vip.xraynetwork.space Open in urlscan Pro
2606:4700:3037::6815:128b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vip.xraynetwork.space/
Submission: On January 03 via api (January 3rd 2024, 12:50:45 pm UTC) from US — Scanned from US

Summary HTTP 142 Redirects Links 69 Behaviour Indicators

Summary

This website contacted 62 IPs in 2 countries across 55 domains to perform 142 HTTP transactions. The main IP is 2606:4700:3037::6815:128b, located in United States and belongs to CLOUDFLARENET, US. The main domain is vip.xraynetwork.space.
TLS certificate: Issued by GTS CA 1P5 on November 10th 2023. Valid for: 3 months.

This is the only time vip.xraynetwork.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3037::6815:128b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
2	18.160.153.68 18.160.153.68	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 6	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	99.86.83.35 99.86.83.35	16509 (AMAZON-02) (AMAZON-02)
1	99.86.102.24 99.86.102.24	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::f 2620:100:a001::f	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700:303... 2606:4700:3030::6815:4222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:eff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:7611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.249.59.62 13.249.59.62	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 5	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	35.168.31.100 35.168.31.100	14618 (AMAZON-AES) (AMAZON-AES)
12	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:1408:20:... 2600:1408:20:38d::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.160.156.128 18.160.156.128	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c1f::63	15169 (GOOGLE) (GOOGLE)
3	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
4	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1 1	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
1 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
5 6	52.200.110.248 52.200.110.248	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.215.169.119 3.215.169.119	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
1	23.50.124.22 23.50.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	216.22.16.40 216.22.16.40	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
5	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.219.9.47 23.219.9.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
3 4	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
2	23.40.207.42 23.40.207.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.128.106.141 3.128.106.141	16509 (AMAZON-02) (AMAZON-02)
1	23.219.12.236 23.219.12.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700:440... 2606:4700:4400::6812:249b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 2	52.201.167.43 52.201.167.43	14618 (AMAZON-AES) (AMAZON-AES)
3 3	18.207.71.126 18.207.71.126	14618 (AMAZON-AES) (AMAZON-AES)
2 2	99.86.102.101 99.86.102.101	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.218.225.237 44.218.225.237	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.193.251.250 34.193.251.250	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.232.254.109 3.232.254.109	14618 (AMAZON-AES) (AMAZON-AES)
1	54.86.60.193 54.86.60.193	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:254... 2600:9000:2548:600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
1 2	44.206.92.227 44.206.92.227	14618 (AMAZON-AES) (AMAZON-AES)
1	18.160.172.92 18.160.172.92	16509 (AMAZON-02) (AMAZON-02)
4	52.40.254.121 52.40.254.121	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
142	62

23 2606:4700:3037::6815:128b (United States)

ASN13335 (CLOUDFLARENET, US)

vip.xraynetwork.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.153.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-153-68.iah50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

compote.slate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:a001::c (United States) 4 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.83.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-83-35.iah50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.102.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-24.iah50.r.cloudfront.net

fpa-cdn.slate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::f (United States)

ASN19750 (AS-CRITEO, US)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4222 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:eff8 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.59.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-59-62.iah50.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com

16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.164 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.31.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-31-100.compute-1.amazonaws.com

fpa-events.slate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:20:38d::268b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.156.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-156-128.iah50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1f::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.200.110.248 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-110-248.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.169.119 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-169-119.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.102 (Terrebonne, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.22.16.40 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.219.9.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-9-47.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.225.218.10 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.207.42 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-207-42.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.128.106.141 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-106-141.us-east-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.219.12.236 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-12-236.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:249b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.167.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-167-43.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.207.71.126 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-71-126.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.102.101 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-102-101.iah50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.218.225.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-225-237.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.251.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-251-250.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.254.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-254-109.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.60.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-60-193.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2548:600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.206.92.227 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-92-227.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.172.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-172-92.iah50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.40.254.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-254-121.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	xraynetwork.space vip.xraynetwork.space	699 KB
14	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 3770 api.permutive.com — Cisco Umbrella Rank: 2986	129 KB
11	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 597 dynamic.criteo.com — Cisco Umbrella Rank: 4009 mug.criteo.com — Cisco Umbrella Rank: 1867 sslwidget.criteo.com — Cisco Umbrella Rank: 2480 dis.criteo.com — Cisco Umbrella Rank: 943	34 KB
9	googlesyndication.com d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	55 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	180 KB
8	slate.com compote.slate.com — Cisco Umbrella Rank: 123510 fpa-cdn.slate.com — Cisco Umbrella Rank: 213800 fpa-events.slate.com — Cisco Umbrella Rank: 162830	225 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1255 sync-t1.taboola.com — Cisco Umbrella Rank: 2152 trc.taboola.com trc-events.taboola.com	229 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 625	151 KB
6	mediawallahscript.com 5 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 4532	4 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 356 secure.adnxs.com — Cisco Umbrella Rank: 793	4 KB
5	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4827 api2.amplitude.com — Cisco Umbrella Rank: 1458	22 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	906 B
3	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 979	2 KB
3	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 11211 cdn.tinypass.com — Cisco Umbrella Rank: 8727 id.tinypass.com — Cisco Umbrella Rank: 22771	116 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 2302	2 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 995	886 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2571	1 KB
2	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	1 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	740 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	699 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	980 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
2	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 6215	43 KB
2	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3237 geo.privacymanager.io — Cisco Umbrella Rank: 2674	53 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	87 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 950	559 B
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359	73 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	62 KB
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 973	655 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1035	308 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	280 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 3703
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1499	579 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 1287	287 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1607	535 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 539	689 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1753	967 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 1480	569 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1485	1 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 958	661 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	548 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1124	385 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3178	278 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004	688 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 620	968 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 1093	813 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 6313	411 B
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 3579	260 B
1	prmutv.co 16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co — Cisco Umbrella Rank: 300400	221 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 10326	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	57 KB
1	connatix.com cd.connatix.com — Cisco Umbrella Rank: 5110	3 KB
142	55

	Domain	Requested by
23	vip.xraynetwork.space	vip.xraynetwork.space
12	api.permutive.com	cdn.permutive.com
8	cdn.cookielaw.org	vip.xraynetwork.space cdn.cookielaw.org
7	securepubads.g.doubleclick.net	vip.xraynetwork.space securepubads.g.doubleclick.net www.googletagservices.com
6	partner.mediawallahscript.com	5 redirects
6	gum.criteo.com	4 redirects cdn.taboola.com dynamic.criteo.com
6	compote.slate.com	vip.xraynetwork.space
4	trc-events.taboola.com
4	api2.amplitude.com	cdn.amplitude.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ups.analytics.yahoo.com	3 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	2 redirects cdn.permutive.com
3	i.liadm.com	3 redirects
2	dpm.demdex.net	1 redirects
2	live.rezync.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	hb.yahoo.net
2	eb2.3lift.com	1 redirects
2	match.adsrvr.org	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	x.bidswitch.net	1 redirects
2	dis.criteo.com
2	www.google.com	vip.xraynetwork.space tpc.googlesyndication.com
2	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
2	cdn.permutive.com	vip.xraynetwork.space cdn.permutive.com
2	connect.facebook.net	vip.xraynetwork.space connect.facebook.net
2	cdn.taboola.com	vip.xraynetwork.space cdn.taboola.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	c.amazon-adsystem.com	vip.xraynetwork.space c.amazon-adsystem.com
1	trc.taboola.com	cdn.taboola.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	aa.agkn.com
1	s.ad.smaato.net
1	match.sharethrough.com
1	trends.revcontent.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	c.bing.com
1	exchange.mediavine.com
1	pippio.com
1	p.rfihub.com	1 redirects
1	ads.stickyadstv.com
1	tags.bluekai.com
1	visitor.omnitagjs.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	ws.rqtrk.eu	1 redirects
1	secure.adnxs.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	dynamic.criteo.com
1	id.tinypass.com	cdn.tinypass.com
1	geo.privacymanager.io	ats-wrapper.privacymanager.io
1	fpa-events.slate.com	vip.xraynetwork.space
1	p1.parsely.com	vip.xraynetwork.space
1	mug.criteo.com	vip.xraynetwork.space
1	16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co	cdn.permutive.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	www.facebook.com	vip.xraynetwork.space
1	d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ats-wrapper.privacymanager.io	vip.xraynetwork.space
1	experience.tinypass.com	vip.xraynetwork.space
1	www.npttech.com	vip.xraynetwork.space
1	dynamic.criteo.com	vip.xraynetwork.space
1	www.googletagmanager.com	vip.xraynetwork.space
1	fpa-cdn.slate.com	vip.xraynetwork.space
1	cdn.amplitude.com	vip.xraynetwork.space
1	cd.connatix.com	vip.xraynetwork.space
142	74

This site contains links to these domains. Also see Links.

Domain
shop.slate.com
slate.com
www.instagram.com
twitter.com
www.facebook.com
www.youtube.com
podcasts.apple.com
open.spotify.com
www.stitcher.com
adclick.g.doubleclick.net
jobs.lever.co
www.slatereprints.com
slatehelp.freshdesk.com
optout.aboutads.info

Subject Issuer	Validity	Valid
xraynetwork.space GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
connatix.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.slate.com R3	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
fpa-events.slate.com Amazon RSA 2048 M02	`2023-06-22` - `2024-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
npttech.com GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.prmutv.co R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.parsely.com R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh
api.permutive.com R3	`2023-12-15` - `2024-03-14`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://vip.xraynetwork.space/
Frame ID: D16631084CF06076EA27FB4E5A83E7F1
Requests: 98 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js?cid=ed20abb8-f256-4574-a9b8-161bc2e90485
Frame ID: 22B987EA89DB1A32778DF82617B5F43E
Requests: 1 HTTP requests in this frame

Frame: https://d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C2425675DA8D03FED30F58BF9B01521
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=vip.xraynetwork.space&origin=onetag&us_privacy=1---
Frame ID: 7B05ED304FE14F7607003CD06BABF548
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_gid=CAESEGzQOKhtHrFDiBlN46SDzYw&google_cver=1&google_ula=913071,0
Frame ID: 3F887B34C79DECF321D14F3BD7E87BA6
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D65CEE5ED83EDC460B04B905A9120199
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A2C1623C7151F32A9603693E795B6470
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0fBaks4eVxSJ_2MeyPByjlPbfh_mQrO-05C6w5OfUi4fnCAaH5LxTnZ7z4n1Y7uKKUgf2cpU3UuQ9xdzsWkMsaw3Sg8rhlZLOxUMa3ITWoVjVqO9VMi4zNjsSFYRSObHO2nkvCpbd0lP5v1aUJnpKuJhoANCR83fzhGkocSS_kA1a8I4SImCjuO28iLhmiYRiuJg9K3B6WKFmNRSXIqFUTamrMtP5Oh2pCyxF4qI5tzh_ZlioagsYoGbQZrpIy80GKdaHGDC2vw3qvdYIMDHr5MBu29F025LbwXa82FkKMudTPK9RfbF3ucHOoJUmH8qA8I8F5HYkGtbdtINE2dZB9nzQrNwgtMh1ETzIN1T6HL81_eeacTGu2ZikPkk9hdVXdjH6foxPLtvNfM-1X38&sai=AMfl-YR9qvw-6ajNl9mlwvm5jfXm-gwNwHCbbkDU4k8nVN_VwNhpaHVhnAG98vn9_3O1-1VyuqKQWdmdO2kxji-d9n4fkMODYQ99aPmFHsmXn9a49uY1kIooIMO0_I_-4EY&sig=Cg0ArKJSzDwpGwOZpRZ2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8C93F52CDBDBB531BC21DC76908875F2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Slate Magazine - Politics, Business, Technology, and the ArtsActivating this button will toggle the display of additional contentSlate homepageSubmit searchEnter queryActivating this button will toggle the display of additional contentOpen menuClose menuActivating this button will toggle the display of additional contentSlate on InstagramSlate on TwitterSlate on FacebookSlate on YouTubeSlate homepage*Slate on InstagramSlate on TwitterSlate on FacebookSlate on YouTubeAdviceAsk a questionContent Lockedfor Slate Plus membersSpeech Bubble iconArrow markerArrow markerArrow markerPodcast EpisodePodcast EpisodePodcast EpisodePodcast EpisodePodcast EpisodePodcast EpisodePodcast EpisodePodcast EpisodeThe Slate Group logo

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

142
Requests

89 %
HTTPS

32 %
IPv6

55
Domains

74
Subdomains

62
IPs

2
Countries

2236 kB
Transfer

6887 kB
Size

96
Cookies

69 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.slate.com/
Title: Slate Shop

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/the-slate-quiz
Title: Daily Quiz

Search URL Search Domain Scan URL

URL: https://slate.com/newsletters
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://slate.com/sign-in
Title: Sign In

Search URL Search Domain Scan URL

URL: https://slate.com/account
Title: Account

Search URL Search Domain Scan URL

URL: https://slate.com/sign-out
Title: Sign out

Search URL Search Domain Scan URL

URL: https://slate.com/
Title: Slate homepage

Search URL Search Domain Scan URL

URL: https://www.instagram.com/slate/
Title: Slate on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/slate
Title: Slate on Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Slate/
Title: Slate on Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/slate
Title: Slate on YouTube

Search URL Search Domain Scan URL

URL: https://slate.com/plus?utm_medium=link&utm_campaign=plus&utm_content=nav_bar&utm_source=nav
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2024/01/gop-fundraising-campaign-2024-small-dollar-donors.html
Title: Fatigued by All This End-Times Rhetoric

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2024/01/abortion-arkansas-ballot-roe-limited-government.html
Title: It’s Better Than Nothing. But It’s Worse Than Roe. Are We Ready for Bad Abortion Laws Pushed With Good Intentions? Susan Rinkunas

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2024/01/corporate-job-quit-now-crossing-guard.html
Title: I Quit My Corporate Job to Become a Crossing Guard. It’s Perfect. Eden Robins

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2024/01/amanda-knox-quit-alcohol-caffeine-dry-january-habits.html
Title: When I Was Wrongfully Accused of Murder, I Had to Quit Alcohol Cold Turkey. Here’s What I’ve Learned Since. Amanda Knox

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2024/01/nra-bad-news-supreme-court-vullo.html
Title: The NRA Has Put Another Disastrous Case in Front of the Supreme Court Todd Phillips

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2024/01/quitting-things-correctly-this-year.html
Title: A New Guide to Quitting Shannon Palus

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2024/01/therapy-divorce-self-improvement-acceptance-when-to-stop.html
Title: Some People Need to Be in Therapy. And Others Need to Quit Therapy. Katie Heaney

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2024/01/wide-close-bench-press-grip-fitness-advice-hacks.html
Title: There’s Only One Thing You Need to Know About Exercise. I Promise You—It’s Not a Hack. Luke Winkie

Search URL Search Domain Scan URL

URL: https://slate.com/culture/2024/01/michigan-alabama-football-playoff-rose-bowl-cfp.html
Title: Michigan Football Finally Found Its Ideal Form Alex Kirshner

Search URL Search Domain Scan URL

URL: https://slate.com/culture/2023/12/book-bans-florida-sexuality-lgbtq-online-reading.html
Title: Book Bans Are Doomed to Failure. Here’s Why the GOP Doesn’t Care. Laura Miller

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2024/01/role-play-love-sex-words-advice.html
Title: I Love to Role-Play in Bed. But I Keep Freezing During One Crucial Part. Jessica Stoya

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2024/01/new-year-christmas-holiday-covid-flu-cold.html
Title: My Sister Just Broke a Cardinal Rule of the Holidays. I Can’t Let It Go This Time. Allison Price

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/hi-phi-nation/2023/04/how-a-i-and-digital-avatars-could-transform-death-and-grief

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/hi-phi-nation/id1190204515
Title: Apple Podcasts

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/0izJYLb7Q9gktrQfXLSgLs?si=nYcgA72aRoy6JRKpq1GwMQ
Title: Spotify

Search URL Search Domain Scan URL

URL: https://www.stitcher.com/podcast/barry-lam/hiphi-nation
Title: Stitcher

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2023/12/holiday-detox-you-dont-need-to-heres-why.html
Title: You Don’t Need to Detox or Do a Cleanse Right Now—or Ever Gideon Meyerowitz-Katz

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2024/01/trivia-quiz-daily-slate-history-protests-presidents-knights.html
Title: Think You’re Pretty Smart? Prove It With Our Daily Quiz. Ray Hamel

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2023/12/ai-artificial-intelligence-chatgpt-algorithms-regulation-congress-biden.html
Title: A.I.’s Groundhog Day Jane C. Hu

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2023/12/ai-generated-birds-santa-cardinal.html
Title: A.I. Came for Our Jobs, Our Art, and Our Souls. Now It’s Coming for Our Birds. Nicholas Lund

Search URL Search Domain Scan URL

URL: https://slate.com/technology/2023/12/ai-mass-shootings-ambient-fusus-surveillance.html
Title: The A.I. Surveillance Companies That Say They Can Thwart Mass Shootings and Suicides Heather Tal Murphy

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvzDxN4eFwaaUiZkGp7CDTNZZFBYxs6RJ9aG6NiGv3qfoVC5-U5CDKNlDBfFTws7gtB3_WZFbwaI3mculJgKVxcgQTsYehNDOjXYW7z0osahWEWeNgYFaqjfPQiaAqqm6DWAh_vkEodm0wE6QTVhVxe7obSr4-5QOHtg0OuENwctM3IVeYTTYsAksIl9Av6K-G8Ihmeeu5u0LMz16z3piRKF2Z0qSmykrUInPSbuoi1GwSCbKpkSZk5X3Y4vTFtHMSh_k-nC5EMQWdQQZ_jq9MAkQtIKhXoyzLNFuhDnABcb2l6N4AYWy15QIEyeKK6V5vo7BbQuddGj2g73YCaq6UprSjzNdslVHs1ay3qgEUrU-AOUll6Sc7gHmfI&sai=AMfl-YTUeT_rGGjVw1l4J3sDvjh20zqi4K__OiH0Vgju6dwbeggHXuenSUG3F9SrU3qxARrkmC9KPycOcjjhmT9150Rqo6qKcp-B5qyXGueVI6T5obD6OP7_it48uqeZs2o&sig=Cg0ArKJSzCWsbvRIlEGeEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://slate.com/news-and-politics/the-slate-quiz?utm_medium=native&utm_campaign=News_Quiz&utm_content=Smarter_Than_Slatester&utm_source=homepage
Title: Are you smarter than a Slatester? Test your news knowledge.

