urlscan.io logo urlscan.io
SecurityTrails logo

subscriptions.hi2free.cloud Open in urlscan Pro
104.194.156.79  Public Scan

Go To Rescan Add Verdict Report
URL: https://subscriptions.hi2free.cloud/
Submission: On July 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 11 countries across 117 domains to perform 439 HTTP transactions. The main IP is 104.194.156.79, located in Toronto, Canada and belongs to . The main domain is subscriptions.hi2free.cloud.
TLS certificate: Issued by R3 on July 16th 2023. Valid for: 3 months.
This is the only time subscriptions.hi2free.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 104.194.156.79 ()
6 2606:4700::68... 13335 (CLOUDFLAR...)
22 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::714 54113 (FASTLY)
2 38.91.101.241 63023 (AS-GLOBAL...)
1 23.77.173.122 16625 (AKAMAI-AS)
3 3.230.121.151 14618 (AMAZON-AES)
1 18.164.115.222 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 10 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 4 2620:116:800b... 14618 (AMAZON-AES)
2 151.101.2.27 54113 (FASTLY)
1 2a04:4e42::729 54113 (FASTLY)
10 35.244.232.184 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
1 5 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.65.194 15169 (GOOGLE)
1 13.225.214.80 16509 (AMAZON-02)
8 151.101.66.75 54113 (FASTLY)
2 2620:10b:7001... 11483 (CONVIVA-AS)
9 34.160.152.31 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
2 54.148.115.213 16509 (AMAZON-02)
3 162.247.243.30 54113 (FASTLY)
1 3 18.164.96.43 16509 (AMAZON-02)
2 34.111.152.239 396982 (GOOGLE-CL...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
18 2607:f8b0:400... 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.65.198 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
3 108.138.107.138 16509 (AMAZON-02)
2 74.119.119.139 19750 (AS-CRITEO)
10 11 3.33.220.150 16509 (AMAZON-02)
2 108.139.54.32 16509 (AMAZON-02)
1 23.192.50.109 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 34.107.140.113 396982 (GOOGLE-CL...)
2 34.107.148.139 396982 (GOOGLE-CL...)
5 34.236.83.94 14618 (AMAZON-AES)
2 64.247.192.254 11320 (LIGHTEDGE...)
14 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 6 18.204.57.191 14618 (AMAZON-AES)
1 23.49.101.144 16625 (AKAMAI-AS)
16 2607:f8b0:400... 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
3 16 35.244.159.8 15169 (GOOGLE)
2 34.195.226.204 14618 (AMAZON-AES)
2 3 151.101.2.49 54113 (FASTLY)
3 6 2600:1f18:4e9... 14618 (AMAZON-AES)
2 7 52.46.151.131 16509 (AMAZON-02)
15 20 142.251.40.194 15169 (GOOGLE)
8 10 162.19.138.120 16276 (OVH)
1 1 63.251.114.137 32475 (SINGLEHOP...)
2 15 23.92.190.68 32475 (SINGLEHOP...)
1 1 178.250.7.11 44788 (ASN-CRITE...)
7 11 34.111.113.62 396982 (GOOGLE-CL...)
1 1 69.166.1.12 27630 (AS-XFERNET)
4 4 44.195.117.16 14618 (AMAZON-AES)
2 2 216.200.232.249 30419 (MEDIAMATH...)
10 14 68.67.160.117 29990 (ASN-APPNEX)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
15 16 35.211.178.172 15169 (GOOGLE)
2 2 199.38.167.131 54312 (ROCKETFUEL)
10 10 199.127.204.171 26120 (RHYTHMONE)
4 4 2620:112:f002... 6336 (TURN-US-ASN)
4 4 34.133.71.175 396982 (GOOGLE-CL...)
10 10 52.207.63.185 14618 (AMAZON-AES)
2 2 35.207.24.140 15169 (GOOGLE)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
5 23.77.173.8 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
5 5 207.198.113.87 13768 (COGECO-PEER1)
2 3 3.225.218.10 14618 (AMAZON-AES)
4 7 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 4 8.28.7.81 62713 (AS-PUBMATIC)
2 30 8.28.7.83 62713 (AS-PUBMATIC)
1 1 23.105.14.105 30633 (LEASEWEB-...)
3 3 198.148.27.139 19189 (PULSEPOINT)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 74.119.119.150 19750 (AS-CRITEO)
2 2 173.231.178.115 32475 (SINGLEHOP...)
2 4 54.173.30.48 14618 (AMAZON-AES)
2 2 52.86.86.10 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 2 34.204.237.207 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.214.141.39 15169 (GOOGLE)
4 19 35.71.139.29 16509 (AMAZON-02)
1 2 34.196.240.12 14618 (AMAZON-AES)
3 8.28.7.84 62713 (AS-PUBMATIC)
2 2 2606:ae80:145... 25751 (VALUECLICK)
2 3.219.128.143 14618 (AMAZON-AES)
2 2 52.86.120.189 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 2 185.167.164.37 198622 (ADFORM)
2 2 35.211.233.246 19527 (GOOGLE-2)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 64.202.112.159 23352 (SERVERCEN...)
1 2 23.197.21.62 16625 (AKAMAI-AS)
2 23.49.102.123 16625 (AKAMAI-AS)
1 23.49.100.28 16625 (AKAMAI-AS)
2 104.18.10.47 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
10 11 172.240.219.212 7979 (SERVERS-COM)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.225.72.7 14618 (AMAZON-AES)
1 2 35.186.253.211 15169 (GOOGLE)
2 3 52.44.20.252 14618 (AMAZON-AES)
2 8 192.40.39.223 27381 (CASALE-MEDIA)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 174.137.133.32 27257 (WEBAIR-IN...)
4 206.81.15.18 14061 (DIGITALOC...)
1 68.183.135.134 14061 (DIGITALOC...)
1 23.198.216.24 16625 (AKAMAI-AS)
6 10 8.43.72.98 26667 (RUBICONPR...)
1 1 35.211.118.13 15169 (GOOGLE)
2 2 52.205.24.34 14618 (AMAZON-AES)
1 67.220.226.232 16509 (AMAZON-02)
1 82.145.213.8 39832 (NO-OPERA)
1 1 172.104.64.149 63949 (AKAMAI-LI...)
1 35.186.193.173 15169 (GOOGLE)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 23.88.86.2 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
2 2 104.127.64.185 16625 (AKAMAI-AS)
1 34.224.73.219 14618 (AMAZON-AES)
1 52.5.155.44 14618 (AMAZON-AES)
1 52.214.91.176 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 3.209.69.212 14618 (AMAZON-AES)
439 112
42    104.194.156.79 (Toronto, Canada)

