbChunk object| _pbjsGlobals object| mnet object| _clrm number| ahm_stacktime object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| _sf_endpt object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQSE4xSbI0STY1NbRMskxKNUlNtrBIMkwzNjAzMkxKSzRgAIKE%2Bn3ev%2F%2F%2F%2F8%2FPAAcAyPAPLQ%3D%3D"
.crwdcntrl.net/ Name: _cc_id
Value: cd4b94c5519b9be4ec88b1f30621bfa0
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 69607fbe4b05a00&98607fbe472760755e5f82-a85d-4b1e-bec9-be6d65020b3e
.casalemedia.com/ Name: CMPRO
Value: 1194
.casalemedia.com/ Name: CMID
Value: YH..R37HHEgEo9I8x517jQAA
.casalemedia.com/ Name: CMST
Value: YH++R2B-vksA
.adform.net/ Name: uid
Value: 8254793454157897200
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIqN%2FnzQAHABfmAek%3D"
.casalemedia.com/ Name: CMPS
Value: 3272
.doubleclick.net/ Name: IDE
Value: AHWqTUkZXYUMsIHRz4DeIXJMLzqhiD7ic2HGAik39KTdjdOHLa71kDqvPdEaT-ExGBs
.adform.net/ Name: C
Value: 1

15 Console Messages

Source Level URL
Text
console-api log URL: https://secure.quantserve.com/quant.js(Line 2)
Message:
ERROR Wed Apr 21 2021 07:55:07 GMT+0200 (Central European Summer Time) [USPAPI] unsuccessful: [object Object]
console-api log URL: https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1(Line 1)
Message:
widget:7ps:pop:w
console-api error URL: https://cdn.viafoura.net/vf-v2.js(Line 6)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 95)
Message:
200
console-api log URL: https://a.audrte.com/ptag?p=M1353665098(Line 127)
Message:
arResponse->{"pxcalls":"https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=|https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent=|https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=4hbIMcpWKe-RFq1cJItGjr1ag&gdpr=0&gdpr_consent="}
console-api log URL: https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js(Line 1)
Message:
Init YT:
console-api log URL: https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js(Line 1)
Message:
Players:
console-api log URL: https://bloximages.chicago2.vip.townnews.com/ptonline.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js(Line 1)
Message:
youtube-player-f70bf823-1f57-57d1-9470-6491502801ab
console-api log URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=ptonline.net&h=www.ptonline.net&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1(Line 1)
Message:
[tcx] ping recorded:
console-api log URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=ptonline.net&h=www.ptonline.net&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1(Line 2)
Message:
site: 10223
console-api log URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=ptonline.net&h=www.ptonline.net&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1(Line 3)
Message:
host: www.ptonline.net
console-api log URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=ptonline.net&h=www.ptonline.net&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1(Line 4)
Message:
path: /
console-api log URL: https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=ptonline.net&h=www.ptonline.net&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1(Line 5)
Message:
widgets: 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c0a2cf3b3757ca8b7ddeb1dfa133b2d.safeframe.googlesyndication.com
a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
ads.yieldmo.com
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adspsp.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
apex.go.sonobi.com
api.viafoura.co