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2023/12/son-moved-in-first-girlfriend-dear-prudence-advice.html
Title: Help! My 20-Year-Old Son Just Moved in With His First Girlfriend. Oh No.

Search URL Search Domain Scan URL

URL: https://slate.com/business/2023/12/coworker-working-christmas-gift-personal-finance-advice.html
Title: pay dirt Content Locked for Slate Plus members I Want to Give a Co-Worker a Priceless Christmas Gift. But It’s Going to Make Me Some Enemies.

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/hearmeout/2024/01/your-new-years-resolution-should-be-small
Title: Yes, You Can Self-Improve Right Now F— your gut. Trust your enemies.

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2024/01/kids-husband-bad-comments-dear-prudence-advice.html
Title: Help! My In-Laws Always Use My Kids to Get Back at My Husband.

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2023/12/boyfriend-ex-tragedy-family-comfort-dear-prudence-advice.html
Title: Help! My Boyfriend’s Ex Is Comforting Him Through a Major Tragedy.

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/dear-prudence/2023/12/gay-divorce-and-smelly-partners-slates-outward-gives-advice
Title: Outward: We’re Here, We’re Queer, Here’s Some Advice!

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2023/12/cousin-host-wedding-family-free-advice.html
Title: Help! My Cousin Thinks I Should Host Her Wedding, Just Because I Own Her Childhood Home.

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2017/06/dear-prudence-my-brother-in-law-set-me-up-to-be-sexually-assaulted.html
Title: Help! My Brother-in-Law Set Me Up to Be Drugged and Sexually Assaulted by His Friend.

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2022/04/sus-newborn-gift-care-and-feeding.html
Title: Dear Care and Feeding: I Think My Aunt’s Newborn Gift Has a Sketchy Ulterior Motive

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2020/04/boyfriend-sex-weight-gain-advice.html
Title: I Asked My Boyfriend to Be Honest About Sex With Me. I’m Devastated by His Response.

Search URL Search Domain Scan URL

URL: https://slate.com/full-slate
Title: View all Most Recent stories

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2024/01/slatest-news-politics-newsletter-how-to-quit.html
Title: 12h ago Slate Staff The Slatest for Jan. 2: A Guide to Quitting Things Correctly

Search URL Search Domain Scan URL

URL: https://slate.com/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://slate.com/culture/2023/12/slate-movie-club-2023-walks-into-sunset.html
Title: Farewell to 2023 in Movies! Dana Stevens The Movie Club, Entry 17.

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/culture-gabfest/2024/01/why-timothee-chalamet-is-too-sweet-for-wonka
Title: Is Timothée Chalamet’s Wonka Overly Sweet? Podcast Episode Culture Gabfest

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/icymi/2024/01/internet-loves-romance-novels
Title: Should We Quit Romance Novels? Podcast Episode ICYMI

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/hang-up-and-listen/2024/01/the-college-football-playoff-semifinals-the-detroit-pistons-and-the-pac-12s-weareunited-movement-on-hang-up-and-listen
Title: How Did the Detroit Pistons Get So Bad? Podcast Episode Hang Up and Listen

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/hit-parade/2023/12/how-fans-tell-the-music-biz-whats-a-hit
Title: Fans Now Pick the Hits. Podcast Episode Hit Parade

Search URL Search Domain Scan URL

URL: https://slate.com/culture/2023/12/past-lives-best-movies-2023.html
Title: It’s One of the Most Acclaimed Movies of 2023. Why Are People Suddenly Turning on It? Dan Kois

Search URL Search Domain Scan URL

URL: https://slate.com/technology
Title: Tech & Business

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/working/2023/12/creativity-goals-for-2024
Title: The Hosts of Working Share Their Creativity Goals for 2024 Podcast Episode Working

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/slate-money/2023/12/banks-how-boring-protocols-keep-the-world-economy-under-americas-thumb
Title: America’s Boring Superweapon Podcast Episode Slate Money

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest
Title: Human Interest

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/how-to/2024/01/avoid-injuries-and-stay-active-as-an-older-athlete
Title: How To Keep Playing the Sports You Love—and Avoid Injuries Podcast Episode How To!

Search URL Search Domain Scan URL

URL: https://slate.com/human-interest/2023/12/boyfriend-mother-in-law-kiss-advice.html
Title: My Boyfriend and His Mom Weird Me Out the Moment They See Each Other Rich Juzwiak

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics
Title: News & Politics

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2023/12/how-the-state-department-wants-to-use-music-to-change-the-world.html
Title: Jazz Played a Unique Role in Cold War Diplomacy. What Can the U.S. Learn From That in 2024? Fred Kaplan

Search URL Search Domain Scan URL

URL: https://slate.com/podcasts/what-next/2024/01/trump-the-ukraine-russia-war
Title: How Ukraine Loses The War Podcast Episode What Next

Search URL Search Domain Scan URL

URL: https://slate.com/news-and-politics/2024/01/trivia-quiz-daily-slate-culture-movies-music-childrens-books.html
Title: Think You’re Pretty Smart? Prove It With Our Daily Quiz. Ray Hamel

Search URL Search Domain Scan URL

URL: https://jobs.lever.co/slate
Title: Work With Us

Search URL Search Domain Scan URL

URL: http://www.slatereprints.com/
Title: Reprints

Search URL Search Domain Scan URL

URL: https://slate.com/plus
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://slatehelp.freshdesk.com/support/solutions
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://slate.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://gum.criteo.com/sid/json?origin=onetag&domain=xraynetwork.space&sn=ChromeSyncframe&so=0&topUrl=vip.xraynetwork.space&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=81L9j3xLVG9nNUlhSTZTLytxcmFpNGFnNXlldGFiREZFc25JOHdLcW5ON0JNMzI5RXZZWmx2cXg4Ky9NTkV0RkQrMkFkVzk4L1ZxZllOUHJrYmkrbU1YNzRyZjY2NDJxZlg5d2hIamx4UmNFODhwVUJSNnNwcUlHbFhNc1N4ZWQvaU96bXRHUHBXQXhDWk12Vll3NnhEbVlsVVZvVXN4YVhUL2kzQldnTGxQUXB4Y0RaUCs5b3pEQUdjdlh3c3lMVGswSE5XUVl3SktJWkNZN0MvUDNGQ3RXcXA4dGtPSWxjRjkvdDk0dllQeUpuamZDRGp5RkxaanBnb3BUaitrbEJZaktGV3VJTGVKeFJMTlM0anFTRDMwMDdDZ3EwZzdCeExMaDJ0Q2JOcndzYVhuMD18&cppv=2

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_cm&google_hm=ay1iazFpZmVCZlBNUThZY01Mb0llY0Q0a1JUczhOTUJzQWZqVElXdw&us_privacy=1--- HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_gid=CAESEGzQOKhtHrFDiBlN46SDzYw&google_cver=1&google_ula=913071,0

Request Chain 84

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Jie__uBfPMQ8YcMLoIecD4kRTs9yLaZvjKqwkw&expires=30&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Jie__uBfPMQ8YcMLoIecD4kRTs9yLaZvjKqwkw&expires=30&us_privacy=1---

Request Chain 85

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1--- HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1--- HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6053733941246052100&us_privacy=1---

Request Chain 86

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&custom=&tag_format=img&tag_action=sync&custom=&cb=74af878e-2a06-484f-ab0d-664787430709&us_privacy=1--- HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=74af878e-2a06-484f-ab0d-664787430709&us_privacy=1---&final=true&reqid=b2ab7100-aa36-11ee-b218-99376bfd76dc&timestamp=2024-01-03T12%3A50%3A39.761Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=6053733941246052100&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=b2b200b0-aa36-11ee-a6c7-95ac49505d2c?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=b2b200b0-aa36-11ee-a6c7-95ac49505d2c?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=dcd77815225567257d4b86585423df71&tag_format=img&tag_action=sync&cb=913652626 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=dd30e361-ee94-4cf6-b456-8308b585b488&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=b2b200b0-aa36-11ee-a6c7-95ac49505d2c&cb=1704286240439&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1704286240439 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a1398a2c-c422-43d7-9803-40dcc36d0e34&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704286240439

Request Chain 92

https://eb2.3lift.com/xuid?mid=2711&xuid=k-XctF-uBfPMQ8YcMLoIecD4kRTs9mic3KVKuWCQ&dongle=013b&us_privacy=1--- HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-XctF-uBfPMQ8YcMLoIecD4kRTs9mic3KVKuWCQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---

Request Chain 93

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&verify=true

Request Chain 96

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1--- HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=RyTvkdyVobbH-wy_9S80VfcnPQSlJlGe

Request Chain 97

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-p0RPueBfPMQ8YcMLoIecD4kRTs-1gudyoSp3Hg&us_privacy=1--- HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-p0RPueBfPMQ8YcMLoIecD4kRTs-1gudyoSp3Hg&us_privacy=1---&C=1

Request Chain 99

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hYuRrOBfPMQ8YcMLoIecD4kRTs-xMKQPrhBsxA&us_privacy=1--- HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hYuRrOBfPMQ8YcMLoIecD4kRTs-xMKQPrhBsxA&us_privacy=1---

Request Chain 100

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gG0hR-BfPMQ8YcMLoIecD4kRTs8-uDhaNPYngg&us_privacy=1--- HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gG0hR-BfPMQ8YcMLoIecD4kRTs8-uDhaNPYngg&us_privacy=1---&_li_chk=true&previous_uuid=edf75317638a47ac831b25d7b2e5b82d HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=edf75317-638a-47ac-831b-25d7b2e5b82d&us_privacy=1--- HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=7136974c-f8e6-4637-84f4-b37a026d2afb%3A1704286240.3148437&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D7136974c-f8e6-4637-84f4-b37a026d2afb%253A1704286240.3148437%26pid%3D500040%26it%3D1%26iv%3D7136974c-f8e6-4637-84f4-b37a026d2afb%253A1704286240.3148437%26_%3D1704286240.3165956&cb=1704286240.3166378 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=979321841173714391&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D7136974c-f8e6-4637-84f4-b37a026d2afb%253A1704286240.3148437%26pid%3D500040%26it%3D1%26iv%3D7136974c-f8e6-4637-84f4-b37a026d2afb%253A1704286240.3148437%26_%3D1704286240.3165956 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=7136974c-f8e6-4637-84f4-b37a026d2afb%3A1704286240.3148437&pid=500040&it=1&iv=7136974c-f8e6-4637-84f4-b37a026d2afb%3A1704286240.3148437&_=1704286240.3165956 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1704286240.3165956&iv=7136974c-f8e6-4637-84f4-b37a026d2afb:1704286240.3148437

Request Chain 112

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&redir=true&us_privacy=1--- HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12ajRCZkk1RTJ1Rk5Gbnl6cl9hSEl5YURFcndhUnJLbX5B&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&dpid=58301

Request Chain 113

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1--- HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Vf_3IZvdS5_wipnq1vR7AuYYvQwT373C HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Vf_3IZvdS5_wipnq1vR7AuYYvQwT373C

Request Chain 115

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1--- HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=UZl7gQjnK6NUXI75vJLlnDQuDTtCqA-B

142 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vip.xraynetwork.space/ 1014 KB
235 KB 495ms
411ms Document
text/html 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

491094116986c8339416a6827d9d220409d590cb9116c03da7c9012120608450

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2943
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83fb5e59be6c4bbd-BUF
content-encoding: br
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 12:50:38 GMT
feature-policy: web-share 'self'; clipboard-write 'self' *;accelerometer 'none';autoplay 'none';camera 'none';ch-device-memory 'none';ch-downlink 'none';ch-dpr 'none';ch-ect 'none';ch-prefers-color-scheme 'none';ch-rtt 'none';ch-ua 'none';ch-ua-arch 'none';ch-ua-bitness 'none';ch-ua-full-version 'none';ch-ua-mobile 'none';ch-ua-model 'none';ch-ua-platform 'none';ch-ua-platform-version 'none';ch-viewport-width 'none';ch-width 'none';clipboard-read 'none';cross-origin-isolated 'none';display-capture 'none';document-domain 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';gyroscope 'none';hid 'none';idle-detection 'none';magnetometer 'none';microphone 'none';midi 'none';otp-credentials 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';screen-wake-lock 'none';serial 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none';ambient-light-sensor 'none';battery 'none';gamepad 'none';layout-animations 'none';legacy-image-formats 'none';oversized-images 'none';speaker-selection 'none';unoptimized-images 'none';unsized-media 'none';vibrate 'none';vr 'none';
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: web-share=(self),clipboard-write=(self *),accelerometer=(),autoplay=(),camera=(),ch-device-memory=(),ch-downlink=(),ch-dpr=(),ch-ect=(),ch-prefers-color-scheme=(),ch-rtt=(),ch-ua=(),ch-ua-arch=(),ch-ua-bitness=(),ch-ua-full-version=(),ch-ua-mobile=(),ch-ua-model=(),ch-ua-platform=(),ch-ua-platform-version=(),ch-viewport-width=(),ch-width=(),clipboard-read=(),cross-origin-isolated=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),idle-detection=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),xr-spatial-tracking=(),ambient-light-sensor=(),battery=(),gamepad=(),speaker-selection=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKg3Uh5WY0zflnyZgJSem9hBxEnkRztIpiOy2XHESOEcjKlgj6LGRLUYmlv3Sy%2BrRU0KvLRVkLA%2BK3kqBCv5CvAWhorJCVBSHXdd%2FwMdRZRyMmXGUHU6aEn%2FgkaUoMPJgbdSkuD7S%2FGAFPd66pAD3wsQYIs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
via: 1.1 varnish, 1.1 varnish
x-ab: 7_1
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-content-type-options: nosniff
x-frame-options: sameorigin
x-is-eu: 1
x-served-by: cache-iad-kiad7000157-IAD, cache-fra-eddf8230064-FRA
x-slate-uuid: 92085644-032e-4d97-9420-def0d4fb0c3b
x-timer: S1704286238.034154,VS0,VE1

GET
H2 200 Register-Heavy-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 32 KB
32 KB 602ms
598ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Register-Heavy-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a571c0d8f7c25bd282e8d038c5c2c8cb13b094f9e0a756989e3764bba404ee1f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 32432
x-served-by: cache-iad-kiad7000140-IAD, cache-fra-etou8220062-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286238.433774,VS0,VE0
etag: "5fd128de-7eb0"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izKOI9boUiWtZ7Ayccq6nRMweyFTixIuGL9fpXVhtBdoN94mXpkrKyQ9iZUnd7rH77oMPDJGotB7wO36NGxNc039aYernERlmicGOxuQgCZbeIHv2SZR0ETT%2BPTtXE1veHSliH55dHIswW%2FIl3EsrWGwI%2F0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5c6f524bbd-BUF
x-cache-hits: 467, 38

GET
H2 200 Register-HeavyItalic-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 34 KB
35 KB 467ms
463ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Register-HeavyItalic-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42bb800a50ddbf348ff64fa765ef182f93e2f8b64d65fc6ed2f5f97d602e64d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 35112
x-served-by: cache-iad-kcgs7200146-IAD, cache-fra-eddf8230089-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286238.346000,VS0,VE0
etag: "5fd128de-8928"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDbjIPNb7lss2LzEJZ8oG8a0xHxet6MM7vIPFL6Z38Y5bgGJ5CgWBNVfm6MNqJmW8cX6LTmD3a2ulVgNkfIFkHKNizIO708%2B%2B4tfflFr8CO%2Byn4vJXUQuy5hpYZraRG56BmY1wkNvMSsPFRB4NkdmYIezac%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5c6f534bbd-BUF
x-cache-hits: 13, 3

GET
H2 200 Retina-Book-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 41 KB
41 KB 488ms
485ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Retina-Book-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 41548
x-served-by: cache-iad-kcgs7200056-IAD, cache-fra-eddf8230104-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286238.363415,VS0,VE0
etag: "5fd128de-a24c"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay%2FeEqngI%2FW0lVzlnoDHmmxUQRACHIaKtJ9OhEIBDsk9rHWuJA2zXPp3Wuv8I9Mfos%2Foqu6Y0%2B0DE7RzoT2QyE8XZTNgIPIQRNXWxNgTGSpwKjbaDWlEeivVB0SSb3tKA51Cl8VhzOAqX0JYqpmWQq0pKR4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5c6f544bbd-BUF
x-cache-hits: 1011, 17

GET
H2 200 Retina-BookItalic-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 41 KB
42 KB 769ms
766ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Retina-BookItalic-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e351a4def3c5e76899bac16564adac935392a33d627a7e478b8f83a09f0d5045

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 42372
x-served-by: cache-iad-kcgs7200156-IAD, cache-fra-etou8220100-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286239.607677,VS0,VE0
etag: "5fd128de-a584"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ik0NX%2Fd0hNBjw%2FyaDZZlii0jr0AeMDP3GWck9zm1sxyOFukO9zNGwdrwphqgnrgpGnCp8xmb%2B6mi1k5FIWj5wnqgM84xUTaL0nPv2HAqMbEEwZotbqiuHIuPnYNUBJLnb9oRlEzdQv9SGIoE4D%2BZ09A9ke0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5c6f554bbd-BUF
x-cache-hits: 134, 19