ASN- ()
PTR: 104.194.156.79.static.quadranet.com
subscriptions.hi2free.cloud
6    2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
22    2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:24f1:c400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
6    2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    38.91.101.241 (New York, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: us-ny-1.pro.ip-api.com
pro.ip-api.com
1    23.77.173.122 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-122.deploy.static.akamaitechnologies.com
players.brightcove.net
3    3.230.121.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-121-151.compute-1.amazonaws.com
ping.chartbeat.net
1    18.164.115.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-115-222.jfk50.r.cloudfront.net
cdn.amplitude.com
1    2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2607:f8b0:4006:81f::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2607:f8b0:4006:809::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
4    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    151.101.2.27 (United States)

ASN54113 (FASTLY, US)
edge.api.brightcove.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
10    35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com
metrics.brightcove.com
1    2600:9000:21dd:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2607:f8b0:4006:820::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.65.194 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
www.googleadservices.com
1    13.225.214.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-80.ewr50.r.cloudfront.net
cf-images.eu-west-1.prod.boltdns.net
8    151.101.66.75 (United States)

ASN54113 (FASTLY, US)
live-hls-web-aja-fa.getaj.net
2    2620:10b:7001:10::108 (United States)

ASN11483 (CONVIVA-AS, US)
62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com
9    34.160.152.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    54.148.115.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-213.us-west-2.compute.amazonaws.com
api2.amplitude.com
3    162.247.243.30 (United States)