bandborder.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bloximages.chicago2.vip.townnews.com
bn01.er.bemail.it
bootstrap.livefyre.com
c.amazon-adsystem.com
casmp.adperfect.com
cdn-resources.prfct.cc
cdn.admatic.com.tr
cdn.cityspark.com
cdn.livefyre.com
cdn.viafoura.net
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
creativecdn.com
cs.admanmedia.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.turn.com
d1gzrgn7m19oq9.cloudfront.net
de.tynt.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.adspsp.com
global.ib-ibi.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
htlb.casalemedia.com
i.viafoura.co
i.ytimg.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
identity.livefyre.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image6.pubmatic.com
jadserve.postrelease.com
japfg-trending-content.appspot.com
js.adscale.de
js.cookieless-data.com
lh3.googleusercontent.com
live.sekindo.com
livefyre-cdn.s3.amazonaws.com
loadeu.exelator.com
loadm.exelator.com
match.360yield.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.cityspark.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prod.adspsp.com
ps.eyeota.net
ptonline.net
px.ads.linkedin.com
px.owneriq.net
quantcount.com
r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s-jsonp.moatads.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.ntv.io
s.srvmath.com
s0.2mdn.net
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sm.rtb.mts.ru
spl.zeotap.com
ssc-cms.33across.com
ssp.adriver.ru
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.cnhionline.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
t.trafmag.com
tag.navdmp.com
tags.bluekai.com
tags.crwdcntrl.net
tech.rtb.mts.ru
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.justapinch.com
www.ptonline.net
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
google2waycm.netmng.com
pagead2.googlesyndication.com
quantcount.com
r33729-f-36898.c.1.dsdl.b.stor.lb.akamai.net
ums.acuityplatform.com
104.111.230.142
104.111.237.88
104.111.242.245
104.111.242.53
104.18.130.43
104.79.88.164
116.202.172.174
13.224.102.31
13.224.102.8
13.224.103.105
130.211.10.17
142.250.185.130
142.250.186.102
142.250.74.194
151.1.205.165
151.101.114.49
151.101.13.44
154.57.158.51
168.119.146.39
172.217.16.130
172.217.23.98
178.162.133.149
178.162.133.150
178.250.0.163
18.156.0.31
18.156.12.32
18.185.180.173
18.197.47.23
18.198.69.109
184.51.10.56
184.51.9.197
184.51.9.34
184.51.9.98
185.127.16.51
185.183.112.155
185.184.8.30
185.220.204.204
185.29.133.208
185.33.221.52
185.33.221.90
185.64.190.78
185.94.180.123
185.94.180.125
188.42.191.196
192.104.182.209
193.0.160.129
193.200.65.5
194.213.62.34
198.148.27.140
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.100.17.173
208.100.17.184
212.129.3.113
212.82.100.182
213.19.147.44
213.19.147.45
213.87.44.207
216.46.185.183
217.66.147.166
23.37.38.181
23.37.42.132
2600:1f18:44f0:4840:562f:2028:6b66:1a65
2600:1f18:612b:4232:4acf:609e:729c:ab1e
2600:9000:2057:4400:1e:7118:9c80:93a1
2600:9000:2057:4c00:8:2ae1:d740:93a1
2600:9000:2190:a200:6:44e3:f8c0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1857
2606:4700:20::681a:24e
2606:4700::6810:ff3
2607:f8b0:4023:1006::78
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e3:101::6cae:b45
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2001
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:808::2006
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2014
2a00:1450:4001:829::2016
2a00:1450:4001:82b::2002