GET
H2 200 Retina-Bold-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 41 KB
42 KB 976ms
974ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Retina-Bold-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 42296
x-served-by: cache-iad-kiad7000085-IAD, cache-fra-eddf8230053-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286239.651130,VS0,VE0
etag: "5fd128de-a538"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0ddqEa2JeDK2nhxUv58NjvNGdeUEHl0gF2KLN6229oSWW%2Bm97p4R3Lt0QDjlz1AtHliUrYCoxxPWWdEjjEGIxxo80htwv81LbEaB1S3j4p2ge6S41x3QDR29YwaPJCTwvCX3mGOA8bnZuzs4w5owTuCZGw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5c6f564bbd-BUF
x-cache-hits: 532, 23

GET
H2 200 Retina-BoldItalic-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 42 KB
43 KB 452ms
450ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Retina-BoldItalic-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b4700d49a18bb29aa7bdfebcb6df3ddc2bb7f672a5e128f5d2979722693b9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 42972
x-served-by: cache-iad-kcgs7200125-IAD, cache-fra-etou8220046-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286238.338367,VS0,VE0
etag: "5fd128de-a7dc"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDFxgaTZoQPxpGGTwwr%2FpNZaQBqdYmbiB4yU1dQ65gB9HjDB7GDWnhnp6R78XX9B5h3I%2FvGi6DbmDzs4aDETSog8uMWRY0yNMYPPEH97%2BpTvwD1cQGRQa9y8hVTifKyrI4pLnYuhDiDriAeIGTfCqWFHiaM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5c6f574bbd-BUF
x-cache-hits: 38, 6

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 106ms
38ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5rel+BW+cbOCNkEJ4C4NBQ==
age: 16136
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 21 Dec 2023 21:19:55 GMT
server: cloudflare
etag: 0x8DC026A943751A5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83fb5e5cca0a4bcd-BUF

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 107ms
40ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 16000
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c19e7251-301e-0069-5d8f-1300cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83fb5e5cca0b4bcd-BUF

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 125ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c8f9bfc65fbd6355193afe2f69b81b3cc46dfe12eddae1253cefae9f238d166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29016
x-xss-protection: 0
server: cafe
etag: 575 / 19725 / m202312070101 / config-hash: 14990503706918479220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:50:38 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 216ms
69ms Script
application/javascript 18.160.153.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.153.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-153-68.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 11:59:24 GMT
content-encoding: gzip
via: 1.1 4db130e87be66fce9731567ae0669c56.cloudfront.net (CloudFront), 1.1 4b178a7629fc5d4c471356aaa9048960.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, IAH50-P1
age: 3075
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: vSq3g5d5MiNfhYu_cI33CwTUIkIoL11LWVk85K5MdtXYexflMu2DIA==

GET
H2 200 0e1d2de3-ec2a-48ca-8f78-11045575a199.json Show response
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/ 6 KB
2 KB 201ms
139ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/0e1d2de3-ec2a-48ca-8f78-11045575a199.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd3a947a5e0277fe32607476e54b447d0ece6ff1ea966c14ccbe0bb1f41b64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: As1B6ecJo25xfr9oDtw+Wg==
content-length: 1900
x-ms-lease-status: unlocked
last-modified: Wed, 15 Nov 2023 18:53:30 GMT
server: cloudflare
etag: 0x8DBE60C2944639F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9ef1b927-b01e-002a-7119-3ee693000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83fb5e5d7d9b4bcc-BUF
expires: Thu, 04 Jan 2024 12:50:38 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 78 B
245 B 112ms
46ms Script
text/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 83fb5e5e3bc66aee-BUF
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/slate1-network/ 352 KB
55 KB 68ms
24ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c402f59f1b4fe79cf2be8a405f1e65f32807b54b2a22678e5ef55736ca22f386

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ollLrpUEVdcfmDJRKg_GM6Q_eBe_jiPy
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 Jan 2024 12:50:38 GMT
x-amz-request-id: 0XN18BGFNHC084ZC
age: 6594
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 31
x-amz-replication-status: FAILED
content-length: 56166
x-amz-id-2: SBcC/VEasTQTktERCc1LJlLXMKdyZxkv+xGtmD5EbkZpSLnFWFFAOafajvIXAhCMnvXjI5mVZNY=
x-served-by: cache-yyz4535-YYZ
last-modified: Wed, 03 Jan 2024 10:45:47 UTC
server: nginx
x-timer: S1704286238.413770,VS0,VE1
etag: "856b7987793d5ad33271f7b5bcbe921633d35e8b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 29
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 connatix.playspace.js Show response
cd.connatix.com/ Frame 22B9 7 KB
3 KB 88ms
28ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.playspace.js?cid=ed20abb8-f256-4574-a9b8-161bc2e90485
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aebe30cf38ed224e4e00670b4e54cd959ca325d10569ee2c4b0308e2173564c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 83fb5e5daae239f4-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H3 200 sprite.svg
vip.xraynetwork.space/media/components/masthead/ 17 KB
8 KB 289ms
288ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/components/masthead/sprite.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cae879df9e9203b60ca482e1723bc15ffda91285b95b30636ad3f468b1b8aae7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kcgs7200022-IAD, cache-fra-etou8220065-FRA
last-modified: Wed, 06 Dec 2023 14:28:29 GMT
server: cloudflare
x-timer: S1704286239.562049,VS0,VE2
etag: W/"6570850d-45cb"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWfG%2BYzTKKzCevdaxuFXUKSS37cfIo52lIJBt7%2F27FiMnfEWuqicGUAuEJ8%2BSproeOP%2BbUV59XaoTkea8In4jXYWSsrCB%2BWepfj09n%2F6n9olooAo3VSuFE9x1SBJdfh7Mxfzp08RCtAakROjdh9QU122NVY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5dcdb04bcc-BUF
x-cache-hits: 5045, 1

GET
H3 200 global-sprite.svg
vip.xraynetwork.space/media/sites/slate-com/ 23 KB
10 KB 293ms
292ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/sites/slate-com/global-sprite.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1af11c32d42ff7931eb8ca57c539ed1f6c7da50a729c24c40b98bcba83d181b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000136-IAD, cache-fra-eddf8230131-FRA
last-modified: Thu, 20 Apr 2023 17:00:14 GMT
server: cloudflare
x-timer: S1704286239.568194,VS0,VE1
etag: W/"64416f9e-5bd4"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIneG0SiiNVsQvpAEaSCWzAkQdSGQGcXcyTVm8a5I%2FMggyzN8BYEo%2FTsZ7DOLDW6z2VzT%2FdI1sgDu8jiPGjhc5mT4f%2F3XfKADL8cOZF%2Fo7kulqLpP9P9U679hlqwpzju4597Ln4JSnHLTz90ZUkN%2B59jfsE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5dcdb14bcc-BUF
x-cache-hits: 4270, 1

GET
H3 200 Lora-Regular-subset.woff2
vip.xraynetwork.space/fonts/slate-com/ 25 KB
26 KB 669ms
668ms Font
application/octet-stream 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/fonts/slate-com/Lora-Regular-subset.woff2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07933861209e28131bb69e64f37c37afdd2999678f8a147f6a6bab05ae7148b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 26032
x-served-by: cache-iad-kcgs7200034-IAD, cache-fra-etou8220021-FRA
last-modified: Fri, 20 Jan 2023 20:15:29 GMT
server: cloudflare
x-timer: S1704286239.729286,VS0,VE1
etag: "63caf661-65b0"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsTTrvqdxV3Eir1MGdxr4hFC5ZkPuuw6d1qjKBx52xbAew1o%2FFoJ2%2Fj7JsA5R5lS%2Fm6P%2F1wSJwKIyHuU0uYAY7FuIEn7C%2BJdwVxQ15SxUf90FUkghSomhUKqWg9OXF2Be6T6FPNfa7CddYPuNT4aZEY7uQ0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 83fb5e5dfdd84bcc-BUF
x-cache-hits: 105, 1

GET
H2 200 8c244998-3b03-452a-9dd1-e26b573b57c8.jpeg
compote.slate.com/images/ 22 KB
23 KB 68ms
20ms Image
image/avif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compote.slate.com/images/8c244998-3b03-452a-9dd1-e26b573b57c8.jpeg?width=480
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb6217c1529c91f36160647650aeac4d32c8fd2a44de21abfb85e5499feb93b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: FIQP.E7s9ACbt0PI5C7VhNPIGdtI5aie
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 12:50:38 GMT
x-amz-request-id: 6M39APJD0ES6WRYS
age: 4926949
x-amz-server-side-encryption: AES256
x-io: /images/8c244998-3b03-452a-9dd1-e26b573b57c8.jpeg?width=480&auto=avif
x-cache: HIT, HIT
fastly-io-info: ifsz=315315 idim=1560x1040 ifmt=jpeg ofsz=22773 odim=480x320 ofmt=avif
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 22773
x-amz-id-2: Oy3ol7reTHwLg3IMHcOjy6ANjjRYfJjGqKoM8cMIG+R+pG83+EK5jxhW+eIj1CLkDAXdvrDr6yY=
x-served-by: cache-iad-kiad7000083-IAD, cache-yyz4572-YYZ
server: AmazonS3
x-timer: S1704286238.444700,VS0,VE1
etag: "VMyxSBJMXOcrJG4KVEXYwfUeSLtSE1MF6LhuVJSb4jQ"
vary: Accept
content-type: image/avif
cache-control: public, max-age=315360000
accept-ranges: bytes
x-cache-hits: 60752, 1

GET
H3 200 prudie-sprite.svg
vip.xraynetwork.space/media/sites/slate-com/ 8 KB
4 KB 318ms
317ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/sites/slate-com/prudie-sprite.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fad1465ec2456fd39f0b19048529729e8de572fa8797f7381eb3ec7da6e3e1f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000045-IAD, cache-fra-eddf8230105-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286239.681794,VS0,VE1
etag: W/"5fd128de-217b"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpvpZyJxstkOvcu5oVR0UZqgGmHRp944TBZgOAPyWEEEbr8wvFBaJqvxqNL1gK7lc4Hgpf5Vd0p5QQS%2FfHCQhYW7T%2BCM60EqCeh%2BOaNQoeW7f4xMnzm%2B%2FyTWxtCnkVR%2F2UO9cZcGqpyJXfPe7njGH6uxjSE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5e5e074bcc-BUF
x-cache-hits: 5929, 1

GET
H3 200 sprite.svg
vip.xraynetwork.space/media/components/roadblock-signifier/ 248 B
966 B 356ms
354ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/components/roadblock-signifier/sprite.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64c065e668729c733fc85bcd0a6503faf9b2931d2967b0552e9db845277e20cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: MISS, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000107-IAD, cache-fra-etou8220104-FRA
last-modified: Fri, 30 Jun 2023 15:24:40 GMT
server: cloudflare
x-timer: S1704286239.722477,VS0,VE1
etag: W/"649ef3b8-f8"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFXrwyCyHEsqFcWSw55DzITLUemor4pDXNlcftaCH48I7H9dFYigTMkYkSmexmkCZm6LkVuxlhhxn1Ljl4FHZ3ZcDmnBHJpf0mPkEahqcPM2lszOk947oM3liJIq%2FqrS9O4IpVI76dMXfSi6kf%2Bo1vY1bG8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5e5e0a4bcc-BUF
x-cache-hits: 0, 1

GET
H3 200 signifiers.svg
vip.xraynetwork.space/media/sites/slate-com/ 1 KB
1 KB 361ms
360ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/sites/slate-com/signifiers.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f311d8aa7e370357ab10b71e399d73cddd2c90d6cc75f3168897ff386241888

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000139-IAD, cache-fra-etou8220051-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286239.717914,VS0,VE0
etag: W/"5fd128de-458"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc5ueUCer4cBC0ernFiK6fM%2FOkeMyIuOQLMwRKIUjMQccczyhtMY5hicVIFLsJ9hfR4qzFYYZ7i5kqsFPEme6j83dWkVJRLPDqUyFseeqTBnHgYrIYKsAIMucr9BC1O6iT6JjpbWXgBY1DoQQv%2FK7dNy9EM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5e5e0b4bcc-BUF
x-cache-hits: 3128, 2

GET
H3 200 sprite.svg
vip.xraynetwork.space/media/components/homepage-advice/ 16 KB
8 KB 398ms
397ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/components/homepage-advice/sprite.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c6e24a24df7645c5eb0b948aeb760b53990175f8f980ea14045ed7007ac13d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-eddf8230065-FRA
last-modified: Fri, 30 Jun 2023 15:24:40 GMT
server: cloudflare
x-timer: S1704286239.763732,VS0,VE1
etag: W/"649ef3b8-3f3c"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axjfqnsUyIDL%2F5v5OJ%2FRNuIzxYhnSmaeqQe%2FA8QT93OY0%2F6HMoPRBb432%2FarUq%2FlpheUT4veFZ%2F5rGV8u5CzIwPABuRZ57PVb3pZeA%2F7XhykwS4yq3nPrBtmiPHIg9991Oxr%2FqZV3DNj6BC7Pcwq%2FHq9jeI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5e5e0c4bcc-BUF
x-cache-hits: 11359, 1

GET
H3 200 prudie.png
vip.xraynetwork.space/media/components/homepage-advice/ 149 KB
150 KB 438ms
437ms Image
image/png 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.xraynetwork.space/media/components/homepage-advice/prudie.png

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1405e38c8d4d815d56efc6eec6865289cd34ac551e0835c82289b7c3e81f31eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 153027
x-served-by: cache-iad-kjyo7100170-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 30 Jun 2023 15:24:40 GMT
server: cloudflare
x-timer: S1704286239.656102,VS0,VE1
etag: "649ef3b8-255c3"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktcNkToYtb78li%2F4QowNa19ZABjsdSd%2FLf5uC1wk97JKAbUN5wtRcItjHBtuRwnSu2I2Nyfp6e0LoDL246Hs15ELo1nCNsCDKlenqWO6uvlIicYZdZfoG1J8RCF5L1RDIdbvUTpxkxSwqNRHqoBGMrTH6fU%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fb5e5e5e0d4bcc-BUF
x-cache-hits: 14, 1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
314 B 107ms
46ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 83fb5e5ecd074bc0-BUF
access-control-allow-headers: Content-Type

GET
H2 200 impl.20240103-12-RELEASE.js Show response
cdn.taboola.com/libtrc/ 833 KB
173 KB 21ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240103-12-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/slate1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 81d9e8f3eb4ff1562acee8da93cb8d3e22cd8758080e041d1a44037dd925211d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: v_DIc1Ujg8Q4ReHNHoOxaGLNPeKQR8Yk
content-encoding: br
via: 1.1 varnish
date: Wed, 03 Jan 2024 12:50:38 GMT
x-amz-request-id: GR34WZNE9YHMHWJA
age: 9975
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 176460
x-amz-id-2: AWrSJCrGYxAirpvvuMol0Rbd/iFkH4iuWyNtn6eT2lk72mw4lZ/DwTEOb7BZxBk5heO2P5Eaick=
x-served-by: cache-yyz4535-YYZ
last-modified: Wed, 03 Jan 2024 10:03:30 GMT
server: AmazonS3-br
x-timer: S1704286238.486698,VS0,VE0
etag: "1415942f1628892dce346c8587244154"
vary: Accept-Encoding
content-type: application/javascript
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4146

GET
H3 200 slate-group.svg
vip.xraynetwork.space/media/components/global-footer/ 4 KB
2 KB 291ms
290ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/components/global-footer/slate-group.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50832693980e5c77ec736487ce344a40bee1e0e241cf9a4b756b8673bc346854

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-etou8220068-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286239.706769,VS0,VE1
etag: W/"5fd128de-f4f"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FfAhyXKvzRJfw8wiBeZz3FEgN%2FlJ5JFinnJh0sboKmI7QkBgnUOHF3BVLzUq2wAA34gV96sPRpbsBAlpFvwPS9c44lEfgkxVcmloT%2FDO4CsUwmYAM%2F%2FuuLEsvuXV9Z2eAraEWsvFnx%2BrgqGy5OjrpPAwtI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e5ebe1f4bcc-BUF
x-cache-hits: 8054, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 99ms
32ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jan 2024 12:50:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: IIBjo7Cl+Ij1l5/PzVdjPXp4cDDQXGoElE0IoboORduCuMM0ZO0mTweRHaeGNrgNiGbmhg48p7FUds3JtkU/xA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 34ms
31ms Script
text/javascript 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:17:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20014
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 02 Jan 2025 07:17:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
83 B 109ms
46ms XHR
application/json 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vip.xraynetwork.space

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d1a0afe0728f1c1651d3deff1a5ebb1cbb907b619c29b7c59c81709568067d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Wed, 03 Jan 2024 12:50:38 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 278ms
30ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240103-12-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 267102
expires: 60

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/ 426 KB
103 KB 38ms
37ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3zwKFeg02sA5dMnkMN3c/A==
age: 15717
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105024
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:34 GMT
server: cloudflare
etag: 0x8DBF54385213BD6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9da7b195-801e-001e-0647-27d55b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83fb5e5f3acc4bcd-BUF

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 309ms
188ms XHR
application/javascript 18.160.153.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.153.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-153-68.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 be365ac6b3ab023d672d23b4c4392060.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: iBnWD3zhyubmWcrY9nknmcKlRnH4F3DnzPLLRLlMB9HKCGAKS3wBSA==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/9c11676b-a3a2-4e05-8979-52f80431d88e/ 147 KB
25 KB 137ms
137ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/9c11676b-a3a2-4e05-8979-52f80431d88e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d81540a29f91d736eafcefe8fe2204ef143b6c66af8b648eb2c0aab7b358f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: mId/SW++cK1f6sy2cjz0Gw==
content-length: 25172
x-ms-lease-status: unlocked
last-modified: Wed, 15 Nov 2023 18:53:33 GMT
server: cloudflare
etag: 0x8DBE60C2AA01516
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d4a3ac91-001e-002f-5c19-3e3448000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83fb5e5fdeab4bcc-BUF
expires: Thu, 04 Jan 2024 12:50:38 GMT