ASN54113 (FASTLY, US)
bam-cell.nr-data.net
3    18.164.96.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-43.jfk50.r.cloudfront.net
sb.scorecardresearch.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
2    2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
3    2607:f8b0:4006:80f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
6    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
18    2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.65.198 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
11    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
2    108.139.54.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-54-32.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
1    23.192.50.109 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-50-109.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
12    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
2    64.247.192.254 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)
colossusssp.com
14    2607:f8b0:4006:816::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com
b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com
b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com
6    18.204.57.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-57-191.compute-1.amazonaws.com
ads.yieldmo.com
1    23.49.101.144 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-101-144.deploy.static.akamaitechnologies.com
a.teads.tv
16    2607:f8b0:4006:80d::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
16    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    34.195.226.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-226-204.compute-1.amazonaws.com
protected-by.clarium.io
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    2600:1f18:4e9:5a01:8254:be27:a710:e85f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
7    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
20    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
10    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
15    23.92.190.68 (Houston, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
11    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    44.195.117.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-117-16.compute-1.amazonaws.com
sync.ipredictive.com
2    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    68.67.160.117 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
10    2607:f8b0:4006:806::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2607:f8b0:4006:81c::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
10    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
10    52.207.63.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-63-185.compute-1.amazonaws.com
match.prod.bidr.io
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    23.77.173.8 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-173-8.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
7    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
30    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    23.105.14.105 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.105.rdns.racklot.com
rtb-csync.smartadserver.com
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    173.231.178.115 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
4    54.173.30.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-30-48.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.86.86.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-86-10.compute-1.amazonaws.com
pm.w55c.net
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    34.204.237.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-237-207.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.214.141.39 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 39.141.214.35.bc.googleusercontent.com
csync.loopme.me
19    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    34.196.240.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-240-12.compute-1.amazonaws.com
thrtle.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2606:ae80:1451:11::2040 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
2    3.219.128.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-128-143.compute-1.amazonaws.com
rtb.adentifi.com
2    52.86.120.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-120-189.compute-1.amazonaws.com
ads.avct.cloud
2    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
2    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    64.202.112.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    23.197.21.62 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-62.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    23.49.102.123 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-102-123.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.49.100.28 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-100-28.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
11    172.240.219.212 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
1    2606:4700::6812:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    34.225.72.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-72-7.compute-1.amazonaws.com
aorta.clickagy.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    52.44.20.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-20-252.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
8    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
4    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
ids.ad.gt
2    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
4    206.81.15.18 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
1    68.183.135.134 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
openrtb.cootlogix.com
1    23.198.216.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-24.deploy.static.akamaitechnologies.com
cs.media.net
10    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
2    52.205.24.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-24-34.compute-1.amazonaws.com
dpm.demdex.net
1    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    104.127.64.185 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-64-185.deploy.static.akamaitechnologies.com
px.owneriq.net
1    34.224.73.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-73-219.compute-1.amazonaws.com
crb.kargo.com
1    52.5.155.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-155-44.compute-1.amazonaws.com
sync.bfmio.com
1    52.214.91.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-91-176.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    3.209.69.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-69-212.compute-1.amazonaws.com
bpi.rtactivate.com
Apex Domain
Subdomains		 Transfer
45 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
ad.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
483 KB
42 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage2.pubmatic.com — Cisco Umbrella Rank: 797
image4.pubmatic.com — Cisco Umbrella Rank: 1305
simage4.pubmatic.com — Cisco Umbrella Rank: 1338
57 KB
42 hi2free.cloud
subscriptions.hi2free.cloud
1 MB
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com
b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com
142 KB
22 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
263 KB
19 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
9 KB
18 openx.net
u.openx.net — Cisco Umbrella Rank: 769
us-u.openx.net — Cisco Umbrella Rank: 496
rtb.openx.net — Cisco Umbrella Rank: 982
4 KB
17 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
r.bidswitch.net — Cisco Umbrella Rank: 8555
7 KB
16 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 782
ce.lijit.com — Cisco Umbrella Rank: 1060
27 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
acdn.adnxs.com — Cisco Umbrella Rank: 587
secure.adnxs.com — Cisco Umbrella Rank: 469
28 KB
14 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1749
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
6 KB
13 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1471
sync.colossusssp.com — Cisco Umbrella Rank: 1722
8 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025
69 KB
13 pub.network
a.pub.network — Cisco Umbrella Rank: 5957
d.pub.network — Cisco Umbrella Rank: 6316
c.pub.network — Cisco Umbrella Rank: 6072
374 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 616
token.rubiconproject.com — Cisco Umbrella Rank: 652
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
17 KB
12 t13.io
s2s.t13.io — Cisco Umbrella Rank: 5706
6 KB
12 brightcove.com
edge.api.brightcove.com — Cisco Umbrella Rank: 5868
metrics.brightcove.com — Cisco Umbrella Rank: 4633
3 KB
11 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
2 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 808
id5-sync.com — Cisco Umbrella Rank: 423
39 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
data.adsrvr.org — Cisco Umbrella Rank: 5486
6 KB
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 610
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
218 KB
10 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2437
ids.ad.gt — Cisco Umbrella Rank: 2351
913 B
10 google.com
www.google.com — Cisco Umbrella Rank: 10
2 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
dsum.casalemedia.com — Cisco Umbrella Rank: 1666
7 KB
8 getaj.net
live-hls-web-aja-fa.getaj.net — Cisco Umbrella Rank: 266409
3 MB
7 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 717
idsync.rlcdn.com — Cisco Umbrella Rank: 428
1 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
5 KB
6 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 688
4 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 405
mug.criteo.com — Cisco Umbrella Rank: 2102
dis.eu.criteo.com — Cisco Umbrella Rank: 8506
dis.criteo.com — Cisco Umbrella Rank: 608
2 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 407
168 KB
5 cootlogix.com
sync.cootlogix.com — Cisco Umbrella Rank: 2966
openrtb.cootlogix.com — Cisco Umbrella Rank: 5363
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 756
3 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1067
2 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1072
2 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1429
contextual.media.net — Cisco Umbrella Rank: 675
cs.media.net — Cisco Umbrella Rank: 1653
11 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1250
pixel.quantserve.com — Cisco Umbrella Rank: 1003
cms.quantserve.com — Cisco Umbrella Rank: 862
19 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
bcp.crwdcntrl.net — Cisco Umbrella Rank: 959
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 651
3 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1372
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
879 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
140 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
3 KB
3 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 1993
1 KB
3 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3792
api2.amplitude.com — Cisco Umbrella Rank: 1597
25 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1242
604 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
mab.chartbeat.com — Cisco Umbrella Rank: 2501
25 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1921
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
2 KB
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1435
44 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 689
cdn.indexww.com — Cisco Umbrella Rank: 1684
2 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 597
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 573
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2972
973 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6888
967 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4694
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1366
71 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489