2a00:1450:400c:c0c::9c
2a02:fa8:8806:16::1370
2a05:d018:24:b001:d120:1359:acbb:2de6
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.122.214.165
3.123.78.164
3.127.92.82
3.211.251.238
3.221.146.169
3.81.223.233
34.120.58.62
34.205.199.230
34.248.176.243
34.252.219.156
34.98.67.61
35.157.249.55
35.172.143.213
35.190.39.246
35.201.81.244
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.2.238
37.157.3.30
37.252.172.68
44.228.91.9
46.249.52.248
46.249.52.249
5.178.65.253
51.89.9.251
52.160.40.218
52.17.101.63
52.210.171.182
52.210.236.221
52.216.229.115
52.30.140.199
52.34.182.239
52.45.120.123
52.49.27.34
52.49.95.65
52.51.154.44
52.52.166.208
52.58.248.2
52.59.160.25
52.86.150.190
52.95.123.41
54.227.136.247
54.78.254.47
54.82.174.208
62.149.0.72
65.9.66.119
65.9.66.129
65.9.66.19
66.155.71.149
66.155.71.25
67.202.110.34
69.173.144.138
69.173.144.139
72.21.206.140
72.251.249.9
81.222.128.215
85.114.159.118
88.214.206.142
89.163.159.107
89.187.169.15
92.123.150.214
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
0144b9f00ff003421057703d4a922402df371b2c4d65223c4ee70f1c982a7a90
020b56f49559267c913a47a78d946acc88f728befcd4c57e1f186fc3b1e7e27c
02558c84af9e0e5d3d1724620492750507a53b856834f1f316a7b2e31cfe8312
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04cf12040b9fa204f13ed7707a1b3c142024dedb5ffb69d27a22f3f50f4eb7b9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05d11d516a6ab13b9e025046d3dd49cb347d487bc5f1139f805028abafba755e
05f1fd3908be3ba71c0c7a1218b4d3ca91b9a94b990b8f8680d9bd3f36c41a89
062210729a64576cd6b20e1a51c98a8e6cb86868f40022904d567d94b843e7c8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07138985d660e64a70aba4711bec1871c576f3a24bf99989683b349aa21db2b3
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
083c12c04d0c2888bd4854b249e0c98eee8f4ac9910a9bc4afa4d6799a3e979f
0897bcc7608e77f4d2b457d9f9a9b54ab451d74c0365b3ea2ee81af1c6f27f22
08acd600bd33fcde03a370554e4ce9721995576b692d8a749ecdcca3756e00d3
0a389ee9c795ac3439fd3f22a3267c285d2cbc23f1934e1eeaaf6f0e72572ce9
0aacf9f9bb317571931f09468c2b03be8600f7ac44a75b0aaf19f06f8c202de3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0badf28d5a215290f83e31611b4d8d5b9166c2dc2d858509e8076defbcee2f2e
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e280ca8223f6efccb98b5101569d569346cbb718c22e12b1a90383bed2c2db9
1064ddcbdb0bd8fe55ca8f9a8615eeeb0660e990eb28aa424bb786c6569ba084
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
13fd18dc0f6512b498bddf7429cceeb5b9b0e30e71e06c7bef4d7c55b4ee2287
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
164f19b43513ca3b3cec320b5429a41fbc8419d22d9ba65fe95980c3d5d2a80c
17d6df2f6bb3c5591df2d30cd50d6d77891e40ef74234a7161c8477aee6332ea
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1aae10468fd39c4d67c9abee5da67dd2a8aab1f876f656567a7cd1a407928fab
1c1e298c19bf83ab21ac9f37d27a20d6068e98c648c306c11ef18f9f7eb1da49
1c51f08a13dcc8932c9a442e006e6ba4808449dde191bf325bef4accfd4791b8
1cbb58dea630e6854e6c5912004d1ec97ad9829d50725234801b850bc811d3a1
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1df98cd9b2074fdb87ef7b6f61e2204ac7fe3efda616a193663b00122110d685
1ed1b9ca1bc317e3c80e4830a4a49dd2e0a70564e0f8948fa89836fb3188c326
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20ed0b022f659b70db30edaa55a17648496ad625bfb058e5ce77398ba7a12f1d
21c56a1c60c9c91cee0881267248f4e1c31e818722b80092eafdba4a8231df74
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
237936020ffa469a7f88ab945fb45350c745aa6e2f5d4697a878a438a5f98246