GET
H2 200 bLayout-en.json Show response
cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/9c11676b-a3a2-4e05-8979-52f80431d88e/ 14 KB
3 KB 394ms
394ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/0e1d2de3-ec2a-48ca-8f78-11045575a199/9c11676b-a3a2-4e05-8979-52f80431d88e/bLayout-en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a64e0f022fd6c13a576d1f3cff5d5078a363bef7ef3cbc49e98de972b47f729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2954
x-ms-lease-status: unlocked
last-modified: Wed, 15 Nov 2023 18:53:44 GMT
server: cloudflare
etag: 0x8DBE60C312291F7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 025d2c68-b01e-003a-1919-3e23fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83fb5e60cef34bcc-BUF
expires: Thu, 04 Jan 2024 12:50:39 GMT

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 21 KB
4 KB 137ms
137ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Tue, 05 Dec 2023 03:37:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9ef1c1a8-b01e-002a-0619-3ee693000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83fb5e60cef44bcc-BUF

GET
H2 200 analytics-browser-1.1.4-min.js.gz Show response
cdn.amplitude.com/libs/ 68 KB
21 KB 233ms
101ms Script
application/javascript 99.86.83.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.83.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-83-35.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85959941ab12a5f6a9debebbf56c7b1471d829a390444ee7ca96116afc7b8ff2

Request headers

Referer: https://vip.xraynetwork.space/
Origin: https://vip.xraynetwork.space
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:37:49 GMT
content-encoding: gzip
via: 1.1 9422830f707ade946de8476fde24aafa.cloudfront.net (CloudFront)
x-amz-version-id: ekSPhRG79Jx.VT8XE3IJ6fa8DOn9bG_F
x-amz-cf-pop: IAH50-C4
age: 15171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21189
last-modified: Sat, 13 Aug 2022 03:30:51 GMT
server: AmazonS3
etag: "60863dd34935487e8591c29a976c6f8c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 3TmebSusUlIyrXPysB3dmtIZTImojOn3KV_apiz36tzfCqXLnuJcKw==

GET
H2 200 p.js Show response
fpa-cdn.slate.com/keys/slate.com/ 57 KB
19 KB 194ms
60ms Script
application/x-javascript 99.86.102.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fpa-cdn.slate.com/keys/slate.com/p.js
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.102.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-102-24.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eb59b80fac02f84de6115b5fbda6bdc0855835195edb7083a0773c208ccb5a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:46:33 GMT
content-encoding: gzip
via: 1.1 290c4b324d098632cec2d95f1f56f83c.cloudfront.net (CloudFront)
last-modified: Tue, 15 Mar 2022 16:42:38 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C3
age: 11047
etag: W/"bbc31bfacbc04e696822f712268e3245"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8U8Gj2XIbDOxY2ltdJ0wXteTjZfoPOXJBOx18LKx1Rph8fmuyiUFlQ==

GET
H2 200 166975463695820 Show response
connect.facebook.net/signals/config/ 124 KB
33 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/166975463695820?v=2.9.138&r=stable&domain=vip.xraynetwork.space

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58f5b56b1d97dc49f7813e8a0026956f2022a8a94137edbab1c4beda3007a470

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jan 2024 12:50:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 969p6UqUSTeXg4wd0WRcRpd+vnZtd69wLKc/OTaRMObjwrLAARsU28OR44kTpfg4isUo5fnrfvCjfDFsHL2URg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 104ms
39ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-794295919

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8daf7600647d92637d11616fd06c5af131d495ac0dfe188f2f5465eb3242a9a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58005
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 12:50:38 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 104ms
32ms Script
application/javascript 2620:100:a001::f
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92394

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f4b41cde4aadd8b2f22b1c66a62c75df9187e428e5a16091f3a69b0cbdf233c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 resize.js Show response
vip.xraynetwork.space/piano/scripts/ 4 KB
2 KB 352ms
352ms Script
application/javascript 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/piano/scripts/resize.js

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bd909b8bef25305eab3c01341369df8eeace213432077753bcfeaf5c922bb28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kcgs7200174-IAD, cache-fra-eddf8230064-FRA
last-modified: Tue, 23 May 2023 20:26:34 GMT
server: cloudflare
x-timer: S1704286239.171159,VS0,VE1
etag: W/"646d217a-ebe"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRv4nQeUeByUY2t3rfhohHo0sJwGJ3mxspNcvewmdxXqlHQXbOLdIZRG1FpPnWRQQG4S%2FfZe3AnU1TJB1zeOJ2oMqLxtJLZG8A7uk4IrNcOtCjNisqq1OzgfqnhN2G4Rnaw9U1%2FQ%2F7%2BrPLAXS2DjBMr%2BSu0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
cf-ray: 83fb5e615f224bcc-BUF
x-cache-hits: 861691, 1

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 110ms
37ms Script
application/javascript 2606:4700:3030::6815:4222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PD3SF2T3MT040HFQ
age: 2899
alt-svc: h3=":443"; ma=86400
x-amz-id-2: z8h4bLDxNLOmZ5V/l1a+lB2DIyxIdOYdyEJEOhNIDvFjuLI+JSb1ic026mbDNulP5RY3v3U71lo=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B2uubePOdBRuxB0xvzVr%2BJm3BA8mhq%2FCxIfC9EXXlEIBOncCNMqMzBldtGCgwLvCeho3etwxNVsgQSQ1D%2BBWdWdNLwLfhGheXCoC4lA5c%2B8ARQKLoWsbAvusJRK3otNfJDT4WvZE83iSSthOY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 83fb5e61cde04bc0-BUF

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 114ms
42ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=homyv5Uzpu

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43cecb942dedd0e30e6cf86a69f8d7fbcec2b02c909fc6cab118f23c84d5d5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 12:38:07 GMT
server: cloudflare
age: 360
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 83fb5e61cb8b4bcf-BUF
alt-svc: h3=":443"; ma=86400
x-request-id: q4gx6vziiu
expires: Wed, 03 Jan 2024 13:20:39 GMT

GET
H3 200 podcast-sprite.svg
vip.xraynetwork.space/media/sites/slate-com/ 11 KB
5 KB 171ms
170ms Other
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/media/sites/slate-com/podcast-sprite.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86c144af7d301fb3ae0165ee310da09e4e3f26920d171f5b29a13475792d7f24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000060-IAD, cache-fra-eddf8230109-FRA
last-modified: Thu, 27 May 2021 15:10:46 GMT
server: cloudflare
x-timer: S1704286239.014688,VS0,VE1
etag: W/"60afb676-2be1"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OZFxX8nmz4E0GE7JyUP2ryQXEylPWC9U0zcsRQnGQCllJesznN4XLykfIX%2Boqln82Rl0GjmeHD6vId65cEwZlGYBfjfW6Xo%2FXkGaejgqiYKXluTdKtNYjYpn3KKUIRXhs%2FDfUzqdR4FX7FofEoWfH3b%2F6M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e615f254bcc-BUF
x-cache-hits: 13497, 1

GET
H3 200 the-slatest.png
vip.xraynetwork.space/media/components/newsletter-signup/ 6 KB
7 KB 289ms
289ms Image
image/png 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.xraynetwork.space/media/components/newsletter-signup/the-slatest.png

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f353bb42cb724a409d8e592ed28e9880b0053670c4f0684f262a61a592c058

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
content-length: 6380
x-served-by: cache-iad-kiad7000027-IAD, cache-fra-etou8220049-FRA
last-modified: Thu, 11 May 2023 18:47:10 GMT
server: cloudflare
x-timer: S1704286239.134441,VS0,VE1
etag: "645d382e-18ec"
x-frame-options: sameorigin
vary: Cookie,X-Native-App-View, Origin, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zg5FqDQQ0k4%2FQhMMsmQRsdn4qFok6peJ%2FSzJZkEyXz77bCO5Q4WByQ49wKsERAmiSrsxc5hoxQg3b7%2FvPwuU2Wml83kWrL%2B0K3LduY%2B4z6nqS5tk3xPO%2FxrOSN7IGRcJXPR2EvxSi%2F1dYk%2FuFcEGYNA3shQ%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fb5e615f274bcc-BUF
x-cache-hits: 10231, 1

GET
H3 200 favicon.svg
vip.xraynetwork.space/media/components/meta-icons/ 937 B
1 KB 186ms
185ms Image
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.xraynetwork.space/media/components/meta-icons/favicon.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1ac621592b8f0b6e334f0663e675c2355021d9900c346bf8845f90815a314e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kiad7000120-IAD, cache-fra-etou8220102-FRA
last-modified: Thu, 04 Mar 2021 19:49:42 GMT
server: cloudflare
x-timer: S1704286239.014042,VS0,VE1
etag: W/"604139d6-3a9"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D%2BJLZ6GFfQI28gg5wHnl%2B36kFvuDNbZsEnWuq%2BVnClUQcZNfKTo76vf%2BKTyslCHF9AcYGYRvzIEwQDPkSWIqWpj69MNIw9A9XyF1KW49LScPx0qFWEa5wyRt07YT77w6ApnYxTEy4ZYlZcyXC%2B0eCdIvCg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e615f284bcc-BUF
x-cache-hits: 7622, 1

GET
H3 200 apple-podcasts-icon.svg
vip.xraynetwork.space/media/sites/slate-com/ 2 KB
2 KB 290ms
289ms Image
image/svg+xml 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.xraynetwork.space/media/sites/slate-com/apple-podcasts-icon.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127684a7a2984aa5f6deeafb2b1b6c27cec577c472bec44bbb9ea4ac67f502ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: BYPASS
content-encoding: br
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-etou8220023-FRA
last-modified: Wed, 09 Dec 2020 19:43:26 GMT
server: cloudflare
x-timer: S1704286239.135439,VS0,VE1
etag: W/"5fd128de-64a"
x-frame-options: sameorigin
vary: Accept-Encoding, Cookie,X-Native-App-View, Origin
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGQLC7rel66d95YaQZB05FlfkgxD0pNkUN9NAPCGoBF9LInvsv%2FJ4HOOcXiAghcQLi9MZju2FBbKIpBIBrABUxfViHLomtZJlNKZ9Ek58N%2FdmKekQd9I5Xye%2Frrd4BrE4Gsat7yD3vmsEH9YqVUbDU7YA%2Bc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83fb5e615f294bcc-BUF
x-cache-hits: 3790, 1

GET
H2 200 16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js Show response
cdn.permutive.com/ 471 KB
111 KB 120ms
43ms Script
application/javascript 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42394b6d14391217b95d31b83a97e2c691da53bc124901e0c3f8f79468e3360d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 16d3bd5c-bf92-4bf0-815a-eac397d3aadf
age: 0
x-guploader-uploadid: ABPtcPoWxRBGwWTGadK40D5iFE_iMlTFyb0sClcr3Ty9WxXPSDpfsTsmP3IofXkzSvllOcNHn-bXppZy9ZLoiNkoWInqeQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 112524
last-modified: Fri, 22 Dec 2023 17:35:52 GMT
server: cloudflare
etag: "9bab72d0639fe5344555863e1cf3f07f"
vary: Accept-Encoding
x-goog-generation: 1703266552370239
content-type: application/javascript
x-goog-hash: crc32c=E05zjg==, md5=m6ty0GOf5TRFVYY+HPPwfw==
cache-control: public, max-age=900
x-goog-stored-content-length: 112524
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fb5e61df054bd2-BUF
expires: Wed, 03 Jan 2024 13:05:39 GMT

GET
H2 200 458ee5fd-0a1b-4efd-9591-91dc80540d26.jpeg
compote.slate.com/images/ 70 KB
71 KB 23ms
22ms Image
image/avif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compote.slate.com/images/458ee5fd-0a1b-4efd-9591-91dc80540d26.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-1170
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edb51802a54e6cde09fe4670f0979d9203f620cfb6fd19d9019a3a8d1239fc96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 4hQWnu4EMqRNhDosRv6wRaLZbgc1t0RL
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 12:50:38 GMT
fastly-io-served-by: vpop-kiad7010231
x-amz-request-id: S6Q2383WZ90QZ7PW
x-amz-server-side-encryption: AES256
age: 53391
x-cache: HIT, HIT
fastly-io-info: ifsz=183170 idim=1560x1040 ifmt=jpeg ofsz=71971 odim=1170x780 ofmt=avif
x-io: /images/458ee5fd-0a1b-4efd-9591-91dc80540d26.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-1170&width=1170&height=780&auto=avif
fastly-stats: io=1
content-length: 71971
x-amz-id-2: RXLdYRkvTpQRhIa84rg74ReBnwjH57JX+4ORKKu7ULsrrsEAPuM5btsAj6fd4Vt4XyCvBWKLHPM=
x-served-by: cache-iad-kiad7000176-IAD, cache-yyz4572-YYZ
server: AmazonS3
x-timer: S1704286239.955757,VS0,VE1
etag: "rzUDqKQrRsgoveT3vBD2z7x+RpylQXoVDkTK2kgaxwk"
vary: Accept
content-type: image/avif
cache-control: public, max-age=315360000
accept-ranges: bytes
x-cache-hits: 33, 1

GET
H2 200 a6202006-1dd3-4b9c-9e98-bcd3cc15beaa.png
compote.slate.com/images/ 12 KB
13 KB 20ms
19ms Image
image/avif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compote.slate.com/images/a6202006-1dd3-4b9c-9e98-bcd3cc15beaa.png?crop=1560%2C1040%2Cx0%2Cy0&s=image-390
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253a7ebd6f8aa12605b9d4fa48a30e12287d26d507a8e5bf210af18ca65ce3e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 08fb_ZjYW_ItntlpIEP0hf_BduoBpm1i
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 12:50:38 GMT
fastly-io-served-by: vpop-kiad7010213
x-amz-request-id: QPWR0WPK9P6QEWGM
x-amz-server-side-encryption: AES256
age: 57808
x-cache: HIT, HIT
fastly-io-info: ifsz=224699 idim=1560x1040 ifmt=png ofsz=12551 odim=390x260 ofmt=avif
x-io: /images/a6202006-1dd3-4b9c-9e98-bcd3cc15beaa.png?crop=1560%2C1040%2Cx0%2Cy0&s=image-390&width=390&height=260&auto=avif
fastly-stats: io=1
content-length: 12551
x-amz-id-2: B8seAAFCqoTSg83DzT/bGJlkNEjudAVNJn/ULFd8cKn4aVwVmUbfZRRJUpvHEv6/zq5dauTlv8o=
x-served-by: cache-iad-kcgs7200129-IAD, cache-yyz4572-YYZ
server: AmazonS3
x-timer: S1704286239.956038,VS0,VE0
etag: "QB7DF5VoMnrnPv49JmzXhlyiEDJfNzExZjVgpReMRlY"
vary: Accept
content-type: image/avif
cache-control: public, max-age=315360000
accept-ranges: bytes
x-cache-hits: 27, 3

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ 157 KB
52 KB 198ms
63ms Script
application/javascript 13.249.59.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.59.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-59-62.iah50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b4cd976b8ecd9dc78e3042692b91de6173d8633c411e374f418dfaa5c889b91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: VNmzZfXKTwOsUmlRjs_.PUNYEdcbJP0b
content-encoding: gzip
via: 1.1 b0921181e973f37be0dbce2713f6360e.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 12:30:21 GMT
last-modified: Thu, 14 Dec 2023 12:30:08 GMT
server: AmazonS3
x-amz-cf-pop: IAH50-C2
age: 1218
x-amz-server-side-encryption: AES256
etag: W/"6fe089e0f90d6043dba275907373c5a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: a6OtsTYY493qABccxu7alSlVkCutRXsMWQ1AuzVAxafuWjIBiBilSQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 715 B
376 B 163ms
162ms Fetch
text/plain 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=317377815201867&correlator=4114507770965891&eid=31079959%2C44807746%2C44780988&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x2&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704286239011&lmt=1704286239&adxs=1093&adys=1301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvip.xraynetwork.space%2F&vis=1&psz=357x0&msz=357x0&fws=4&ohw=1600&ga_vid=20762395.1704286239&ga_sid=1704286239&ga_hid=665782579&ga_fc=false&dlt=1704286238126&idt=510&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dhp-native-main-1%26threshold%3D400%26outstream_eligible%3Dfalse&cust_params=permutive%3D%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclqwueu5r003anmkpgmyaq1qc%26page_type%3Dhomepage%26ab_var%3D7_1%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled&adks=878418835&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0f7ca91a56657dd1fb2a62d121a985adcb3c228b9ae5c28938b4e6084f33ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vip.xraynetwork.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C24 6 KB
3 KB 102ms
32ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vip.xraynetwork.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:50:39 GMT
expires: Thu, 02 Jan 2025 12:50:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 100ms
33ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166975463695820&ev=PageView&dl=https%3A%2F%2Fvip.xraynetwork.space&rl=&if=false&ts=1704286239062&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4125&fbp=fb.1.1704286239057.726403331&cs_est=true&pm=1&hrl=8cc098&ler=empty&it=1704286238911&coo=false&cs_cc=1&cas=3689187221101849&rqm=GET

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 Jan 2024 12:50:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 388 KB
115 KB 74ms
47ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=homyv5Uzpu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
x-amz-version-id: 0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: BXJQVYW5KBCSN6FY
age: 247
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HzraUPuZm4qEDoyO0ZCFHpunrjD9Qn+zNSSnKDibr8lSNSR2RHjo0/L2nbSKn0JnJyUP1cHXLvmxnom+8B6/WTkiDhNhc+bu
last-modified: Tue, 19 Dec 2023 11:23:13 GMT
server: cloudflare
etag: W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83fb5e626be94bcf-BUF
expires: Wed, 03 Jan 2024 16:50:39 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7B05 14 KB
6 KB 33ms
33ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=vip.xraynetwork.space&origin=onetag&us_privacy=1---

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vip.xraynetwork.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:50:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 414710
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/ 2 KB
2 KB 109ms
44ms Script
text/javascript 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794295919/?random=1704286239095&cv=11&fst=1704286239095&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fvip.xraynetwork.space%2F&hn=www.googleadservices.com&frm=0&tiba=Slate%20Magazine%20-%20Politics%2C%20Business%2C%20Technology%2C%20and%20the%20Arts&us_privacy=1---&auid=57114035.1704286239&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794295919

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

023e7e1c7a24d8f3633d0471bc44d5a536c52562e53308c7b0ea5bcce3333b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxid Show response
16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/v2.0/ 12 B
221 B 167ms
103ms XHR
application/json 35.241.9.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co/v2.0/pxid?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
575 B 118ms
47ms XHR
application/json 68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
an-x-request-uuid: 437f78fb-bc3f-4076-9826-e0acc5607574
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vip.xraynetwork.space
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.42; 96.9.249.42; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7B05
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=xraynetwork.space&sn=ChromeSyncframe&so=0&topUrl=vip.xraynetwork.space&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=81L9j3xLVG9nNUlhSTZTLytxcmFpNGFnNXlldGFiREZFc25JOHdLcW5ON0JNMzI5RXZZWmx2cXg4Ky9NTkV0RkQrMkFkVzk4L1ZxZllOUHJrYmkrbU1YNzRyZjY2NDJxZlg5d2hIamx4UmNFODhwVUJSNnNwcUlHbFhNc1...