746 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1499
687 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1667
829 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1657
1013 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 494
735 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1197
807 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
2 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
1 KB
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1593
489 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1168
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1077
api.btloader.com — Cisco Umbrella Rank: 1148
82 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1560
100 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 7628
1 KB
2 conviva.com
62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com — Cisco Umbrella Rank: 214435
488 B
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5829
960 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1922
110 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2864
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4898
467 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3037
397 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1596
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1783
504 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7105
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8281
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4755
349 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6589
371 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2649
438 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
414 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2387
654 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1943
560 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 258
671 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1061
226 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3199
309 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1453
674 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1137
223 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1634
3 KB
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623
796 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 926
637 B
1 gstatic.com
fonts.gstatic.com
34 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1113
765 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098
414 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1500
507 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1443
17 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2616
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 7460
469 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 535
18 KB
1 boltdns.net
cf-images.eu-west-1.prod.boltdns.net — Cisco Umbrella Rank: 20003
65 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 169
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1172
582 B
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 6166
7 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1191
49 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 4510
266 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
315 B
439 117
Domain Requested by
42 subscriptions.hi2free.cloud subscriptions.hi2free.cloud
22 www.googletagmanager.com subscriptions.hi2free.cloud
www.googletagmanager.com
21 simage2.pubmatic.com 2 redirects ads.pubmatic.com
20 cm.g.doubleclick.net 15 redirects u.openx.net
eb2.3lift.com
ads.yieldmo.com
19 eb2.3lift.com 4 redirects ads.pubmatic.com
subscriptions.hi2free.cloud
eb2.3lift.com
18 securepubads.g.doubleclick.net subscriptions.hi2free.cloud
securepubads.g.doubleclick.net
www.googletagservices.com
16 x.bidswitch.net 15 redirects
16 tpc.googlesyndication.com subscriptions.hi2free.cloud
securepubads.g.doubleclick.net
cdn.ampproject.org
15 ce.lijit.com 2 redirects subscriptions.hi2free.cloud
ce.lijit.com
us-u.openx.net
ads.pubmatic.com
14 pagead2.googlesyndication.com subscriptions.hi2free.cloud
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
13 us-u.openx.net 2 redirects u.openx.net
ce.lijit.com
us-u.openx.net
12 ib.adnxs.com 8 redirects eb2.3lift.com
acdn.adnxs.com
12 s2s.t13.io subscriptions.hi2free.cloud
u.openx.net
ce.lijit.com
eb2.3lift.com
ads.pubmatic.com
11 sync.colossusssp.com 10 redirects subscriptions.hi2free.cloud
11 pixel.tapad.com 7 redirects us-u.openx.net
ads.pubmatic.com
ads.yieldmo.com
10 match.prod.bidr.io 10 redirects
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 id5-sync.com 8 redirects subscriptions.hi2free.cloud
10 match.adsrvr.org 9 redirects subscriptions.hi2free.cloud
10 metrics.brightcove.com subscriptions.hi2free.cloud
10 www.google.com 2 redirects subscriptions.hi2free.cloud
9 image2.pubmatic.com ads.pubmatic.com
8 c.pub.network subscriptions.hi2free.cloud
8 live-hls-web-aja-fa.getaj.net subscriptions.hi2free.cloud
7 sync.1rx.io 7 redirects
7 s.amazon-adsystem.com 2 redirects u.openx.net
ads.pubmatic.com
eb2.3lift.com
ssum-sec.casalemedia.com
6 pr-bh.ybp.yahoo.com 3 redirects u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
6 ads.yieldmo.com 2 redirects subscriptions.hi2free.cloud
ads.yieldmo.com
6 id.hadron.ad.gt subscriptions.hi2free.cloud
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
subscriptions.hi2free.cloud
6 cdn.cookielaw.org subscriptions.hi2free.cloud
cdn.cookielaw.org
5 pixel.rubiconproject.com 2 redirects
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 id.rlcdn.com 3 redirects u.openx.net
sync.colossusssp.com
5 pixel-sync.sitescout.com 5 redirects
5 ads.pubmatic.com ce.lijit.com
ads.pubmatic.com
subscriptions.hi2free.cloud
5 c2shb.ssp.yahoo.com subscriptions.hi2free.cloud
5 googleads.g.doubleclick.net 1 redirects subscriptions.hi2free.cloud
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 sync.cootlogix.com sync.colossusssp.com
4 ids.ad.gt sync.colossusssp.com
4 sync.srv.stackadapt.com 2 redirects eb2.3lift.com
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 px.ads.linkedin.com 1 redirects us-u.openx.net
eb2.3lift.com
4 um.simpli.fi 4 redirects
4 ad.turn.com 4 redirects
4 sync.ipredictive.com 4 redirects
4 a.pub.network subscriptions.hi2free.cloud
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 bh.contextweb.com 3 redirects
3 ups.analytics.yahoo.com 2 redirects us-u.openx.net
3 sync.targeting.unrulymedia.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 u.openx.net 1 redirects subscriptions.hi2free.cloud
3 c.amazon-adsystem.com subscriptions.hi2free.cloud
3 www.googletagservices.com subscriptions.hi2free.cloud
3 sb.scorecardresearch.com 1 redirects subscriptions.hi2free.cloud
3 bam-cell.nr-data.net subscriptions.hi2free.cloud
3 ping.chartbeat.net subscriptions.hi2free.cloud
2 idsync.rlcdn.com 1 redirects
2 px.owneriq.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 dpm.demdex.net 2 redirects
2 sync.adkernel.com sync.colossusssp.com
2 sync.crwdcntrl.net 2 redirects
2 secure.adnxs.com 2 redirects
2 rtb.openx.net 1 redirects u.openx.net
2 eus.rubiconproject.com subscriptions.hi2free.cloud
eus.rubiconproject.com
2 stags.bluekai.com 1 redirects u.openx.net
2 b1sync.zemanta.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.avct.cloud 2 redirects
2 rtb.adentifi.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 creativecdn.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.mathtag.com 2 redirects
2 protected-by.clarium.io subscriptions.hi2free.cloud
2 colossusssp.com subscriptions.hi2free.cloud
2 prebid.media.net subscriptions.hi2free.cloud
2 aax.amazon-adsystem.com subscriptions.hi2free.cloud
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 ad-delivery.net
2 cdn.confiant-integrations.net subscriptions.hi2free.cloud
2 optimise.net subscriptions.hi2free.cloud
2 api2.amplitude.com subscriptions.hi2free.cloud
2 62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com subscriptions.hi2free.cloud
2 edge.api.brightcove.com subscriptions.hi2free.cloud
2 secure.quantserve.com subscriptions.hi2free.cloud
2 pro.ip-api.com subscriptions.hi2free.cloud
2 static.chartbeat.com subscriptions.hi2free.cloud
1 bpi.rtactivate.com
1 bcp.crwdcntrl.net
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 sync.bfmio.com
1 crb.kargo.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 t.adx.opera.com ads.pubmatic.com
1 aax-eu.amazon-adsystem.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 r.bidswitch.net 1 redirects
1 cs.media.net contextual.media.net
1 openrtb.cootlogix.com sync.colossusssp.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 acdn.adnxs.com subscriptions.hi2free.cloud
1 js-sec.indexww.com subscriptions.hi2free.cloud
1 contextual.media.net subscriptions.hi2free.cloud
1 c.bing.com eb2.3lift.com
1 image4.pubmatic.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 dis.criteo.com 1 redirects
1 cms.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 pippio.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 data.adsrvr.org 1 redirects
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com subscriptions.hi2free.cloud
1 sync.go.sonobi.com 1 redirects
1 dis.eu.criteo.com 1 redirects
1 ap.lijit.com 1 redirects
1 b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com subscriptions.hi2free.cloud
1 lb.eu-1-id5-sync.com subscriptions.hi2free.cloud
1 a.teads.tv subscriptions.hi2free.cloud
1 a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com subscriptions.hi2free.cloud
1 cdn.id5-sync.com subscriptions.hi2free.cloud
1 secure.cdn.fastclick.net subscriptions.hi2free.cloud
1 ad.doubleclick.net
1 api.btloader.com subscriptions.hi2free.cloud
1 cdn.hadronid.net subscriptions.hi2free.cloud
1 btloader.com
1 freestar-io.videoplayerhub.com 1 redirects
1 js-agent.newrelic.com subscriptions.hi2free.cloud
1 d.pub.network subscriptions.hi2free.cloud
1 pixel.quantserve.com subscriptions.hi2free.cloud
1 cf-images.eu-west-1.prod.boltdns.net subscriptions.hi2free.cloud
1 www.googleadservices.com subscriptions.hi2free.cloud
1 rules.quantcount.com subscriptions.hi2free.cloud
1 vjs.zencdn.net subscriptions.hi2free.cloud
1 www.googleoptimize.com subscriptions.hi2free.cloud
1 stats.g.doubleclick.net subscriptions.hi2free.cloud
1 cdn.amplitude.com subscriptions.hi2free.cloud
1 players.brightcove.net subscriptions.hi2free.cloud
1 mab.chartbeat.com static.chartbeat.com
1 geolocation.onetrust.com cdn.cookielaw.org
439 167
Subject Issuer Validity Valid
subscriptions.hi2free.cloud
R3		 2023-07-16 -
2023-10-14		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-07-28		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M01		 2023-01-12 -
2024-02-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-26 -
2024-02-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
brightcove.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-12 -
2024-04-12		 a year crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
metrics.brightcove.com
GTS CA 1D4		 2023-05-30 -
2023-08-28		 3 months crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.prod.boltdns.net
Amazon RSA 2048 M01		 2023-03-02 -
2023-11-18		 9 months crt.sh
*.getaj.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-12		 a year crt.sh
cws.conviva.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-18 -
2024-01-28		 9 months crt.sh
d.pub.network
GTS CA 1D4		 2023-06-16 -
2023-09-14		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
optimise.net
GTS CA 1D4		 2023-05-26 -
2023-08-24		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-05-25 -
2023-08-23		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.pub.network
GTS CA 1D4		 2023-06-15 -
2023-09-13		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2023-07-16 -
2023-10-14		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-07-05 -
2023-10-03		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02		 2023-02-28 -
2023-10-12		 7 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-14 -
2023-11-14		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh

This page contains 62 frames:

Primary Page: https://subscriptions.hi2free.cloud/
Frame ID: 08B71EBF096C2EE6653D8CB2A29E3135
Requests: 194 HTTP requests in this frame

Frame: https://a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EE68F11F1E6D38F6D75F7EB5BAE02A53
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 96CC5EF3E5F228CAA2BBD9AFF16F7B5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E14C3DA964E819DC065420A096012BE
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: DFA6A087D9595C7F621D059BA438ADB0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlAMgStnWK79OivyeNmYjSuIas-OiVm_mtDTqvqryl3PlF5Nt0JAXCk_oDtAxGgV1-dzvJGC7Mv7P8o1xwLfq6YZAsevrhJd3tlvDzfeWPAS_1tzfv315fAwHo6shqGTkxp-SbChuV54EVQnohgl_aJqJJKAcbPduaq2NNcRFwjPzVkrJv2IllBQbkpV0EB74D0JD1kotyHeZssf7SwJYmhvMTAzqzhF3tXelx2rI5LM8QSNbE4S4CtuEATcy2jqFgUDroYhD1ZzCx10Wq0yOTUxlZYs18GVrre0-6AppUJDkJir3WBg0wjrz04bQiZ1e_Aqqq9UIxLKdZLVY-qFdRL-iXE5HdUStvHLM9eVtNtLsJ&sai=AMfl-YQ4TSpplNAtPmakbLAnQCVz1J8mNp2YVDPlvGiAv7mfEr-qIN-n3ZBZ7DIvKGxoRMqAWLPRTQVvoRJ7gbm4Sk5LZSKnSKtwlUwwkulTMH63vL6u31go3hP8FSXWSSY&sig=Cg0ArKJSzFXSYjV54VWtEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1C40F049C930045187610D9237560D1D
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvom3smoVA83PaoRot6gWRgV0gY837NTcqjJv88ClcDSUjR41-XGhJGtSuaIpUIdf04x-4Wqdwa7_fRdND-sqHVJ8uItqMNzgy2gY9DEE3EmUqDcL6c833Vh_CDkDBdvlyjPuXfm3OIgUWhdXgZ7Y-BeIpPht47DmcUFcbhD_y1lcm__lBm1m8YLnZ8cftShYq6GPOCJWf3wOoZK_-UsNOlHXt6zajDfO0CiNN41Vko5eZovBXDVoTjU_lsbPoaAr2gOZrfNJa6XKf1czoeK7BcCWIj_ZTucToxSRSHFNOpl9ETRtInI4gllSXBBrhcM0ozmrUaAmbnoWqkODljRmZQP3RT9RGUZhBoRTmGpOrzY5etFIhaRQ&sai=AMfl-YQxBWBQ2j1X8SkyEmwDhpbkX_3C7EQAzCPpROvAStnqbt2P5luexOAlInKs7Jl81fzzzyeGpHmg2DcLSzkruBb7QKEeN-Z7KzFjKKChkco0sdeOOFpDPXVguD14Wd4&sig=Cg0ArKJSzAhy92EDOvYhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 63390EF1740BF9AB05E07938FC8ABB74
Requests: 13 HTTP requests in this frame