2440272a79827248096d04768920192fec05ae31627007a7cc0e15f223b2b8a5
2546655864072944e9422c8b24897b097652a4af2c499ae9cdd91a25f34abcff
2a15eb19709208c24860afb8126296485223d9d810f102a25483ba8a997ef495
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad3124894846d8d22ce097dcf9ee0a9239ae158a9e94cdb626b358a670fc44e
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fba95b94aec59efcd75d9122bee13f1a3083f95b645a4bcb37e2f71cd7a2e6e
302f8127bc68f55a4f667cd16e4faad5ef65b3068b8de0c10cd5dc56c71c0921
3037210ebdb87c12604c6da341bbdd1c4ade3256fce922eb86e9f6c7a3739aae
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32feae1eaa46d369fe0a42d46b7e90a05cce2cdb8dc87c4dde67315e0d2a26f0
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33f2bc088a94dd420347882deee79b37e6b583de95d9e6f8f76990961ebfc6cf
346f0d3bc1242b22504b99836c8e2dbc0cdacbbdcd18811b43aa0523241a68dd
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
352464f14d330ebebaeea9dc323318309779144595456c7caa92dfae63afef20
37470d433fdba98d58a2134050d21942bc8b79cc36bfc270beabc192d95cf2d7
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e74a4ef70abf935fa8800498b5d751663e3511bbee1e3f21d0e445f7883e437
3e8ab925b2b97be2237c1fcfabc66708c9075a00fae6bb5428c20e9e6171ac0d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f49d8a7b27ca2f31e64da70ea5d8b82c076e4218a24d699b6a57e385435131f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
426507e055ff10bb69ef264e5ce21a9b53f29f06423c6bafa2334a0bff5a5f2a
44a4bf700b6364ed2f042de760237d3105691a544b626f7d98511cc76434d338
45eb99befd19d2d5e9c5dcae94b0fc105465f91907ed1dca5d47ef374863b966
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a3d66149f3765c6e48a9cca4e46b42a7ec2ff1776bf3a868800792d176ce000
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5b95ce9998f059dfab5b00d4a0aa06783d06a3cb7c0a1cc2fcbdf75b1429ac
4cb8c61606b5609804f5e0e1ebea58628e226cf9f9814dfdabd26abfe4a6c517
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7746eb163cbb548f5bc32f84aeb5b4447031fef8b031ce27c0afaa17d76ddb
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
4f907c8d1f5a48f647cc332062abfd07fd31b4896a90d2c6f678a43fdc13bca8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508af9280405aecc35c5bc8eb4682c8c043977a49e313abc8f19d1007401245b
50a250273f9720c6ab2526c8f6d9288f25b8a261403d08d0b530b7ac38dda883
51b1a3c3571a005542497569088edfa61cfcd15a65313845fec24aa6533254b8
51fb387bfaaedcbe8fe3e78c91b41d10abd73d08d8cc35997303e5f846834aee
5216aade88a9ee542976c41f7b47063d2c9257c4cd1f1d67fb6b64f952eb8501
5222dff357f49a2546effa2051ef935b85283a8a284abd0bf5659b74cdb444f7
5269b178feef17d1a3990e1252b73e2809da854aea91c291b6c10f89aca9fbfd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ace31d4edcfab8a80c455d2f650dbe9ddbe4762376cb6cb0f9a1bf5e10a41f
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
5674e4a7cca510a204d86ab8c60d0361ce6c3a54e02155ff793ca7af25ab0c3b
56b8ca084904656708c99101577be9f649c90fbc3b21943de4c70b6a07d43d32
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e
57f7c383f55d0c72e58ee276831fdc45889623aac1a6a8bbe8a4cef66b038774
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5920f386bf3cc120731e088273377cbbd2a81d93188572c88c6028c8a1df0293
59fc0b6bb83e7b8889b36821684285ae763345c811b2d055345a0f5b3b9e06f5
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5cfbcbdf6d39487853065c6770cb7b9ca5969bb971409a101fa0b84b545e3ccf
5d8864ba1157a8d78bef3e23ee1b1c0f8befe9b46adf11fc358dc835c1c1d339
5ed2acc4abf47252212c74fa79892db172ac16781d484cec7810649a591e388f