441 B
1 KB

120ms
55ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=81L9j3xLVG9nNUlhSTZTLytxcmFpNGFnNXlldGFiREZFc25JOHdLcW5ON0JNMzI5RXZZWmx2cXg4Ky9NTkV0RkQrMkFkVzk4L1ZxZllOUHJrYmkrbU1YNzRyZjY2NDJxZlg5d2hIamx4UmNFODhwVUJSNnNwcUlHbFhNc1N4ZWQvaU96bXRHUHBXQXhDWk12Vll3NnhEbVlsVVZvVXN4YVhUL2kzQldnTGxQUXB4Y0RaUCs5b3pEQUdjdlh3c3lMVGswSE5XUVl3SktJWkNZN0MvUDNGQ3RXcXA4dGtPSWxjRjkvdDk0dllQeUpuamZDRGp5RkxaanBnb3BUaitrbEJZaktGV3VJTGVKeFJMTlM0anFTRDMwMDdDZ3EwZzdCeExMaDJ0Q2JOcndzYVhuMD18&cppv=2

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

91d4449f4e2d827614c2cec3f52dfa30fdfffe29fba7136bf0179102849325df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 14771927
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=81L9j3xLVG9nNUlhSTZTLytxcmFpNGFnNXlldGFiREZFc25JOHdLcW5ON0JNMzI5RXZZWmx2cXg4Ky9NTkV0RkQrMkFkVzk4L1ZxZllOUHJrYmkrbU1YNzRyZjY2NDJxZlg5d2hIamx4UmNFODhwVUJSNnNwcUlHbFhNc1N4ZWQvaU96bXRHUHBXQXhDWk12Vll3NnhEbVlsVVZvVXN4YVhUL2kzQldnTGxQUXB4Y0RaUCs5b3pEQUdjdlh3c3lMVGswSE5XUVl3SktJWkNZN0MvUDNGQ3RXcXA4dGtPSWxjRjkvdDk0dllQeUpuamZDRGp5RkxaanBnb3BUaitrbEJZaktGV3VJTGVKeFJMTlM0anFTRDMwMDdDZ3EwZzdCeExMaDJ0Q2JOcndzYVhuMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 706281
content-length: 0
expires: 0

GET
BLOB 200
OK 292b3814-364a-4069-821d-f99b3b6b9f1d
https://vip.xraynetwork.space/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.xraynetwork.space/292b3814-364a-4069-821d-f99b3b6b9f1d
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ebeefbb501bcebec9e5b33c14f3a93365b6b334b43745caaffcf7ea61b07945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 164536
Content-Type

GET
BLOB 200
OK 65638a1e-8cbe-490d-86a2-755aa1aa6460
https://vip.xraynetwork.space/ 161 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.xraynetwork.space/65638a1e-8cbe-490d-86a2-755aa1aa6460
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ebeefbb501bcebec9e5b33c14f3a93365b6b334b43745caaffcf7ea61b07945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 164536
Content-Type

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 165ms
38ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 12:50:39 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 03-Jan-2024 12:50:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
fpa-events.slate.com/plogger/ 43 B
260 B 132ms
41ms Image
image/gif 35.168.31.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fpa-events.slate.com/plogger/?rand=1704286239206&plid=93460586&idsite=slate.com&url=https%3A%2F%2Fvip.xraynetwork.space%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fvip.xraynetwork.space%2F&sref=&sts=1704286239201&slts=0&title=Slate+Magazine+-+Politics%2C+Business%2C+Technology%2C+and+the+Arts&date=Wed+Jan+03+2024+02%3A50%3A39+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=83847891&u=pid%3D561b0740a8e3a01e8641b759fa15e8ac
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.168.31.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-31-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 12:50:39 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 03-Jan-2024 12:50:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 02027081-81f7-446c-9bd5-04ef978de3e2.jpeg
compote.slate.com/images/ 53 KB
53 KB 20ms
19ms Image
image/avif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compote.slate.com/images/02027081-81f7-446c-9bd5-04ef978de3e2.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-585
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 996dedee7d59cef5c0b99de9ed9914d262c77657f44e3fc09f0579ac14a68e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: _M0RLYFYxW039sWLxLFK4fmXGcjA81d2
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 12:50:39 GMT
fastly-io-served-by: vpop-kiad7010213
x-amz-request-id: 6QYJRQ5TFBK94J78
x-amz-server-side-encryption: AES256
age: 488056
x-cache: HIT, HIT
fastly-io-info: ifsz=418254 idim=1560x1040 ifmt=jpeg ofsz=53820 odim=585x390 ofmt=avif
x-io: /images/02027081-81f7-446c-9bd5-04ef978de3e2.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-585&width=585&height=390&auto=avif
fastly-stats: io=1
content-length: 53820
x-amz-id-2: Uu7gmCplLmJRhtBVX/uhW5Pg4gpHXKBCKN5RKTTxgrN/sNLE/0s9PZmlekM+nZWDJk9+zLcRd3s=
x-served-by: cache-iad-kjyo7100156-IAD, cache-yyz4572-YYZ
server: AmazonS3
x-timer: S1704286239.233264,VS0,VE0
etag: "DH9ih7JeulHfJEAjo1MrK3lSlf99SZZU+yjRgvkim7M"
vary: Accept
content-type: image/avif
cache-control: public, max-age=315360000
accept-ranges: bytes
x-cache-hits: 56, 2

GET
H2 200 5d9c3c05-bb69-47ab-a2d0-6fd74e5a3c87.jpeg
compote.slate.com/images/ 23 KB
24 KB 23ms
22ms Image
image/avif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compote.slate.com/images/5d9c3c05-bb69-47ab-a2d0-6fd74e5a3c87.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96acc05f0eb8a116236c3278b30de40f87645f1e67c3c702f13b4c4a45ab6af3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 82_JSKnBkwAMAAmsw767HtuQ4IWHdNen
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 12:50:39 GMT
fastly-io-served-by: vpop-kiad7010251
x-amz-request-id: 9YW7RX9RD6VG7RZG
x-amz-server-side-encryption: AES256
age: 1079609
x-cache: HIT, HIT
fastly-io-info: ifsz=333090 idim=1560x1040 ifmt=jpeg ofsz=23994 odim=390x260 ofmt=avif
x-io: /images/5d9c3c05-bb69-47ab-a2d0-6fd74e5a3c87.jpeg?crop=1560%2C1040%2Cx0%2Cy0&s=image-390&width=390&height=260&auto=avif
fastly-stats: io=1
content-length: 23994
x-amz-id-2: a9Sk9J3vjjH49byDfo400Nwszu/8kVpWk1JQWetS5qEUEqqnBNRctLuTFksvk5n/wye1GqJ6mBg=
x-served-by: cache-iad-kcgs7200173-IAD, cache-yyz4572-YYZ
server: AmazonS3
x-timer: S1704286239.233536,VS0,VE0
etag: "0h9EZbakmyIKRWggNsH0l7sAqQjuMNHTgcJLwWK/c90"
vary: Accept
content-type: image/avif
cache-control: public, max-age=315360000
accept-ranges: bytes
x-cache-hits: 18, 3

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 301 B
402 B 163ms
102ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip&include=ip_hash&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: ad12cb7aa17a6d6313ca689d6acfc5e1063740b3b5a841705ee948e5a6948921

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
78 B 168ms
108ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H3 200 analytics Show response
vip.xraynetwork.space/ 2 B
780 B 175ms
174ms Fetch
application/json 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/analytics?eventName=Page%2520View%2520with%2520Ads

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 2
x-served-by: cache-fra-eddf8230061-FRA
x-slate-uuid: 5db7eab9-b1e7-4a5e-8b03-06392a32c060
server: cloudflare
x-timer: S1704286239.359739,VS0,VE0
x-frame-options: sameorigin
vary: Origin
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgsnsnRjALpxipRwYr6Jw8kDunLEIK66S1SjwZqha54aBOUYw%2BfNkW5XWWvlwXEem%2BgW6TblmuLdlJy8ssv89ewIFnTRNChP%2BT8BkRdXHvesnYFpKg32Xti1zh7GOyauigvmv40Lph93y5Uct3Glu7PYYcc%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fb5e637fb04bcc-BUF
retry-after: 0
x-cache-hits: 0

GET
H2 200 16d3bd5c-bf92-4bf0-815a-eac397d3aadf-models.bin Show response
cdn.permutive.com/models/v2/ 24 KB
17 KB 220ms
159ms XHR
application/x-binary 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cb162f6387aac3aa111e7f4b6721eb65c7b8c2536bb7d5e54d67cd2e6d820f2

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-goog-meta-oid: 16d3bd5c-bf92-4bf0-815a-eac397d3aadf
age: 0
x-guploader-uploadid: ABPtcPoqOCR02OuxGEMKY1S1FuYgn7o_uMvQjdAxjoXBPBX1fKgfpBNhZaytEm7Y9v73bc-hTJexqSEojuvs5qXP69G-wA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 16889
last-modified: Wed, 03 Jan 2024 06:04:06 GMT
server: cloudflare
etag: "78adb6246b1e52ee8a121066412f4ee2"
vary: Accept-Encoding
x-goog-generation: 1704089019924694
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=3gLPAQ==, md5=eK22JGseUu6KEhBmQS9O4g==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 16889
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fb5e640a854bc1-BUF
expires: Wed, 03 Jan 2024 12:50:39 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 114ms
37ms Script
application/x-javascript 2600:1408:20:38d::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:20:38d::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 12:50:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 11:02:02 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6055
Expires: Wed, 03 Jan 2024 13:50:39 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
609 B 186ms
59ms Fetch
application/json 18.160.156.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/f6ed6589-5170-40c6-98bc-a4a49ff26fa8/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.156.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-156-128.iah50.r.cloudfront.net
Software: /
Resource Hash: 8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 06:25:31 GMT
via: 1.1 7c52bc60e0da5f557ed6047264a41c18.cloudfront.net (CloudFront), 1.1 5dd0955fe20fc8a6a28074fa431ff00a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P2, IAH50-P1
age: 23108
x-amzn-requestid: 0ff1e56e-192e-49d4-940f-2a0353bce7e7
x-amzn-trace-id: Root=1-6594fddb-2e51c3b0041596450f32c08e;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Q8yaSFIXjoEEqAg=
content-length: 30
x-amz-cf-id: OVvo-5ey5_mFzs6elhHzvPrrB3yvlivFjVZfPVgT1KyM1rknfFNXzg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 /
www.google.com/pagead/1p-user-list/794295919/ 42 B
455 B 109ms
44ms Image
image/gif 2607:f8b0:4004:c1f::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794295919/?random=1704286239095&cv=11&fst=1704283200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fvip.xraynetwork.space%2F&frm=0&tiba=Slate%20Magazine%20-%20Politics%2C%20Business%2C%20Technology%2C%20and%20the%20Arts&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_eueFOdRp8VsHrinWi4tNoAAN-5sb-w&random=1015172034&rmt_tld=0&ipr=y

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
510 B 37ms
37ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 10525
x-ms-lease-status: unlocked
last-modified: Wed, 03 Jan 2024 03:13:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 01f7c19d-b01e-003a-4e01-3e23fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 83fb5e642ce34bcd-BUF

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
259 B 162ms
107ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: fb40d9bd686de5e57bcaa98edfa2316295338ca097a32fa99bd1a6b21f057eec

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 403 verify
id.tinypass.com/id/api/v1/identity/token/ 0
0 75ms
64ms Script
application/json 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lqxs0uhhsaz7o8ry&page_view_id=lqxs0uhhyzd7oqnf&content_type=website&page_title=Slate+Magazine+-+Politics%2C+Business%2C+Technology%2C+and+the+Arts&callback=jsonp6198&client_id=homyv5Uzpu&site=https%3A%2F%2Fvip.xraynetwork.space
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 b690128a-1a41-4252-b1b4-3bf1e15b72bb.jpeg
compote.slate.com/images/ 22 KB
22 KB 19ms
19ms Image
image/avif 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://compote.slate.com/images/b690128a-1a41-4252-b1b4-3bf1e15b72bb.jpeg?crop=1560%2C1040%2Cx0%2Cy1&s=image-390
Requested by: Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8427fb8f8d7fc26d0c3032476871eeb26a249fc82b7938fdec67033373c4eec3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ZlGqoT5R1ZqXNSxn1ZC.yLHPD1jlZFnA
via: 1.1 varnish, 1.1 varnish
date: Wed, 03 Jan 2024 12:50:39 GMT
fastly-io-served-by: vpop-kiad7010231
x-amz-request-id: 46Q4J6MW0HW2W1N6
x-amz-server-side-encryption: AES256
age: 6573
x-cache: HIT, HIT
fastly-io-info: ifsz=332395 idim=1560x1041 ifmt=jpeg ofsz=22149 odim=390x260 ofmt=avif
x-io: /images/b690128a-1a41-4252-b1b4-3bf1e15b72bb.jpeg?crop=1560%2C1040%2Cx0%2Cy1&s=image-390&width=390&height=260&auto=avif
fastly-stats: io=1
content-length: 22149
x-amz-id-2: +ebk2dmK0a8DeG0BRYc/4HXL8HxfJZdUdIkb5IcLu8cqWyhme6t9InlTwIZw93n7+DvBJsGCbGM=
x-served-by: cache-iad-kcgs7200050-IAD, cache-yyz4572-YYZ
server: AmazonS3
x-timer: S1704286239.454005,VS0,VE0
etag: "rt9SvLkYGJE6MhHSWQ/4hjuyIRdZpVkDdR596e0B/nc"
vary: Accept
content-type: image/avif
cache-control: public, max-age=315360000
accept-ranges: bytes
x-cache-hits: 23, 3

GET
H2 200 event Show response
sslwidget.criteo.com/ 11 KB
5 KB 101ms
38ms Script
application/x-javascript 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=92394&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=i847LV9NMURNenFxRWVRWUNOdDNiam9hUm5zZVVYdnhFbGxQRnFQaHRkMGxlUTE2YmF2ZW9WcDlocGw0eGk5a3pVbjB2RUk2WWczakFXR3hwS1VwYzdPTlFxUmhLV1BxMmc3M1pqZGl2RTZrQTR1eTB5aUFWZnIxSHBVR1A4ZUZxckhkZ1Njd0hadFFRWDNFV0pUQmFlR3RUODNUOTZ0ckJKWlhseSUyQmclMkI3eVVPUlpFJTNE&tld=xraynetwork.space&dy=1&fu=https%253A%252F%252Fvip.xraynetwork.space%252F&ceid=e60e788a-2b4a-47fb-a073-e3ae43fcd92c&dtycbr=95237&cs=1---&cv=1

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5f37d7f402474d5006629c6c1ef944135eda5dccd1a9c9053449ff067f83b4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8654972
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 111 KB
37 KB 43ms
43ms Script
application/x-javascript 2600:1408:20:38d::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:20:38d::268b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 12:50:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 12:22:49 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37123
Expires: Wed, 03 Jan 2024 13:50:39 GMT

POST
H2 200 segment Show response
api.permutive.com/clm/v1/ 42 B
96 B 141ms
140ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 4fc0877e9979bb1ad14dc062667ccab419a29746d240cd7cbb84a78beed45cfe

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
content-type: application/json

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
67 B 144ms
143ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

POST
H2 200 audiences Show response
api.permutive.com/audience-matching/v1/id/72b982cc-3e70-4219-8778-ea76787f068d/ 12 B
64 B 172ms
171ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/72b982cc-3e70-4219-8778-ea76787f068d/audiences?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 208ms
54ms XHR
application/json 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bcb435a9b198ba1e334686bab95cf4265d73a0824e3c2e81dc629ef4722ece3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12268
x-xss-protection: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3F88
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_cm&google_hm=ay1iazFpZmVCZlBNUThZY01Mb0llY0Q0a1JUczhOTUJzQ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_gid=CAESEGzQOKhtHrFDiBlN46SDzYw&google_cver=1&google_ula=913071,0

43 B
370 B

31ms
31ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_gid=CAESEGzQOKhtHrFDiBlN46SDzYw&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1158962
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&google_gid=CAESEGzQOKhtHrFDiBlN46SDzYw&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 3F88
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Jie__uBfPMQ8YcMLoIecD4kRTs9yLaZvjKqwkw&expires=30&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Jie__uBfPMQ8YcMLoIecD4kRTs9yLaZvjKqwkw&expires=30&us_privacy=1---