Frame: https://b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DA6559DDBB4BDB80E2D7C6289B317A6D
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Frame ID: 1FDDB0CAC149CA72DDBE03CC349B5531
Requests: 9 HTTP requests in this frame

Frame: https://b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6F6CA775FE6C19531C359A775221A9E7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: FE82F7C3A3A7730F27F41630B762DA28
Requests: 15 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 62EF11A54D97A43D5E9B11F7372318CD
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 1F4D9AE823AA6DB63891667E121F5274
Requests: 26 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 8036C8EBBC4FFE0AA9901D6A319DD9BA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48D0C94079EE68EC64931BE33B2F2C8A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FF13BCC7026A6E0EE20A97D728763B9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Frame ID: B7E91EA50E686E77214CE24E0C18F6AE
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12376A563B160DB6E264397E45E709E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AB2EE995268008B966819DF57AB9B92
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: B2E3BD06566CAD82BD781E7EEEE053CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062839092010088
Frame ID: D2DB2019FC6F0FC958A087B6B1712294
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&redir=true&gdpr=0&gdpr_consent=
Frame ID: 65493F0EB75E47F42884660932307AA8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACqZk7JZ-MAACT01x1ecw&gdpr=0
Frame ID: F8B9F97FABDB547AF9D34D41D9ADB50D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: AD0BBD3CC9B1E64ED59DE0539B50B385
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8520540174920231937&gdpr=0&gdpr_consent=
Frame ID: EC79E084DA1E58061BBFACE3B31ED53A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb
Frame ID: E8CB7677D7135BCB2F054658F577A381
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 598DD6428DEAB6D86DA7D41A82BCDEB3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=623f4e24-23dd-11ee-b003-73d16c6255b2
Frame ID: E7C2596FB3C0F87FBC183700816F1F2B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Frame ID: F4EFCF77096CF905709DAEA5A1119532
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WWTOU7591Ql1SD5&gdpr=0&gdpr_consent=
Frame ID: 2CAA86FEE6293401F9999497CDC3521E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=800770056233
Frame ID: 5A2CF983B0CCAC2467BA55BDB97EB6AE
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: 7F4A587F9B61C37B7860E08E6D0D4334
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 26CE2E64DD77E5D2CAAA78C852DFAF9E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Frame ID: C7D7A90C928FBD59CDE8712E9E772692
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: FB8B23DC3E0E76E409AD4A6E070AC6B6
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: F7DBA27E77AAE9BA71781B5E792E750B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 15DBC12B99A0AD8485C59764ED7E2FE2
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 6B30E2AE48451D58A487516ADFD9A9A5
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Frame ID: B660B4F4F96B84AB4E1D7541211B8277
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A9973BC88E002EE2728A49B1EAD806D5
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CC9F9344F68B61808554A026B8323445
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: E71C00488D5B9AF600AC73FCBCEF060E
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 47DC2F5AB60E2BA9B8385E7D0DF9F559
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: C8A8D63AFD622466D41A4E339797D8C9
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 891C0D636A13873727309C3508CF15C3
Requests: 3 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: F99A01E4314FB568EBE0DAE6F5AC2528
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9DD42079BF19673869B3C51CC00043EE
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 53025E3E10E8EF98EDCC25D62E1A9E00
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: AA6E91007E144B0D378355D879FEA6EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Frame ID: 9FE77755619979C2B9FAB6B69AB6842F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GZ6-limZCEiWL1Lwu_GzZA
Frame ID: E8F841F8B26C135F0BEADA182581036B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 14B12DD8B3E052292F38E7CEEC1822BE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1300efd6-28b5-446c-b3cb-6515bea46e45
Frame ID: 45AD00E26A10D156E77D31C35858AAEC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CAD36735D0080B2116D24468CD1ADC94
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B25A32EAC429E3F7A699FF71B87B8DB2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7428008271922567350
Frame ID: C78ABC48E9327438D6532EB905943BA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7&gdpr=0&gdpr_consent=
Frame ID: 51B9AF759331417A348BAD2A059E1B7A
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: 2664144ECD64EFEABCD174556C42F6D3
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: 4D298DFF18A7286DD8D5D235F4AA1E04
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: 34BCFB744C2C12067AA8BD0C19081B27
Requests: 1 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: 03159124CFC695F074BDB90612A1429E
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Frame ID: C68A244DC9E1E734EFB4611FA502DFE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

الجزيرة نت: آخر أخبار اليوم حول العالمplayأغلق القائمة الرئيسيةplaysearchfacebooktwitterwhatsappsharefacebooktwitterwhatsappsharefacebooktwitterwhatsappquotesquotesquotesquotesquotesquotessharefacebooktwitterwhatsappsharefacebooktwitterwhatsappsharefacebooktwitterwhatsappsharefacebooktwitterwhatsappsharefacebooktwitterwhatsappaj-logoaj-logoaj-logofacebooktwitteryoutubeinstagram-colored-outlinerss