5fa11fd36d780a6ae796ccc7f6ab9bbe9cec26ce9716768fcd5a9462c00611ad
606e4805196154794530815a0173b27dcb911da59d9f58f85364738a8dddf257
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
62140a0eebfccd7d8dcd30c68b34b1536e38e50c53428fde44a949f791184b3e
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
64ba53ef3f4ee0a606deefde1a63c9c7f3e8b74084cb8c1350136f7cf87fbe85
65c88bdeb2f983517f1be4d68218f801ea8201919dbd9edd28359a344d8a0574
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
67aa6b2a6e81fa0331589f7fbd4c5b38bdf0cee81568eb7d7fba48fe1c04b86a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6825131d57a33a6cdd2bc72327e9510aa86d555dc277d78509234cb9b52566f3
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68c441d543d0114785019fc3524fc793824aa68ce6ce915edf1abd048a22e33b
6a4b63c39d5a2746c94fe06cd2dd8ebc7f76b66c2bc423d5f0da630c9cd35090
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be11d672572f6e36879b3176f2cef760ae7484118acf77a4ca7ddab9bbe6cf3
6ca857a0aad68bfb1f9f3f3010e5b154f12042bd923632f4b36161a2dcb5037b
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
6eb9ad1e70a013805db74096fc23f295bf1e4d843760a5296f67c0a6c3ef7c05
71c6f7a109f6e9abd7d82174ab74a228e323100013aa3483a21894bd406fdbaf
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74b0e5c3be7648cf0f8036d7ab7db44dfda0b0a349d518f4f43222a7b32e329c
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
75f62120b95e617215684e9aef305a9c4db72d7f2326b69e9e4ee78a4c07a353
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
77159fdb902dc879f725208a4884100b6e4751c55387a2b2b53b0ea7c362d659
78fe1c46f2d4251b1e3ece55347d8d603b7380ee0691df19805a8ed90b9fa508
791f8cc9a7cfb87e5aa55429391ddc6f0fc5196f5395c131ff7b990b157d545e
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
79f07fe10edf4d842913bd2121283f4bdc01044ef113f53e85d247f67f914f4e
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
7b184e55d1b56f5687d293d0ded018b6ce5a472941340afa711fe05c70577c69
7b6b5c6402a3e494e72873d44c9062547e3727c595d77a5fad80ad6e7afaa0a0
7c1e63d26a2f2c60ac56cd95c6afd9f6029a575a0a7ba4eb89fbf655ff1c6a1a
7c94bc66128bca13095b13eb8dc3b046da3793ba36036892489728ed0c7fb6c9
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7eddef88f07ba5f97a16767e5dd2bd191cb49eca86caa5c56ecec4f3e6a06d34
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84d61a54cefec1104fcd83b2de7951b101658cee3f5ac93877ff9cf8bafc546e
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8be39b57dfe7b19d10facaebb91fc1253d806c297b1a1d4a971c439b0ed3c2f2
8cc7d08a036b8913f85dfa61280662520233a98b12f865c32c6a77d41df48fd2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7bb310d02386ea6780661d4d0545b5ba4dfe26014878c08b8f3c56b4b222c2
8dbbc590e7a28069f01bceac5fdfd244d7fdcabf7b850fc473ea8e7e82fa7d23
8e8d3e0327df9bff3e149e3994dd243188ac2457f7f0791cf5eca45e767c1d84
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
901af9254053cc82f344b89be22cb916790bc71e0a14403153e2eb3c25db946e
90bcb301e8aa04d6c267956f7670ba335fd87ea7f9523b5c7f98335e6c6a9787
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
92de3d21ac49770c657801e6e2fb1120fcb29ad42615f3bce226bfa67c0929fa
93cc3e9c530b86e3d4fea45ba60a7c564d3adc357129a6bbfa47bfa4b0c6b4f6
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9471a2c1d71ac8940442c69fefde8b31202bf5ef4045bd5bbb5eec8fcedc661c
94816404449911cb139dc20677777bfdf1cb22560100acf7bf4783f1d8fb88e6
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f
94f1bdd4c9be8697889866dbd75d7aa63bd152444c1f021cd57c2b109d80e191