43 B
510 B

44ms
44ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Jie__uBfPMQ8YcMLoIecD4kRTs9yLaZvjKqwkw&expires=30&us_privacy=1---
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 12:50:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Jie__uBfPMQ8YcMLoIecD4kRTs9yLaZvjKqwkw&expires=30&us_privacy=1---
Date: Wed, 03 Jan 2024 12:50:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3F88
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID&us_privacy=1---
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID%26us_privacy%3D1---
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6053733941246052100&us_privacy=1---

43 B
370 B

31ms
30ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6053733941246052100&us_privacy=1---

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1150975
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
an-x-request-uuid: 198ebdf2-d12b-4d15-943f-0c0eb1ea6b83
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6053733941246052100&us_privacy=1---
x-proxy-origin: 96.9.249.42; 96.9.249.42; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 3F88
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&custom=&tag_format=img&tag_action=sync&custom=&cb=74af878e-2a06-484f-ab0d-6647874...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-bk1ifeBfPMQ8YcMLoIecD4kRTs8NMBsAfjTIWw&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=74af878e-2a06-484...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=6053733941246052100&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=b2b200b0-aa36-11ee-a6c7-95ac49505d2c?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=b2b200b0-aa36-11ee-a6c7-95ac49505d2c?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=dcd77815225567257d4b86585423df71&tag_format=img&tag_action=sync&cb=913652626
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=dd30e361-ee94-4cf6-b456-8308b585b488&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=b2b200b0-aa36-11ee-a6c7-95ac49505d2c&cb=1704286240439&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a1398a2c-c422-43d7-9803-40dcc36d0e34&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704286240439

0
405 B

41ms
41ms

Image
text/plain

52.200.110.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a1398a2c-c422-43d7-9803-40dcc36d0e34&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704286240439
Protocol: H2
Server: 52.200.110.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-110-248.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 03 Jan 2024 12:50:40 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:40 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a1398a2c-c422-43d7-9803-40dcc36d0e34&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704286240439
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Wed, 03 Jan 2024 12:50:39 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 3F88 57 B
813 B 238ms
92ms Image
image/gif 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-PinbuOBfPMQ8YcMLoIecD4kRTs83JooP-56new&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 12:50:39 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Wed, 03 Jan 2024 12:50:39 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 3F88 42 B
968 B 240ms
33ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-KXGhSuBfPMQ8YcMLoIecD4kRTs_D3qfwvCh2ag&expires=30&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 5b6c391ede0c9b3c7eab11a335db29fb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 3F88 43 B
688 B 187ms
38ms Image
image/gif 216.22.16.40
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-gzLmg-BfPMQ8YcMLoIecD4kRTs_BfSxS-L0qWw&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.22.16.40 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 Jan 2024 12:50:38 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3F88 0
375 B 187ms
39ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-TNfHO-BfPMQ8YcMLoIecD4kRTs_H-0t2u3MSMA&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 32977

GET
H2 200 um
criteo-sync.teads.tv/ Frame 3F88 23 B
278 B 219ms
71ms Image
image/gif 23.219.9.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-aMhVdeBfPMQ8YcMLoIecD4kRTs9Iiovvqq5vjA&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.9.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-9-47.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 03 Jan 2024 12:50:39 GMT
pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 3F88
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-XctF-uBfPMQ8YcMLoIecD4kRTs9mic3KVKuWCQ&dongle=013b&us_privacy=1---
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-XctF-uBfPMQ8YcMLoIecD4kRTs9mic3KVKuWCQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---

37 B
354 B

36ms
35ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-XctF-uBfPMQ8YcMLoIecD4kRTs9mic3KVKuWCQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 03 Jan 2024 12:50:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-XctF-uBfPMQ8YcMLoIecD4kRTs9mic3KVKuWCQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=1---
date: Wed, 03 Jan 2024 12:50:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 3F88
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&verify=true

0
121 B

44ms
44ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&verify=true

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&verify=true
date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 3F88 57 B
668 B 453ms
132ms Image
image/gif 23.40.207.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.40.207.42 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-207-42.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 03 Jan 2024 12:50:40 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 03 Jan 2024 12:50:40 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 3F88 49 B
385 B 127ms
42ms Image
image/gif 3.128.106.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-lY1b7-BfPMQ8YcMLoIecD4kRTs_GZc-n2QsquQ&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.128.106.141 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-128-106-141.us-east-2.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 3F88
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40&us_privacy=1---
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=RyTvkdyVobbH-wy_9S80VfcnPQSlJlGe

62 B
548 B

239ms
128ms

Image
image/gif

23.219.12.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=RyTvkdyVobbH-wy_9S80VfcnPQSlJlGe
Protocol: H2
Server: 23.219.12.236 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-12-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 03 Jan 2024 12:50:39 GMT
content-length: 62
bk-server: c4d2
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=RyTvkdyVobbH-wy_9S80VfcnPQSlJlGe
date: Wed, 03 Jan 2024 12:50:39 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 746493
content-length: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 3F88
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-p0RPueBfPMQ8YcMLoIecD4kRTs-1gudyoSp3Hg&us_privacy=1---
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-p0RPueBfPMQ8YcMLoIecD4kRTs-1gudyoSp3Hg&us_privacy=1---&C=1

43 B
341 B

53ms
52ms

Image
image/gif

2606:4700:4400::6812:249b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-p0RPueBfPMQ8YcMLoIecD4kRTs-1gudyoSp3Hg&us_privacy=1---&C=1
Protocol: H2
Server: 2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WO%2F%2FcLECi1JKOanJPpJLJ61AMEumuyKs7wB%2FGGqUNhUQrjbwGsCzl15VQ7SjCu6mj1c0HchKROXsBRxIhm6bzCvQNbSgf67vLk8oLaJgRBRVSC%2FGKL0DDXyfb79PxbOXatmDhc91WUpGZPxF9W8z"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fb5e679d664bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFR1iWqRzGZMJq4nFOKBZL4CtQ8VTXWascGq6%2By6CWdpOt2iPZTmdOr%2BPxHCOI5oCZYTWh7abiGVxdDP635pK%2B2pWsKyi%2FTdZZX587PSbECWDj%2FtDCc41TfVlm9njM3DZtEpf0NAkCj7G5tKX5Rn"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-p0RPueBfPMQ8YcMLoIecD4kRTs-1gudyoSp3Hg&us_privacy=1---&C=1
cache-control: no-cache
cf-ray: 83fb5e673d464bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 3F88 43 B
661 B 711ms
36ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-8cy21uBfPMQ8YcMLoIecD4kRTs9SG2e81vAkrA&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 12:50:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1704286240496018-1164

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3F88
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hYuRrOBfPMQ8YcMLoIecD4kRTs-xMKQPrhBsxA&us_privacy=1---
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hYuRrOBfPMQ8YcMLoIecD4kRTs-xMKQPrhBsxA&us_privacy=1---

43 B
446 B

42ms
42ms

Image
image/gif

52.201.167.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hYuRrOBfPMQ8YcMLoIecD4kRTs-xMKQPrhBsxA&us_privacy=1---
Protocol: H2
Server: 52.201.167.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-167-43.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:39 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hYuRrOBfPMQ8YcMLoIecD4kRTs-xMKQPrhBsxA&us_privacy=1---
access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

sync
pippio.com/api/ Frame 3F88
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gG0hR-BfPMQ8YcMLoIecD4kRTs8-uDhaNPYngg&us_privacy=1---
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-gG0hR-BfPMQ8YcMLoIecD4kRTs8-uDhaNPYngg&us_privacy=1---&_li_chk=true&previous_uuid=edf75317638a47ac831b25d7b2e5b82d
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=edf75317-638a-47ac-831b-25d7b2e5b82d&us_privacy=1---
https://p.rfihub.com/cm?pub=39342&in=1&userid=7136974c-f8e6-4637-84f4-b37a026d2afb%3A1704286240.3148437&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D7136974c-f8e6-4637...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=979321841173714391&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D7136974...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=7136974c-f8e6-4637-84f4-b37a026d2afb%3A1704286240.3148437&pid=500040&it=1&iv=7136974c-f8e6-4637-84f4-b37a026d2afb%3A1704286240.3148437&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1704286240.3165956&iv=7136974c-f8e6-4637-84f4-b37a026d2afb:1704286240.3148437

42 B
569 B

117ms
58ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1704286240.3165956&iv=7136974c-f8e6-4637-84f4-b37a026d2afb:1704286240.3148437
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1704286240.3165956&iv=7136974c-f8e6-4637-84f4-b37a026d2afb:1704286240.3148437
Date: Wed, 03 Jan 2024 12:50:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 3F88 0
967 B 126ms
39ms Image
text/html 44.218.225.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-KBDUcOBfPMQ8YcMLoIecD4kRTs_A1btFHJtAOw&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.225.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-218-225-237.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:39 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame 3F88 42 B
689 B 112ms
46ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-sWf_3OBfPMQ8YcMLoIecD4kRTs9l1Td2lWPPRg&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:38 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65F1772D411C45EE93F390742CA8DDEF Ref B: EWR311000104035 Ref C: 2024-01-03T12:50:39Z
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 3F88 43 B
535 B 143ms
42ms Image
image/gif 34.193.251.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-7_M_zOBfPMQ8YcMLoIecD4kRTs9YMgQxjXrgHg&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-251-250.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 3F88 0
287 B 144ms
34ms Image
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Qm65wuBfPMQ8YcMLoIecD4kRTs-Js0uskkEWaw&initiator=partner&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 12:50:40 GMT
Cache-Control: no-cache
X-TraceId: b331aec281cffc5aa3d4f75d361e5009
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3F88 42 B
579 B 85ms
26ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-1mI21uBfPMQ8YcMLoIecD4kRTs-IvyhOyVZnBg&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 03 Jan 2024 12:50:40 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 3F88 0
0 132ms
43ms Image
application/json 3.232.254.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-PYZegOBfPMQ8YcMLoIecD4kRTs89Oogc_otRiQ&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.232.254.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-254-109.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 3F88 68 B
280 B 132ms
41ms Image
image/png 54.86.60.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-BmtDNeBfPMQ8YcMLoIecD4kRTs-uI93eiNObBQ&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.60.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-60-193.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3F88 0
308 B 365ms
97ms Image
text/plain 2600:9000:2548:600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-31T3SeBfPMQ8YcMLoIecD4kRTs8kzHy8LIhqfg&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2548:600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
cache-control: no-cache, must-revalidate
via: 1.1 22fa6751aa43c58102eb69ce699317cc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAH50-P2
x-amz-cf-id: zJ73_5XB7jcgwIPqkypP0dViHGUVr_MPleNdM1NAzq1hIuTUHSn8Xg==
x-cache: Miss from cloudfront

GET
H2 200 setuid
ib.adnxs.com/ Frame 3F88 43 B
852 B 35ms
34ms Image
image/gif 68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-g5nrzeBfPMQ8YcMLoIecD4kRTs-3Pa3TFm0JWA&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:39 GMT
an-x-request-uuid: 7202d914-53da-4213-b685-871c48fb9574
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.42; 96.9.249.42; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 segment Show response
api.permutive.com/clm/v1/ 42 B
55 B 129ms
129ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 4fc0877e9979bb1ad14dc062667ccab419a29746d240cd7cbb84a78beed45cfe

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
content-type: application/json

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 216ms
148ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 12:50:40 GMT

GET
H2

200

cksync
hb.yahoo.net/ Frame 3F88
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&redir=true&us_privacy=1---
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12ajRCZkk1RTJ1Rk5Gbnl6cl9hSEl5YURFcndhUnJLbX5B&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&dpid=58301

57 B
669 B

307ms
131ms

Image
image/gif

23.40.207.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS12ajRCZkk1RTJ1Rk5Gbnl6cl9hSEl5YURFcndhUnJLbX5B&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&dpid=58301

Protocol

Server

23.40.207.42 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-40-207-42.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 03 Jan 2024 12:50:40 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Wed, 03 Jan 2024 12:50:40 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS12ajRCZkk1RTJ1Rk5Gbnl6cl9hSEl5YURFcndhUnJLbX5B&ovsid=k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA&us_privacy=1---&dpid=58301
date: Wed, 03 Jan 2024 12:50:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 3F88
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40&us_privacy=1---
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Vf_3IZvdS5_wipnq1vR7AuYYvQwT373C
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Vf_3IZvdS5_wipnq1vR7AuYYvQwT373C

42 B
715 B

43ms
42ms

Image
image/gif

44.206.92.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Vf_3IZvdS5_wipnq1vR7AuYYvQwT373C

Protocol

Server

44.206.92.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-206-92-227.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-00949e323.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Wed, 03 Jan 2024 12:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Q/+Vz/znSYA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-084f61900.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Wed, 03 Jan 2024 12:50:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: JfG88In5TM4=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=Vf_3IZvdS5_wipnq1vR7AuYYvQwT373C
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 252ms
251ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 1cfcc2e64d4a7ef0ce123dc7618d6385514da67a3afbdd85629fb43ad70dc2cc

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 3F88
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40&us_privacy=1---
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=UZl7gQjnK6NUXI75vJLlnDQuDTtCqA-B

43 B
655 B

263ms
92ms

Image
image/gif

18.160.172.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=UZl7gQjnK6NUXI75vJLlnDQuDTtCqA-B
Protocol: H2
Server: 18.160.172.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-172-92.iah50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:50:40 GMT
via: 1.1 aac34701788186dd84599aec4e884830.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAH50-P2
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: 6Xxsc8h-TN7MKVc3ZJp3M8TB72GJ-piTYvTn3-fJtpic-NCSlexIaQ==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=UZl7gQjnK6NUXI75vJLlnDQuDTtCqA-B
date: Wed, 03 Jan 2024 12:50:39 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1376665
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D65C 13 KB
5 KB 34ms
32ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vip.xraynetwork.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 11:07:44 GMT
expires: Thu, 02 Jan 2025 11:07:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A2C1 829 B
978 B 50ms
48ms Document
text/html 2607:f8b0:4004:c1f::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24bd7a24282c6be4915dee95994835e15ae6e55479722ebf27a84a48d8beaff9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AekaSFdkcwfaliSpxuiv0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vip.xraynetwork.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AekaSFdkcwfaliSpxuiv0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:50:40 GMT
expires: Wed, 03 Jan 2024 12:50:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D65C 39 KB
15 KB 96ms
33ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 12:26:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A2C1 0
0 95ms
47ms Image
text/html 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=317377815201867&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 93 B
308 B 93ms
92ms Fetch
application/json 52.40.254.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.254.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-254-121.us-west-2.compute.amazonaws.com

Software

Resource Hash

61ad9b9b668b252f873ff736898e05f0a7ae0fc667855c9ea7e17cb646ce3664

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-65955820-11e816f539b101453f695ad7
content-length: 93

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D65C 0
10 B 31ms
31ms Image
text/plain 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jQDsxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 268ms
88ms Preflight 52.40.254.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.254.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-254-121.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vip.xraynetwork.space
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Wed, 03 Jan 2024 12:50:40 GMT
strict-transport-security: max-age=15768000

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 245ms
245ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:40 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

POST
H3 200 segment Show response
api.permutive.com/clm/v1/ 42 B
55 B 149ms
149ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/clm/v1/segment?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 4fc0877e9979bb1ad14dc062667ccab419a29746d240cd7cbb84a78beed45cfe

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
content-type: application/json

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
123 B 108ms
107ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: fb40d9bd686de5e57bcaa98edfa2316295338ca097a32fa99bd1a6b21f057eec