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

439
Requests

79 %
HTTPS

27 %
IPv6

117
Domains

167
Subdomains

112
IPs

11
Countries

6549 kB
Transfer

14650 kB
Size

226
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947178488/?random=1134917599&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&label=O6blCOKKl18Q-JfTwwM&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&gtm_ee=1&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3Dconversion%3Bcolor%3Dffffff&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sfGzZLP0HZyHoPMPze-bsAQ&sscte=1&crd=&pscrd=Ek9DaEVJOEtyT3BRWVF0dV93c3VMazBhemNBUkltQUk4Vk9VSTBBOXYtWlk4bzMybDRaakFBbjR2ZGlXUFR4eWFCdE5MbENJNjJFSlg5X0NnGlhDaEFJOEtyT3BRWVE5TGZucGV2N2c2VTVFaTRBSktMYVVjNFhIaWRSbER1QjUwcll3bFdleTFLVnU2dlprSU1obmhGdmhGSVpCVnAxOUtqeWpjLXJBRGdvIhMI85DK1auTgAMVnANoCB3N9wZG HTTP 302
  • https://www.google.com/pagead/1p-conversion/947178488/?random=1134917599&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&label=O6blCOKKl18Q-JfTwwM&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&gtm_ee=1&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3Dconversion%3Bcolor%3Dffffff&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtyT3BRWVF0dV93c3VMazBhemNBUkltQUk4Vk9VSTBBOXYtWlk4bzMybDRaakFBbjR2ZGlXUFR4eWFCdE5MbENJNjJFSlg5X0NnGlhDaEFJOEtyT3BRWVE5TGZucGV2N2c2VTVFaTRBSktMYVVjNFhIaWRSbER1QjUwcll3bFdleTFLVnU2dlprSU1obmhGdmhGSVpCVnAxOUtqeWpjLXJBRGdvIhMI85DK1auTgAMVnANoCB3N9wZG&is_vtc=1&ocp_id=sfGzZLP0HZyHoPMPze-bsAQ&cid=CAQSKQBpAlJW0H_2Zd-hgcgkoVF4MZ8hcfWA-sH4wCkkXoZXZ9xJWa1EGjH9&random=4239790968
Request Chain 127
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 134
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689514419506&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&c8=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689514419506&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&c8=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&c9=
Request Chain 149
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&domain=subscriptions.hi2free.cloud&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hxTVtnx0YjFERkRaakZneTFKakhBaWp1SnRHNCtkcjVhZm1QNFdZVDVoZWQvYnZhQzVWQ1RwTHlEK090dmhlUzlzVlZWMDVIWjNHcVNQRUt1T1duekJMT2tMQ0Q0VUJmVG1ETFBjeWlWZnYrYUVvdFh5V0xaTW1JMHRPTmNCU1NIMWZidU1yZHp4cU1HV1RFeW1vS1MzZUE4dnQxVGREdGpENXBiMjB6ZVFXZUtCckoyelhUbkpDZlFKNmhYSmR5emQzRUtTTWlRRkVnSlRKWTl0Q2VhcTJsU0gzSkp1VWRDTjlQeDlmemdQS0M4ZDMwRUE5eGUyNXc5dzBNQWlBNmZ3Rld2fA&cppv=2
Request Chain 178
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=gd910640c7418fd4a70e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 191
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZLPxtQAAAaRLpQAN HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZLPxtQAAAaRLpQAN&_test=ZLPxtQAAAaRLpQAN
Request Chain 202
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fdb3fe86-978e-83dc-89c0-2b05eff54ba1 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fdb3fe86-978e-83dc-89c0-2b05eff54ba1&dcc=t
Request Chain 203
  • https://match.adsrvr.org/track/cmf/openx?oxid=a56582fb-8b24-3826-49ce-a99287c68041&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=a56582fb-8b24-3826-49ce-a99287c68041&gdpr=0&gdpr_consent=
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwMXdJ8ZrppOG9R824jNS4&google_cver=1
Request Chain 220
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 301
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Request Chain 221
  • https://id5-sync.com/i/882/8.gif?id5id=ID5*sWgWicdqbntovpAw5oh4i3R5JAsLGF7xgAxlIJqNs9FVuwPJN3ZMu55olfI52Y96VbwnDKCfPbyifb5GN-K1Yg&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F203%2F7%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/882/203/7/2.gif?puid=c8a83155-0f0c-49cd-97d7-497a142bd40b&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a236f525-c1e6-4768-a469-4b87cf809c0d&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/108/5/4.gif?puid=b734197a-ac0d-4024-b515-56c18866579a&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/882/434/4/5.gif?puid=5874b1ec-beca-4cf3-89c9-e5d59f67c2a8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/796/3/6.gif?puid=0af6397d-5477-4a4e-bcb8-9fa2047d927c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-9717TzVJxeDht45u1181_CYDtYNHeU8IU0KeEtKUbw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/3/2/7.gif?puid=b46b64b3-f1b9-4000-b1f0-7390bd8181e3&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/2/1/8.gif?puid=8520540174920231937&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a236f525-c1e6-4768-a469-4b87cf809c0d&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1245%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/882/1245/0/9.gif?puid=G_YtaTZHp5wL8MgORNewKj87&gdpr=0&gdpr_consent=
Request Chain 238
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968062839092010088&expires=30&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=
Request Chain 239
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1689514422973 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8878845196 HTTP 302
  • https://sync.1rx.io/usersync/turn/8326670277707603110?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Request Chain 240
  • https://um.simpli.fi/lj_match?r=1689514422792&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=70994DFFC04E4ED08DB67F011D5F43D7
Request Chain 241
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AACqZk7JZ-MAACT01x1ecw&gdpr=0
Request Chain 242
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=19a6162f-cb84-4e10-8726-db8f5a0d51e2
Request Chain 243
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
Request Chain 244
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=Ks38SNdeiWbtmKaRr3Zn&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 254
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
Request Chain 255
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a31bf107-d023-05a1-032f-3144b44a414d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=a31bf107-d023-05a1-032f-3144b44a414d
Request Chain 257
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f0a3fd9d-4663-0e46-16b7-2961be5de199 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZjBhM2ZkOWQtNDY2My0wZTQ2LTE2YjctMjk2MWJlNWRlMTk5EAAaDQi348-lBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&rand=08081373 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&rand=08081373&expected_cookie=32f108e1-a4d1-46ba-9510-bbd5613bd4b8
Request Chain 258
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8520540174920231937
Request Chain 259
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2778235536787152038&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 279
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 280
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-.ymios9E2uGHnrUPGUdYwveSFCBIQv6QQbo2bRA-~A
Request Chain 283
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062839092010088
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcVprN0paLU1BQUNUMDF4MWVjdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACqZk7JZ-MAACT01x1ecw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5393839811644009848&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACqZk7JZ-MAACT01x1ecw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5393839811644009848%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5393839811644009848&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACqZk7JZ-MAACT01x1ecw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACqZk7JZ-MAACT01x1ecw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5393839811644009848%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5393839811644009848&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACqZk7JZ-MAACT01x1ecw&gdpr=0
Request Chain 287
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8520540174920231937&gdpr=0&gdpr_consent=
Request Chain 288
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb
Request Chain 289
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=623f4e24-23dd-11ee-b003-73d16c6255b2
Request Chain 291
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Request Chain 292
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WWTOU7591Ql1SD5&gdpr=0&gdpr_consent=
Request Chain 293
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=800770056233
Request Chain 294
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=40fee599-8abd-43a3-adcb-ac2d69234640&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Request Chain 295
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 296
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Request Chain 297
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rob0oX_wS5Ct_DfmuVY6rQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 300
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b734197a-ac0d-4024-b515-56c18866579a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
Request Chain 301
  • https://eb2.3lift.com/xuid?mid=7976&xuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 302
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=2fd8d480-d02e-404c-a9da-2f152385481a
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUU4NkY0QTEtN0ZGMC00QjkwLUFERkMtMzdFNkI5NTYzQUFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIu9DlZl-_pmN-hrvrotuWY&google_cver=1
Request Chain 305
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7
Request Chain 306
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
Request Chain 307
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8326670277707603110&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 309
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zRSkdKZE2uX1eWXoZDdKFndkqTARVa4-~A&gdpr=0
Request Chain 310
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1e0465217a2021b1&is_secure=true&networkId=17100&version=1&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMVa1hNtjfbwM2HAANAAAAAAA&expiration=1689600823&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 311
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0af6397d-5477-4a4e-bcb8-9fa2047d927c&gdpr=0&gdpr_consent=
Request Chain 313
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3dc64050-298a-45a5-99dd-041bf54ad8e7&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 314
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
Request Chain 315
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_105E7B687_36C87B8B&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 316
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1563302996059876632
Request Chain 320
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 324
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a236f525-c1e6-4768-a469-4b87cf809c0d&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 325
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzc4ODI0MTk3ODkzNzY5NjY3OTU1OQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBvDLFn6xsBATDNCuf1vGXQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 327
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzc4ODI0MTk3ODkzNzY5NjY3OTU1OQ%3D%3D
Request Chain 329
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3788241978937696679559&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=eb83c471-d292-4219-8356-4d4b61b1e5a5&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3788241978937696679559?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-qysIt4pE2oQbGs74mQQHyyUqear5JW94TNy2zExZew--~A&dongle=0883
Request Chain 332
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=xlv75tTjn338WTYihv1G&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PBWHMNZVORKGU3RTGM4FOVCZNFUHMMKH&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PBWHMNZVORKGU3RTGM4FOVCZNFUHMMKH HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xlv75tTjn338WTYihv1G
Request Chain 333
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8520540174920231937&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 344
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-F6Sz1tRE2pnuzbZLBxbJGG.Sso_Ao5RETXwsRw--~A&expires=5&ssp=themediagrid
Request Chain 349
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=09c81771-93bc-1d10-bee7-e261a20bc083 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kmaajck363fj
Request Chain 350
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=baebb61e-d95e-0468-3f5b-32d363f48e70&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZLPxuKD9dFjqm9_uti3qgg1z
Request Chain 351
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ejMIxyKigQivuuUlVN-6-w==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 352
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=0af6397d-5477-4a4e-bcb8-9fa2047d927c
Request Chain 353
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8303764302 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/a236f525-c1e6-4768-a469-4b87cf809c0d HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Request Chain 354
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=8520540174920231937&pn_id=an
Request Chain 356
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=gd910640c7418fd4a70e HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Db734197a-ac0d-4024-b515-56c18866579a%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8520540174920231937&pt=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEJHgjwIshhVkEffvs7QIFno&google_cver=1
Request Chain 360
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=0af6397d-5477-4a4e-bcb8-9fa2047d927c&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 361
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553%26partner_url%3Dhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3646%2526xuid%253D8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553%2526dongle%253D1fa5%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553%26partner_url%3Dhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3646%2526xuid%253D8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553%2526dongle%253D1fa5%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553%26dongle%3D1fa5%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 362
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&dongle=4430
Request Chain 365
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8326670277707603110&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 367
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AACqZk7JZ-MAACT01x1ecw&dongle=bzwx&gdpr=0
Request Chain 370
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=huddledmss HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=huddledmss&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=465&user_id=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.colossusssp.com/bidswitch.gif?puid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296 HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562060&ev=1&us_privacy=[us_privacy]&rurl=https%3A%2F%2Fsync.colossusssp.com/pp.gif?puid=32d84d34-4950-4497-9976-3df62df1274b HTTP 302
  • https://sync.colossusssp.com/pp.gif?puid=32d84d34-4950-4497-9976-3df62df1274b&ev=1&us_privacy=[us_privacy]&pid=562060 HTTP 302
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
Request Chain 373
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID HTTP 302
  • https://sync.colossusssp.com/ap.gif?puid=8520540174920231937 HTTP 302
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
Request Chain 374
  • https://bh.contextweb.com/bh/rtset?pid=562060&ev=1&us_privacy=[us_privacy]&rurl=https%3A%2F%2Fsync.colossusssp.com/pp.gif?puid=[UID] HTTP 302
  • https://sync.colossusssp.com/pp.gif?puid=[UID]&ev=1&us_privacy=[us_privacy]&pid=562060 HTTP 302
  • https://x.bidswitch.net/sync?ssp=huddledmss HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=huddledmss&bsw_param=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&google_hm=Y2MwNGNhM2UtM2MyNC00MDAyLThkZGUtMmNkNWMyYjIxMjk2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMm3DYiBNCy8Q0sa1qefIKM&google_cver=1&ssp=huddledmss&bsw_param=cc04ca3e-3c24-4002-8dde-2cd5c2b21296 HTTP 302
  • https://sync.colossusssp.com/bidswitch.gif?puid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296 HTTP 302
  • https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
Request Chain 375
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1 HTTP 302
  • https://sync.colossusssp.com/td.gif?puid=a236f525-c1e6-4768-a469-4b87cf809c0d&ttl=1692106424 HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=[UID]
Request Chain 377
  • https://id.rlcdn.com/712075.gif?ct=2&cv= HTTP 307
  • https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/col HTTP 303
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AACqZk7JZ-MAACT01x1ecw HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=omg-colossus&gdpr=[GDPR]&gdpr_consent=[gdpr_consent]&us_privacy=[CCPA]&userId=32d84d34-4950-4497-9976-3df62df1274b
Request Chain 378
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=gd910640c7418fd4a70e&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA] HTTP 302
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=[UID]
Request Chain 382
  • https://match.prod.bidr.io/cookie-sync/col HTTP 303
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AACqZk7JZ-MAACT01x1ecw HTTP 302
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMyNTE2MDI0NjYzNDAwMDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAVNKgj56k573Vr7Zs2QlRg&google_cver=1
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=8520540174920231937
Request Chain 388
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
Request Chain 389
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLPxue2ulgLG8LuP98lg5QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFkfH_IA8ggG-INUjXqP7ZU&google_cver=1
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLPxue2ulgLG8LuP98lg5QAABZ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEACB73FX2oVO30Rmgta0dfY&google_cver=1
Request Chain 392
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a236f525-c1e6-4768-a469-4b87cf809c0d&expiration=1692106425&gdpr=0&gdpr_consent=
Request Chain 394
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cc04ca3e-3c24-4002-8dde-2cd5c2b21296 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dindex%26bsw_param%3Dcc04ca3e-3c24-4002-8dde-2cd5c2b21296 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=b734197a-ac0d-4024-b515-56c18866579a&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Db734197a-ac0d-4024-b515-56c18866579a%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dindex%252526bsw_param%25253Dcc04ca3e-3c24-4002-8dde-2cd5c2b21296%252C HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=b734197a-ac0d-4024-b515-56c18866579a&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Db734197a-ac0d-4024-b515-56c18866579a%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dindex%252526bsw_param%25253Dcc04ca3e-3c24-4002-8dde-2cd5c2b21296%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=88226671887806799401404925921195804274&pt=b734197a-ac0d-4024-b515-56c18866579a%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dindex%2526bsw_param%253Dcc04ca3e-3c24-4002-8dde-2cd5c2b21296%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=cc04ca3e-3c24-4002-8dde-2cd5c2b21296 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&us_privacy=
Request Chain 395
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=70994DFFC04E4ED08DB67F011D5F43D7
Request Chain 400
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s3ELq_mKTByDNfKP5h5XrQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s3ELq_mKTByDNfKP5h5XrQ
Request Chain 401
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTdmZThlMDZhNDdhYjRjMjFhNDcwYWVjNTg2YTExNDRlZTM3MTMwMg
Request Chain 402
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEs1SDlMUkYtMS1OR1k= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOQmKUJ8SLgO4fP_p6gfLEw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs1SDlMUkYtMS1OR1k=&google_push=
Request Chain 403
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9OVgdiwNLfNDtzYHsjFfOw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x9HxzBpE2oKpONQsYC_MSq9IYr6ngEopG80VGQ--~A
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF1rzTiKyFPW1FyNUUMw67c&google_cver=1
Request Chain 405
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=&expires=30
Request Chain 407
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK5H9LRF-1-NGY
Request Chain 414
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=5921883341 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/b46b64b3-f1b9-4000-b1f0-7390bd8181e3?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Request Chain 415
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GZ6-limZCEiWL1Lwu_GzZA
Request Chain 417
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1300efd6-28b5-446c-b3cb-6515bea46e45
Request Chain 420
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7428008271922567350&uid=Q7428008271922567350&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7428008271922567350
Request Chain 421
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7&gdpr=0&gdpr_consent=
Request Chain 427
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8520540174920231937
Request Chain 428
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:de1bea1d-32fe-4e00-bc5c-8b6ec781b9cd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 431
  • https://idsync.rlcdn.com/712188.gif?partner_uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f0a3fd9d-4663-0e46-16b7-2961be5de199