95a65e62c8d6cdb6611bd810f6ec404f7ba95b5a688d1574b5aa874b09489f9e
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96e96292bf35ab4cfa60cf8f26578f55bacf27297ed4d97f7110a70e29229e0a
970317c7c85a76296dc8b7a5d6550981195da0742eccbe616fcd54b6d3ee8098
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a88fcae6cee9970728bae395c928c7a0d4991310423751be4bee13b8416995a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b672ffba8de657c98368891d2d2cf0f44e7c97a79a6ab219598f13175cd3215
9bb012cc09308b790e3083842dbe5d5cbb593e17f12b0431d7c92f64d7644c22
9d9c41d0caaf97c3927bf586a8a5096ed18ab22925f3e47096bd45391bc0ad46
9f39d071c45b8152af9d7b905a61f96f3b4aa221b245a182c52b51feefb220b8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4666c8d5ff5aa5625a151f0c6791a0734e6aa8b75ffbc99181b99f3c8199b25
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5063e7790562879f5b73d232edd29f3966afccf2e4938199b89ef26c7998075
a627acd9d2843e53e11c6e3dac3b9958d15b6555b7781b92a01d02e41c3026ff
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9c463daa489cf76b737778dacf45b6916fcc37e69c9740b52065728198b8bd6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0b624ff4867c372d6a3b436edce8bdb4254bd8c513af21843c26b48352f22f
aaec63d39d82ddcd8759566cd72b1fa5757b7cf44d2b768af4eec094786829c1
af2fb48d5b43ba61b73497d8f21287ecfe8cff23734c9f25211d7be9854e3782
b011350c5c7037ae08e9630d16b2308504f0e7f57d0300b239693f35aca1277f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3154089faaf8ff378de339de9cee5e6be03cbc67645e8c61ec0ee8d747a6369
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6681ebe8f1adb7cb3140002cd40223d5d4e240adb9d92527e83147e621a65c6
b798b6daa4a405f86068d2e8f4c30af9aadf6e6f80fa93105329d61c21f37564
b79bbb4dde997e5ab5ccdc54788dfa659df09699a19aabff4c1ad10a20735b86
b886c2215858e165c0a06b6ad93e6e81fbe4db89717eeac133698c1147ee165b
b982947ed100a1c899a9646485f14b8df3be4d0f1282fc95f985fe290eb90707
b9e67b8aa737ee25d9afa29a6d7ffb395d2390167df4ac9c8e22c23bd372f30d
bbbc333d2517e7fb2b4d0d817430546dfc450a1216c8fbf18b49af3bc989f9fc
bc07ea3a7f4d4feeb20de2ebc6e72c2fa045cb4e4f5987818094e377e4baca26
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
bdc0b003a735b81fd352c2320f54490eb7c53f1385ef1d5dfedfa6c404e63874
bdd6e63f83eb961cca245383e2fea1bce2ad8894789939adc9ae1476df5c334b
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
bff6b183f2df24cf5dddd36c459e5149dbfb9d38fc4f61cf17d753f0f4f47d15
c0e02a9b1cbdd259d8af73b77e59eccf5a4d1e69423573d2361f994ce437010b
c1a49dfd3cc757ef9aad0afc804589ee00b0141f08b3fa85e6d17e3cf80d6e55
c1e1a2b0bc982ecd8e1f345a2b2c5fdb26b55008b497aa3e1a0d1b7c697dee7d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3513817af3fdc32b9ca66e56c2c15b804789ea57b1b01e37cab49245e5b76c4
c4e6a4bb5d12bacbf06738f609004c64f4dad714d035d16d421662473522e7af
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c70c19f121034ef927c5536e2b8c5cb8bddecdeec2cae9ea00dedb6c7238ae2e
c7b857128531c4fa34f1eefd82c475e6845c704aabf1d4344cfdde0fe2037fa2
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
c7cce12a63f3cd5b161a65b890d49eafb18bd7195520ffb5d5395b86db639af0
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb84883aa3581d7a9fa1a6a8d6d8cc3e8286008e976dcc47e73ce7dc1897aeaa
cc22b7b98e53ad479f2b438cdcc0e701cd056218ca86be6f9e63b3dc262f00ba
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccbfe6dd85c35d800cf53dbe412b589f0e8cc28547ad723a4ffd74d4898695a2
ce16ba482ca225565e65d98c1a2b78ed5abe790df147fd42743091df99f8244f