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 03 Jan 2024 12:50:40 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/72b982cc-3e70-4219-8778-ea76787f068d/ 12 B
25 B 177ms
177ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/72b982cc-3e70-4219-8778-ea76787f068d/audiences?k=dd4993d6-d26a-48b5-bf2d-05b09fb85de3
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/16d3bd5c-bf92-4bf0-815a-eac397d3aadf-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:50:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Image
text/html 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=317377815201867&bg=!EhGlEV7NAAY3kmNgF5I7ADQBe5WfOF9EivT_h1f1Hj45OGHt7XsWIUG7XAec88V2qcG-wrR5o5_0XnMzwKlNTfDImbxmAgAAAGhSAAAABGgBB5kDFOt8YTjZqEgG1CZy7XhczR5tULgOlV30zKBXrQJFNEQgCvcWM6FGp5ecfoaDGfZhWjzpUE8E2AgFTbYgAUK0ncGJ56TREp0n7Zlf7nW51zuhpiLcV-p7iyC0UOpEhvsRhVXJsBMsvUqurwMH7WV_BDTq6nbmvtvB9M8efsrXtzXfQdxrcnP2OGe1GJzj8JYswLT06aZ5E2eS1YaGSoUX82SPOMUKnNm398rpdh5-P6jh0M_eSONpsFqV5MxuHwfYP_ZPakopnPu3K3d2git5W5dfZq3ohCCdIN6lN2JlJE6azrF02gRkkv2Tt046inj6YDn1IkUMT97wVTEkcDhAQBsuMEK8ZX81tdmjVD0uPtiFxonawy_nfKWmhS9n9AkrzCO2mqyJObBBiEIxiVs7HMtGF4sQ3lVKzptoJ2wClKzTQIJdnvV-lRFGcLFl5F4lsy_1IG_L-ZCrno0nw1j8luEUgblBKDtlBar-yo2lTt-o4rxSzGyT_7rt_eawQnaoKUayN675oxsFIYVcXUXY-9bLCAK7H3jkVBM-2dD5Pr2qBJl8lNpNps2ZUYdHhwfW__LU1La-BvmWnFy1pqOHkmew6vgca3yNY8vg3nHggcwguTGlH5iuTauwQMJ5rNwZm2Rz4wQBEag_xu1B3yZBUJrpGexl4OI8gWaA6-C-Td60jCLtjH64u6yQGYHnPeaLFUGIjnbYLesEWjr67Gm1fUXWSXaiq0K2XpuG-EF-NDIFBFaWT7HTEyvgwpq5ui_dEwO0wDA9y83CGz8AUGGHBKr9X2PHIwe22VtfcsAbvVeD3G9Rgcuv571KH9RMT5RdC9g8v8xMbGBqQHTiOaUq6tKneEG2jN3H1lJRBAujFURI4ReBp6uqWrMsrm5yCIVyoB_4eGFhRn9lpK4AQJT2-GI6gGHWWJgQAXSfZm-3JoLKjKECyCUyJqls1DynQz4J6OIaFgMPKFxa2srhrPFMJVMCouCIbnF5BI_Z5ceSMuRbLwx0xg1d_UOeapDmSkPDj1Rh76I6z5f9L90hZ8FBKd3Ocw_B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 242ms
241ms Fetch
text/plain 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=317377815201867&correlator=4114507770965891&eid=31079959%2C44807746%2C44780988&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&us_privacy=1---&iu_parts=91898098%2Cslate.com%2Chomepage&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x2%7C300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dea43853ff7d5c62b%3AT%3D1704286239%3ART%3D1704286239%3AS%3DALNI_MbbszkMCFeirXT3OAKtkbNVY0j5xg&gpic=UID%3D00000db0838258d5%3AT%3D1704286239%3ART%3D1704286239%3AS%3DALNI_MYTEexfOzIrKcTI_2HEwL9huC7ZBQ&abxe=1&dt=1704286241470&lmt=1704286241&adxs=1093&adys=1286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvip.xraynetwork.space%2F&vis=1&psz=357x280&msz=357x250&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=20762395.1704286239&ga_sid=1704286239&ga_hid=665782579&ga_fc=false&dlt=1704286238126&idt=510&prev_scp=site%3Dredux%26refresh%3Dno%26pos%3Dhp-native-flex-1%26threshold%3D200%26outstream_eligible%3Dfalse&cust_params=permutive%3D21247%252C52448%252Crts%26dfp_cache_buster%3D05ba2b1080a26ec4d2b5c4cab86e35ed282ed644%26page_id%3Dclqwueu5r003anmkpgmyaq1qc%26page_type%3Dhomepage%26ab_var%3D7_1%26article_right_rail%3Dfalse%26max_width_test%3Ddisabled%26prmtvsdk%3Dweb&adks=2296435458&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b94bab84e77345a02aa86d0f70f43083ff2eeb94faad81f25195239704c55ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13226
x-xss-protection: 0
google-lineitem-id: 5411507909
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315736916
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vip.xraynetwork.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C93 0
0 49ms
48ms Fetch
image/gif 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0fBaks4eVxSJ_2MeyPByjlPbfh_mQrO-05C6w5OfUi4fnCAaH5LxTnZ7z4n1Y7uKKUgf2cpU3UuQ9xdzsWkMsaw3Sg8rhlZLOxUMa3ITWoVjVqO9VMi4zNjsSFYRSObHO2nkvCpbd0lP5v1aUJnpKuJhoANCR83fzhGkocSS_kA1a8I4SImCjuO28iLhmiYRiuJg9K3B6WKFmNRSXIqFUTamrMtP5Oh2pCyxF4qI5tzh_ZlioagsYoGbQZrpIy80GKdaHGDC2vw3qvdYIMDHr5MBu29F025LbwXa82FkKMudTPK9RfbF3ucHOoJUmH8qA8I8F5HYkGtbdtINE2dZB9nzQrNwgtMh1ETzIN1T6HL81_eeacTGu2ZikPkk9hdVXdjH6foxPLtvNfM-1X38&sai=AMfl-YR9qvw-6ajNl9mlwvm5jfXm-gwNwHCbbkDU4k8nVN_VwNhpaHVhnAG98vn9_3O1-1VyuqKQWdmdO2kxji-d9n4fkMODYQ99aPmFHsmXn9a49uY1kIooIMO0_I_-4EY&sig=Cg0ArKJSzDwpGwOZpRZ2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C93 194 KB
62 KB 98ms
32ms Script
text/javascript 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:50:41 GMT

GET
H3 200 analytics Show response
vip.xraynetwork.space/ 2 B
780 B 173ms
173ms Fetch
application/json 2606:4700:3037::6815:128b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.xraynetwork.space/analytics?eventName=Ads%2520Performance&eventData=%257B%2522timeToFirstAdLoad%2522%253A4115%252C%2522campaignId%2522%253A204384138%257D

Requested by

Host: vip.xraynetwork.space
URL: https://vip.xraynetwork.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:128b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:41 GMT
via: 1.1 varnish
content-security-policy: upgrade-insecure-requests;frame-ancestors 'self' slate.com *.slate.com *.my.slate.com
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 2
x-served-by: cache-fra-etou8220057-FRA
x-slate-uuid: 1dc4e639-c73d-49ef-9ae2-1b069f059dca
server: cloudflare
x-timer: S1704286242.832083,VS0,VE0
x-frame-options: sameorigin
vary: Origin
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49oVgz4x2KahDZPjyfwb%2FG1ETo7oaeAUJhkS03YGxN2PkuPzQZLTu4rDyqdBMZlo0e%2FpqRqiK9FViQZ38ucN29eip0yHs5cJd%2F9Nwi6cpijfHU0N99GPmfCidkXmtEPIK2QO%2B6%2BvEgXtKimAH4wwDhbOIqA%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 83fb5e72ecf44bcc-BUF
retry-after: 0
x-cache-hits: 0

GET
H3 200 13360417616352593330
tpc.googlesyndication.com/simgad/ 14 KB
14 KB 33ms
32ms Image
image/png 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13360417616352593330?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e02b4ccaf20aa44a8e697a957252f5aeee181e41df5690181d1b1105566107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 23:58:16 GMT
date: Tue, 02 Jan 2024 23:58:16 GMT
x-content-type-options: nosniff
age: 46345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13843
x-xss-protection: 0
last-modified: Tue, 30 Jun 2020 20:32:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 103ms
102ms Fetch
application/json 52.40.254.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.1.4-min.js.gz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.254.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-254-121.us-west-2.compute.amazonaws.com

Software

Resource Hash

03f889d10edc8ee55a1b5047194e79803c90717c11be7bc024c25dd34c3a0451

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Jan 2024 12:50:41 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-65955821-42b59e665f84065800ea6022
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 88ms
87ms Preflight 52.40.254.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.254.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-254-121.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vip.xraynetwork.space
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Wed, 03 Jan 2024 12:50:41 GMT
strict-transport-security: max-age=15768000

GET
DATA 200
OK truncated
/ Frame 8C93 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b179d318766671ead972f4820e429f487c0ba3da2111ce704aeb574d1a13de08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C93 0
0 49ms
48ms Fetch
image/gif 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbWF-982NCxKLREw9ztcJZZCIKeC47oTBbxxLTmTxcZUjcfMh6aHHV4w31PPjEW7RA5lFnFMlrsv2dhsrdt51DlWyGy5tTP0PGSI5CKvaFRd7uLthRkMd3SqLzANJykOZ6RLEQ2ucXrPcZrx9lTmbamgZwGUqdtKzu_PGsVMXR_EpX8Sxdsmh110Fqd-sslzOIlltCTUm4nJea8o2Oj0wk78Szalp3Hh8j0BGUTzE9h79PKgVEMjVE8B-JSNbBLpB1Si6JBBQ1k0klRTa9hb56vMFjZXmtV7eOlCpeMfkczBhEOcw4_Jplh2qXOZFQXSh3ELK3p9u_yMJZaGEE2f7iu0qeHmCZiTQMLfkdkBd3aNZDE7y3zkxxxjEpY8F2IYDS_pI&sai=AMfl-YToNYXqP_xTEzfGzWHU36aech4tfGbggBO7MVelAhiO-BBZBKSHkHf3t3wCM99PtrDGovv6CQX1aGrkI_uJrAhet69sKJPCgiyuezSDWWblH_afteMia3cQDbCqvHw&sig=Cg0ArKJSzOxypmNpSZNsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 12:50:41 GMT

GET
H2 200 json Show response
trc.taboola.com/unknown-site-on-slate1-network/trc/3/ 31 B
449 B 64ms
61ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-slate1-network/trc/3/json?tim=02%3A50%3A43.570&lti=deflated&data=%7B%22id%22%3A816%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704278667852%2C%22vi%22%3A1704286243565%2C%22cv%22%3A%2220240103-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fslate.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fvip.xraynetwork.space%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8303%2C%22nsid%22%3A%22slate1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dslate1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A7781.4375%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dslate1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240103-12-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://vip.xraynetwork.space/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 42
date: Wed, 03 Jan 2024 12:50:43 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 13590
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-yyz4535-YYZ
x-log-content-encoding: gzip
server: nginx
x-timer: S1704286244.583211,VS0,VE42
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://vip.xraynetwork.space
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/ 0
89 B 40ms
33ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=02%3A50%3A43.561&type=warn&msg=Error%20while%20calling%20__tcfapi%3AgetTCData(TypeError%3A%20window.__tcfapi%20is%20not%20a%20function)&llvl=2&id=1298&cv=20240103-12-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 35251

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/ 0
89 B 38ms
37ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=02%3A50%3A43.683&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=8777&cv=20240103-12-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 39978

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/ 0
89 B 38ms
38ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=02%3A50%3A43.684&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=7023&cv=20240103-12-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 39978

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-slate1-network/log/2/ 0
89 B 39ms
38ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-slate1-network/log/2/debug?tim=02%3A50%3A43.685&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=6532&cv=20240103-12-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.xraynetwork.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:50:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 39978

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:07:58	Name: _li_ss Value: CggKBgiiARDxFg
vip.xraynetwork.space/	1970-01-21 02:10:22	Name: AB Value: 7_1
cdn.taboola.com/	1970-01-20 17:24:57	Name: abLdr Value: 29
vip.xraynetwork.space/	1970-01-21 02:10:22	Name: usprivacy Value: 1---
.xraynetwork.space/	1970-01-20 19:34:22	Name: _fbp Value: fb.1.1704286239057.726403331
.xraynetwork.space/	1970-01-20 19:34:22	Name: _gcl_au Value: 1.1.57114035.1704286239
.criteo.com/	1970-01-21 02:46:22	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:46:22	Name: uid Value: 46aa14cd-ca67-495d-a639-e40563927378
.xraynetwork.space/	1970-01-20 21:46:51	Name: permutive-id Value: 72b982cc-3e70-4219-8778-ea76787f068d
.xraynetwork.space/	1970-01-20 17:24:48	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://vip.xraynetwork.space/%22%2C%22sref%22:%22%22%2C%22sts%22:1704286239201%2C%22slts%22:0}
.xraynetwork.space/	1970-01-21 02:54:10	Name: _parsely_visitor Value: {%22id%22:%22pid=561b0740a8e3a01e8641b759fa15e8ac%22%2C%22session_count%22:1%2C%22last_session_ts%22:1704286239201}
.xraynetwork.space/	1970-01-21 02:46:22	Name: __gads Value: ID=ea43853ff7d5c62b:T=1704286239:RT=1704286239:S=ALNI_MbbszkMCFeirXT3OAKtkbNVY0j5xg
.xraynetwork.space/	1970-01-21 02:46:22	Name: __gpi Value: UID=00000db0838258d5:T=1704286239:RT=1704286239:S=ALNI_MYTEexfOzIrKcTI_2HEwL9huC7ZBQ
.xraynetwork.space/	1970-01-21 02:53:34	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAmATgFYA7AAZew8dwBsAFi79J-EAF8gA
.xraynetwork.space/	1970-01-21 02:53:34	Name: _pcid Value: %7B%22browserId%22%3A%22lqxs0uhhsaz7o8ry%22%7D
.xraynetwork.space/	1970-01-21 02:53:34	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.criteo.com/	1970-01-21 02:46:22	Name: partitioned_bundle Value: 6CDMu19NMURNenFxRWVRWUNOdDNiam9hUm5zZVVYdnhFbGxQRnFQaHRkMGxlUTE2YmF2ZW9WcDlocGw0eGk5a3pVbjB2RUk2WWczakFXR3hwS1VwYzdPTlFxUmhLV1BxMmc3M1pqZGl2RTZrQTR1eTB5aUFWZnIxSHBVR1A4ZUZxckhkZ3hRNmZ4Y0F4TDQwckFuUnZkYll5Y2RMSFFQWUFHTGl3TyUyRldvdWZXTEh5dmFlZGFxRnVhVm84c3N5Wjc3YTNobQ
vip.xraynetwork.space/	1970-01-20 17:24:46	Name: __adblocker Value: false
.xraynetwork.space/	1970-01-20 17:25:29	Name: _parsely_tpa_blocked Value: {%22tpab%22:false}
.xraynetwork.space/	1970-01-21 02:54:10	Name: cto_bundle Value: i847LV9NMURNenFxRWVRWUNOdDNiam9hUm5zZVVYdnhFbGxQRnFQaHRkMGxlUTE2YmF2ZW9WcDlocGw0eGk5a3pVbjB2RUk2WWczakFXR3hwS1VwYzdPTlFxUmhLV1BxMmc3M1pqZGl2RTZrQTR1eTB5aUFWZnIxSHBVR1A4ZUZxckhkZ1Njd0hadFFRWDNFV0pUQmFlR3RUODNUOTZ0ckJKWlhseSUyQmclMkI3eVVPUlpFJTNE
id.tinypass.com/	1970-01-20 17:24:46	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862631963EA45639467593466FE96E1B94233A5B9EBB294C565FA2FDD4EC6FEA88C189FEE1D74EFF9BF8E14429F8800789B
vip.xraynetwork.space/	1970-01-20 17:26:12	Name: _lr_geo_location_state Value: NY
vip.xraynetwork.space/	1970-01-20 17:26:12	Name: _lr_geo_location Value: US
.adnxs.com/	1970-01-20 19:34:22	Name: uuid2 Value: 6053733941246052100
.adnxs.com/	1970-01-20 19:34:22	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVVd8eyj!]tbPl@/D!9hy6]/Cr.d4u@n0jP@+h5uefl#1Z24L!p+/[iIQAT$QXi8b(wkB(tq?13F]]+%C8bpRzqF1`bbug+RAcx
.3lift.com/	1970-01-20 19:34:22	Name: tluid Value: 1705012844134482381649
.smartadserver.com/	1970-01-21 02:55:00	Name: pid Value: 2561029896099357367
.smartadserver.com/	1970-01-21 02:55:00	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:11:48	Name: csync Value: 79:k-gzLmg-BfPMQ8YcMLoIecD4kRTs_BfSxS-L0qWw
.taboola.com/	1970-01-21 02:10:22	Name: t_gid Value: 75bfec68-4fcb-4a0f-aada-6852e2943155-tuctc8edd9f
.taboola.com/	1970-01-21 02:10:22	Name: t_pt_gid Value: 75bfec68-4fcb-4a0f-aada-6852e2943155-tuctc8edd9f
.bidswitch.net/	1970-01-21 02:10:22	Name: tuuid Value: c4364992-a0e6-4d6c-ba1d-4496a235ff44
.bidswitch.net/	1970-01-21 02:10:22	Name: c Value: 1704286239
.bidswitch.net/	1970-01-21 02:10:22	Name: tuuid_lu Value: 1704286239
.doubleclick.net/	1970-01-21 03:00:46	Name: IDE Value: AHWqTUlZjlWqCXEHYklkhgevZRTIoOdUhms16P2QeZydHNfSxgY6SZ7-M2ccnHbCj-Q
.yahoo.com/	1970-01-21 02:10:43	Name: A3 Value: d=AQABBB9YlWUCEAI3MuOtXOjGi4zij8Yu6KEFEgEBAQGplmWfZdxH0iMA_eMAAA&S=AQAAAtBYi1vY1hvnEer3uMMX_fY
.teads.tv/	1970-01-21 02:08:55	Name: tt_viewer Value: e883fec6-1d94-4112-90d6-b10d5c0ecb67
.mediawallahscript.com/	1970-01-21 03:00:46	Name: mCookie Value: b2b200b0-aa36-11ee-a6c7-95ac49505d2c
.mediawallahscript.com/	1970-01-21 03:00:46	Name: mUserCookie Value: %7B%7D
.media.net/	1970-01-21 02:10:22	Name: visitor-id Value: 3472878396634615000V10
.media.net/	1970-01-20 18:07:58	Name: data-c-ts Value: 1704286239
.media.net/	1970-01-20 18:07:58	Name: data-c Value: k-PinbuOBfPMQ8YcMLoIecD4kRTs83JooP-56new~~3
.rubiconproject.com/	1970-01-21 02:10:22	Name: khaos Value: LQXS0UV8-4-DI1A
.rubiconproject.com/	1970-01-21 02:10:22	Name: audit Value: 1\|OMhXfmDPULplEo6BNqE7dp/S+B3dhHQ5Lv4EvZo8G69+xL8LlrcUaHdEplIFxMONly1RaYSC/3uM1KxoLazIt+aleybw1oy9Ba0etFFpiE24DagjZo1cszFwbtnTLdk0NAOP7L9PRBfF2SrSqKkRU5oseBHR0g4M2SbSKOYonozmQdVc7iIhNLmuVI3BKwvQ8Yx4/xf3yka2DwHVhkWelQpZIr1EtStGCax3pyYFnS0=
pixel.rubiconproject.com/	1970-01-20 19:34:22	Name: receive-cookie-deprecation Value: 1
.bluekai.com/	1970-01-20 21:43:58	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:43:58	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1Lxt3eY7nE3A1062vX+9+gT0lenRyYW+npQL/e1fh07awOxeVyOS3
.bluekai.com/	1970-01-20 21:43:58	Name: bku Value: uUW99O2RkVPREBTL
.omnitagjs.com/	1970-01-20 18:07:58	Name: ayl_visitor Value: 2a21077b67b26e3279ca4c952a4b399f
.analytics.yahoo.com/	1970-01-21 02:10:22	Name: IDSYNC Value: "18zh~2fz0:19e0~2fz0"
.casalemedia.com/	1970-01-21 02:10:22	Name: CMID Value: ZZVYH8BH.yZXaS-ip5uINQAA
.casalemedia.com/	1970-01-20 19:34:22	Name: CMPS Value: 3803
.casalemedia.com/	1970-01-20 19:34:22	Name: CMPRO Value: 3803
.360yield.com/	1970-01-20 19:34:22	Name: tuuid Value: d4d6160d-96f1-4e4f-a820-7474e2f1fc22
.360yield.com/	1970-01-20 19:34:22	Name: tuuid_lu Value: 1704286239
.bing.com/	1970-01-21 02:46:22	Name: MUID Value: 2FCC2F9161C2604438A73C6A604861DA
.c.bing.com/	1970-01-20 17:34:51	Name: MR Value: 0
exchange.mediavine.com/	1970-01-20 17:44:55	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b2c64c00-aa36-11ee-9f8c-7797a843fd8e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:44:55	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22b2c64c00-aa36-11ee-9f8c-7797a843fd8e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:44:55	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22b2c64c00-aa36-11ee-9f8c-7797a843fd8e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:44:55	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22b2c64c00-aa36-11ee-9f8c-7797a843fd8e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 17:44:55	Name: criteo Value: %7B%22id%22%3A%22k-KBDUcOBfPMQ8YcMLoIecD4kRTs_A1btFHJtAOw%22%2C%22version%22%3A%22criteo%22%7D
.postrelease.com/	1970-01-21 02:10:22	Name: visitor Value: 5fccae6a-c1d4-4d30-b7f5-b0630587b740
.postrelease.com/	1970-01-21 02:10:22	Name: status Value: 0
.liadm.com/	1970-01-21 03:00:46	Name: lidid Value: edf75317-638a-47ac-831b-25d7b2e5b82d
.360yield.com/	1970-01-20 19:34:22	Name: um Value: !38,gfB4R4.4oFaG2OccpcnDFjeNpkSvi-NXFREybBm0KzCv8SyzpPfkBtA4hdmUOrD4QyJ14kBv,1712062239
.360yield.com/	1970-01-20 19:34:22	Name: umeh Value: !38,0,1766494239,-1
.demdex.net/	1970-01-20 21:43:58	Name: demdex Value: 35442279264944327572600659292128230501
.pubmatic.com/	1970-01-20 18:07:58	Name: KRTBCOOKIE_97 Value: 3385-uid:k-1mI21uBfPMQ8YcMLoIecD4kRTs-IvyhOyVZnBg&KRTB&23144-uid:k-1mI21uBfPMQ8YcMLoIecD4kRTs-IvyhOyVZnBg&KRTB&23286-uid:k-1mI21uBfPMQ8YcMLoIecD4kRTs-IvyhOyVZnBg&KRTB&23287-uid:k-1mI21uBfPMQ8YcMLoIecD4kRTs-IvyhOyVZnBg
.pubmatic.com/	1970-01-20 18:07:58	Name: PugT Value: 1704286240
.dpm.demdex.net/	1970-01-20 21:43:58	Name: dpm Value: 35442279264944327572600659292128230501
.sharethrough.com/	1970-01-20 18:07:58	Name: stx_user_id Value: 0217f643-d192-48ed-abae-d392b267fd10
.crwdcntrl.net/	1970-01-20 23:53:31	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:53:31	Name: _cc_id Value: dcd77815225567257d4b86585423df71
.hb.yahoo.net/	1970-01-20 21:43:58	Name: visitor-id Value: 3472878406634601000V10
.hb.yahoo.net/	1970-01-20 21:43:58	Name: data-crt Value: k-JNsiyeBfPMQ8YcMLoIecD4kRTs9bMYvNHNSHKA~~1
.smaato.net/	1970-01-20 17:55:00	Name: SCM Value: dab817bbcd
.adsrvr.org/	1970-01-21 02:11:48	Name: TDID Value: dd30e361-ee94-4cf6-b456-8308b585b488
.agkn.com/	1970-01-21 02:10:22	Name: ab Value: 0001%3ArTUSeQnpr6x0K9syG8beqXC0IgVIMBWC
.rezync.com/	1970-01-21 02:46:22	Name: zync-uuid Value: 7136974c-f8e6-4637-84f4-b37a026d2afb:1704286240.3148437
.adsrvr.org/	1970-01-21 02:11:48	Name: TDCPM Value: CAEYBSABKAIyCwiSk5KlqpnGPBAFOAE.
.mediawallahscript.com/	1970-01-20 17:26:12	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024 Value: %7B%227bYSR%22%3A1%7D
.ads.stickyadstv.com/	1970-01-20 18:07:58	Name: UID Value: 29e726fdcf854795e63ee797cd8ed
.ads.stickyadstv.com/	1970-01-20 18:51:10	Name: uid-bp-11554 Value: k-8cy21uBfPMQ8YcMLoIecD4kRTs9SG2e81vAkrA
.rfihub.com/	1970-01-21 02:46:22	Name: eud Value: H4sIAAAAAAAA_1XIsRWAIAwFwAmsmCM-SL75wW0AZSBLSye19FneXYks5pUYMuN0gRslMCHd2LL6oW32vTBDwxV5tYKA8U7Ll5vG83d9ASfaqfRaAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3NDYytDAxNDQ3Njc0MbY0FOIz1E1zNQkszgrOCw0LCQAABVlhIiQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXB2xGAIAwEwB_biZPHTS7aDaAphMrZ3RdpkQ-xpOtPQQal0JAZHOr5-ej5GhVe6dA7DIXgAXEmNLw6AAAA
.rfihub.com/	1970-01-21 02:46:22	Name: rud Value: H4sIAAAAAAAA_-MSsjS3NDYytDAxNDQ3Njc0MbY0FOIz1E1zNQkszgrOCw0LCQAABVlhIiQAAAA
.rqtrk.eu/	1970-01-20 17:34:51	Name: browser_id Value: 1:a1398a2c-c422-43d7-9803-40dcc36d0e34
live.rezync.com/	1970-01-21 02:46:22	Name: sd-session-id Value: .eJwNylEOgyAMANC79FsWShsKXMagloSobBH3M-Pd5-dL3gXjR489N20npPP46gDzVh91SBf0-tt1hQRRIjkMjCgkyBQR7gG69l7fbazLUwTJR-HZlKDesCcxgQubiSRb5xeXy5RQLLvgHdsXIQcmgfsPe9clEg.ZZVYIA.9lLBHZuUWiUVVC-kOIM8SSfdAj8
.pippio.com/	1970-01-21 02:10:22	Name: did Value: udh70edYPaW7ArOv
.pippio.com/	1970-01-21 02:10:22	Name: didts Value: 1704286240
.pippio.com/	1970-01-20 18:51:10	Name: nnls Value:
.pippio.com/	1970-01-20 18:51:10	Name: pxrc Value: CAA=
vip.xraynetwork.space/	1970-01-21 02:10:22	Name: slate-uuid Value: 1dc4e639-c73d-49ef-9ae2-1b069f059dca
vip.xraynetwork.space/	1970-01-21 02:10:22	Name: slate-uuid-js Value: 1dc4e639-c73d-49ef-9ae2-1b069f059dca