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0a459ced7f9a74beb956c785b60f549ac1327734d29fdc687d31c0beeea2ae5
d16f58455517f49038c24343d1a864f50e6e1e995ab6754263930143638b3cf6
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
d2a7206a7ed19b4107e1b1d78b0e01d0355d280cf424a65a02bb32a02fd3fd6f
d392f062b6e8044d9a6e5c44000127a870d8a4a82077dfb68138940bc6bae041
d40af8d9ce63995584734dae2d7f407c299dc67f0fe8ee6c11dcd15b47ebfa66
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d4ebf7275b924a01bcdb15cd80c0c128f7ac76551cc8a0b222cee8da061ec347
d6881a327f1339c11846a375fd71e0dad78964bda0eaf1876ff37c7daee97855
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7ff5e9fa5e9efe0e51ea63772a4af692f3cf08f5c14056d2a8d268c4a0ebbe8
d820f07de3581d48a6d0abc35ec099dc89baa01ab930c8962288566f98c06ae1
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
dcafdcad78991d3d3249143d4da35079da917e2bbbb5d2faad9a2c23e0f468b5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df32c5ecbbd376bb8d8ed9c4ac41376dc50f4523b8d43e7165d710ba8a1095e6
df8b8eed2ce43f8c47485a39b1d4b3c2b1f2253c7c74584392583da180160072
dfe48cbead9fe57141e141e80074bb1df3e7028612b8fe59928195b9626bb728
e1038b537aa33a8c8b42d1e8b78ccd1a11723f98a231a66127807d3062b342bf
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e22d01e09b89bc0a0089ecf820846df00d5da70eff8f412d7a11df56f35400b9
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e466dbc6b9d6e8349016aa0e7cb7d257eebc135114054951471111e437fc395b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951
e825050f91bfef74631e336f86835ba63607b87ccc4d09ef5545a417293683ab
e8860b0cd272721125bd838f03ebde175d214a139f46ec9ea522882234e999fa
e89870dc9cf66e617d644a33a6f94b05136938be545322d83da59a77cc18bf51
ea228055ad7b24fdcb45505f958c43ee0de170ef7aba3d7482f29cef4fe9e6e5
ea424354a5d3fdffea6b64ba5cd40f5b8866008d43dc4f0e87080a20a4a381d5
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed573dfe12909b2a2455f77208cc8688696830627ff4c9eb3480ada0e98c9275
edb5b368ed91e9d01c2207e23ae5e350ed2812d34a303928c4244a3c90393171
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee795c053b52403400d4442f187a8af1fe627e86e44c42a859bf1866e2efdbc4
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeddc146e157b9c9b65f443157044a5621ece80faee65b3aa8881159599ed52a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f7badff05caaec3b0a532d532dc17f7189e1084bf229a1bb7667e7a6e064
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f31c5f2f08b5b71445c0123f141256e547dd41db17d7a2c75527b4f52a82e386
f422aa0dd0db9d46a55015f3a87450edc1dc483a93545bea85034570ddf1e8f0
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f604ec7cd7115d27c64c2bbc700d15bc1de28e348a9c9ea7e8fb30fa5374100c
f612b17f06a64bcf4683b3b04e54c313ede809fe59d10ffc691b80abdf4ff6e2
f7164b4a9a18dde7fb69cc729c426d69d59ff5277bda51abbbb93dff8248877a
f903097827467c4299d7ff56f4d3ab2f9f1d81dead5e56a368db059fdd655cd2
f9714dfdfb3ed9a3e0f720a0f879d780d9f4def3c5dc93d182024b7ac90ec2fa
fa0883def316e8dccb187ce4cbdf67d0cca2edb105defd04c779b9c97e923867
fabd86e62d3795c7076ddf9b6e42f2fffacb5a1ecb2d4ffa01af54b0622a7713
fbb66cb88eb9f518a45c5036b56695e067bd4c4c32a8747beef9778012c2f92a
fbf3fa4dfff70293768ef29053161a97cae578bf29be810fc189ae75338821f5
fc025890b2544e23fc6ee0df711326e1b4a38b00849b9e5c914ad074902edec5
fc6cdf797dc5770d09dc38ec5f72b9b7734f7615a35b8079c0d47b6cf7df1eea
fe72012046be59d37086db22f1b642c1a6847d8792db8eb10dff2d6040b5b2e4
fe87433fa1130af12f23ff8ecc0fc3dd20d3d3f82bacbaca450b708467965cda
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da