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'unoptimized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'unsized-media'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vr'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: clipboard-write, accelerometer, autoplay, camera, ch-device-memory, ch-downlink, ch-dpr, ch-ect, ch-prefers-color-scheme, ch-rtt, ch-ua, ch-ua-arch, ch-ua-bitness, ch-ua-full-version, ch-ua-mobile, ch-ua-model, ch-ua-platform, ch-ua-platform-version, ch-viewport-width, ch-width, clipboard-read, cross-origin-isolated, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, hid, idle-detection, magnetometer, microphone, midi, otp-credentials, picture-in-picture, publickey-credentials-get, screen-wake-lock, serial, usb, xr-spatial-tracking, gamepad. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
network	error	URL: https://id.tinypass.com/id/api/v1/identity/token/verify?browser_id=lqxs0uhhsaz7o8ry&page_view_id=lqxs0uhhyzd7oqnf&content_type=website&page_title=Slate+Magazine+-+Politics%2C+Business%2C+Technology%2C+and+the+Arts&callback=jsonp6198&client_id=homyv5Uzpu&site=https%3A%2F%2Fvip.xraynetwork.space Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'self' slate.com .slate.com .my.slate.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co
aa.agkn.com
ad.360yield.com
ads.stickyadstv.com
api.permutive.com
api2.amplitude.com
ats-wrapper.privacymanager.io
c.amazon-adsystem.com
c.bing.com
cd.connatix.com
cdn.amplitude.com
cdn.cookielaw.org
cdn.cxense.com
cdn.permutive.com
cdn.taboola.com
cdn.tinypass.com
cm.g.doubleclick.net
compote.slate.com
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
d8444e659884692161f4613b575e60c8.safeframe.googlesyndication.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
experience.tinypass.com
fpa-cdn.slate.com
fpa-events.slate.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i.liadm.com
ib.adnxs.com
id.tinypass.com
jadserve.postrelease.com
live.rezync.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
partner.mediawallahscript.com
pippio.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sslwidget.criteo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
tags.bluekai.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
vip.xraynetwork.space
visitor.omnitagjs.com
ws.rqtrk.eu
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
107.178.254.65
13.249.59.62
141.226.224.48
15.235.42.102
151.101.65.44
151.101.66.133
162.248.18.37
172.253.62.154
172.64.146.152
18.160.153.68
18.160.156.128
18.160.172.92
18.207.71.126
199.38.167.131
216.22.16.40
23.219.12.236
23.219.9.47
23.40.207.42
23.50.124.22
2600:1408:20:38d::268b
2600:9000:2548:600:1b:5138:8a40:93a1
2606:4700:3030::6815:4222
2606:4700:3037::6815:128b
2606:4700:4400::6812:2089
2606:4700:4400::6812:249b
2606:4700::6811:7611
2606:4700::6812:82ec
2606:4700::6812:eff8
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::84
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::63
2620:100:a001::c
2620:100:a001::f
2620:1ec:c11::200
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.128.106.141
3.215.169.119
3.225.218.10
3.232.254.109
3.33.220.150
34.107.254.252
34.193.251.250
34.194.161.83
35.168.31.100
35.211.178.172
35.241.9.51
35.71.139.29
44.206.92.227
44.218.225.237
52.200.110.248
52.201.167.43
52.40.254.121
54.86.60.193
63.251.28.233
68.67.179.164
70.42.32.191
74.119.119.139
74.119.119.150
8.43.72.98
99.86.102.101
99.86.102.24
99.86.83.35
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
023e7e1c7a24d8f3633d0471bc44d5a536c52562e53308c7b0ea5bcce3333b7e
03f889d10edc8ee55a1b5047194e79803c90717c11be7bc024c25dd34c3a0451
04e02b4ccaf20aa44a8e697a957252f5aeee181e41df5690181d1b1105566107
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07933861209e28131bb69e64f37c37afdd2999678f8a147f6a6bab05ae7148b8
0aebe30cf38ed224e4e00670b4e54cd959ca325d10569ee2c4b0308e2173564c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bcb435a9b198ba1e334686bab95cf4265d73a0824e3c2e81dc629ef4722ece3
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f311d8aa7e370357ab10b71e399d73cddd2c90d6cc75f3168897ff386241888
127684a7a2984aa5f6deeafb2b1b6c27cec577c472bec44bbb9ea4ac67f502ff
1405e38c8d4d815d56efc6eec6865289cd34ac551e0835c82289b7c3e81f31eb
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a64e0f022fd6c13a576d1f3cff5d5078a363bef7ef3cbc49e98de972b47f729
1cfcc2e64d4a7ef0ce123dc7618d6385514da67a3afbdd85629fb43ad70dc2cc
24bd7a24282c6be4915dee95994835e15ae6e55479722ebf27a84a48d8beaff9
253a7ebd6f8aa12605b9d4fa48a30e12287d26d507a8e5bf210af18ca65ce3e1
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2d0f7ca91a56657dd1fb2a62d121a985adcb3c228b9ae5c28938b4e6084f33ef
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3c6e24a24df7645c5eb0b948aeb760b53990175f8f980ea14045ed7007ac13d3
3d1a0afe0728f1c1651d3deff1a5ebb1cbb907b619c29b7c59c81709568067d0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb59b80fac02f84de6115b5fbda6bdc0855835195edb7083a0773c208ccb5a2
42394b6d14391217b95d31b83a97e2c691da53bc124901e0c3f8f79468e3360d
43cecb942dedd0e30e6cf86a69f8d7fbcec2b02c909fc6cab118f23c84d5d5c0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
491094116986c8339416a6827d9d220409d590cb9116c03da7c9012120608450
49f353bb42cb724a409d8e592ed28e9880b0053670c4f0684f262a61a592c058
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ebeefbb501bcebec9e5b33c14f3a93365b6b334b43745caaffcf7ea61b07945
4fc0877e9979bb1ad14dc062667ccab419a29746d240cd7cbb84a78beed45cfe
50832693980e5c77ec736487ce344a40bee1e0e241cf9a4b756b8673bc346854
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58f5b56b1d97dc49f7813e8a0026956f2022a8a94137edbab1c4beda3007a470
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5bd909b8bef25305eab3c01341369df8eeace213432077753bcfeaf5c922bb28
5c8f9bfc65fbd6355193afe2f69b81b3cc46dfe12eddae1253cefae9f238d166
5f37d7f402474d5006629c6c1ef944135eda5dccd1a9c9053449ff067f83b4e1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61ad9b9b668b252f873ff736898e05f0a7ae0fc667855c9ea7e17cb646ce3664
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64c065e668729c733fc85bcd0a6503faf9b2931d2967b0552e9db845277e20cd
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
77f1049a76c92d1b45e0751002bf59f26635d00018946c64213a4c43a840bd1c
7b4cd976b8ecd9dc78e3042692b91de6173d8633c411e374f418dfaa5c889b91
81d9e8f3eb4ff1562acee8da93cb8d3e22cd8758080e041d1a44037dd925211d
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
8427fb8f8d7fc26d0c3032476871eeb26a249fc82b7938fdec67033373c4eec3
85959941ab12a5f6a9debebbf56c7b1471d829a390444ee7ca96116afc7b8ff2
86c144af7d301fb3ae0165ee310da09e4e3f26920d171f5b29a13475792d7f24
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8daf7600647d92637d11616fd06c5af131d495ac0dfe188f2f5465eb3242a9a7
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
91d4449f4e2d827614c2cec3f52dfa30fdfffe29fba7136bf0179102849325df
96acc05f0eb8a116236c3278b30de40f87645f1e67c3c702f13b4c4a45ab6af3
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
996dedee7d59cef5c0b99de9ed9914d262c77657f44e3fc09f0579ac14a68e11
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9cb162f6387aac3aa111e7f4b6721eb65c7b8c2536bb7d5e54d67cd2e6d820f2
9dd3a947a5e0277fe32607476e54b447d0ece6ff1ea966c14ccbe0bb1f41b64c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ac621592b8f0b6e334f0663e675c2355021d9900c346bf8845f90815a314e1
a4d81540a29f91d736eafcefe8fe2204ef143b6c66af8b648eb2c0aab7b358f0
a571c0d8f7c25bd282e8d038c5c2c8cb13b094f9e0a756989e3764bba404ee1f
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
ad12cb7aa17a6d6313ca689d6acfc5e1063740b3b5a841705ee948e5a6948921
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b179d318766671ead972f4820e429f487c0ba3da2111ce704aeb574d1a13de08
b1af11c32d42ff7931eb8ca57c539ed1f6c7da50a729c24c40b98bcba83d181b
b94bab84e77345a02aa86d0f70f43083ff2eeb94faad81f25195239704c55ff2
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2b4700d49a18bb29aa7bdfebcb6df3ddc2bb7f672a5e128f5d2979722693b9d
c402f59f1b4fe79cf2be8a405f1e65f32807b54b2a22678e5ef55736ca22f386
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
cae879df9e9203b60ca482e1723bc15ffda91285b95b30636ad3f468b1b8aae7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d42bb800a50ddbf348ff64fa765ef182f93e2f8b64d65fc6ed2f5f97d602e64d
dc123e1fdfe40c519213aed6431da35e0b5aa556e35dce4a4146417f02a335c3
e351a4def3c5e76899bac16564adac935392a33d627a7e478b8f83a09f0d5045
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
edb51802a54e6cde09fe4670f0979d9203f620cfb6fd19d9019a3a8d1239fc96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f4b41cde4aadd8b2f22b1c66a62c75df9187e428e5a16091f3a69b0cbdf233c3
fad1465ec2456fd39f0b19048529729e8de572fa8797f7381eb3ec7da6e3e1f1
fb40d9bd686de5e57bcaa98edfa2316295338ca097a32fa99bd1a6b21f057eec
fb6217c1529c91f36160647650aeac4d32c8fd2a44de21abfb85e5499feb93b5

vip.xraynetwork.space Open in urlscan Pro 2606:4700:3037::6815:128b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

142 Requests

89 %HTTPS

32 %IPv6

55 Domains

74 Subdomains

62 IPs

2 Countries

2236 kBTransfer

6887 kBSize

96 Cookies

69 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vip.xraynetwork.space Open in urlscan Pro
2606:4700:3037::6815:128b Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

89 %
HTTPS

32 %
IPv6

55
Domains

74
Subdomains

62
IPs

2
Countries

2236 kB
Transfer

6887 kB
Size

96
Cookies

142 HTTP transactions
1 data transactions