439 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
subscriptions.hi2free.cloud/ 		271 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
a3d516434992267097dddd60c2dc1509991c5a274ae6d38a9db5e596fa7e3937
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120, must-revalidate
content-encoding
gzip
content-length
59854
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:32 GMT
etag
W/"43b82-CYx1vCcHDugukBizs4Y5VUE2Vqo"
server
nginx/1.24.0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-rq
mdw2 111 253 443
x-xss-protection
1; mode=block
RTSK8SXW-1686460307.jpg
subscriptions.hi2free.cloud/wp-content/uploads/2023/06/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2023/06/RTSK8SXW-1686460307.jpg?resize=770%2C513&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
c007dea03c59ced667316f47d83e3f606eb317edf5a7161e82f093bfc15fa275
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
x-rq
mdw2 101 176 443
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Jul 2023 10:51:38 GMT
server
nginx/1.24.0
etag
"7a5950ff194edc01"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68696
component~homepage-route~f71cff67.0316701c.chunk.css
subscriptions.hi2free.cloud/static/css/ 		121 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/css/component~homepage-route~f71cff67.0316701c.chunk.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
65e121146aa79567ae00f186f794caac9047f8940dbc5449e51f2ef1fb249a76
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 254 443
last-modified
Wed, 28 Jun 2023 10:23:11 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"1e4cc-18901874a98"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
content-length
15782
component~amp-route~common-route~homepage-route~section-route~video-route~493df0b3.5922f1de.chunk.css
subscriptions.hi2free.cloud/static/css/ 		90 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/css/component~amp-route~common-route~homepage-route~section-route~video-route~493df0b3.5922f1de.chunk.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
a6d241c6a1badc2e68fa201e0bca7c97140a61f2f2c2ffd92882a41fd414dc3d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Wed, 28 Jun 2023 10:23:11 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"167f0-18901874a98"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
content-length
19749
component~main~6e6dca10.1dbf12f8.chunk.css
subscriptions.hi2free.cloud/static/css/ 		61 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/css/component~main~6e6dca10.1dbf12f8.chunk.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
f0644ff47a9b130ccf16f4f996b8ea415e06647674dd28950237526c8593295a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 253 443
last-modified
Wed, 28 Jun 2023 10:23:11 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"f251-18901874a98"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
content-length
10809
component~main~b07b7304.e6ba5e59.chunk.css
subscriptions.hi2free.cloud/static/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/css/component~main~b07b7304.e6ba5e59.chunk.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
d9a3ac014a1b220783e4274f66aca38aebc5badb3fbf9924d8fc6901a3d7ae99
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 254 443
last-modified
Mon, 03 Jul 2023 16:30:44 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"9d71-1891c979720"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
content-length
7647
component~main~748942c6.b53bf157.chunk.css
subscriptions.hi2free.cloud/static/css/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/css/component~main~748942c6.b53bf157.chunk.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
1864b6da1b4b0153bedff49029e75261ed4acd0cdec4625b9d6704ef58a26829
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 254 443
last-modified
Wed, 05 Jul 2023 11:43:08 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"bdf2-18925dd00e0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
content-length
9068
vendor~main~4f420515.764ccc25.chunk.css
subscriptions.hi2free.cloud/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/css/vendor~main~4f420515.764ccc25.chunk.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
a6d781ef6efa7f5f0c6943c51dea8100c88d7d29473651eb78f25c9e3aba995d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
x-rq
mdw2 0 2 9980
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 14 Mar 2023 14:05:39 GMT
server
nginx/1.24.0
x-powered-by
Express
etag
W/"777-186e070df38"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
837
expires
Tue, 19 Mar 2024 11:19:04 GMT
react~main~03cc5dce.9b9b8f71.chunk.js
subscriptions.hi2free.cloud/static/js/ 		145 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/react~main~03cc5dce.9b9b8f71.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
4dc6508630cdace96e3c112c234e7a119546e4923676d9ff67a2406333bd189c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Fri, 12 May 2023 12:44:04 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"244d5-1880ffd6220"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
47284
vendor~main~493df0b3.6c95461f.chunk.js
subscriptions.hi2free.cloud/static/js/ 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/vendor~main~493df0b3.6c95461f.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
63c781fcd72def3572c2070e8f8673ed7928b6de1e8afc8b3db3a7af40ed9a05
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 254 443
last-modified
Tue, 30 May 2023 10:47:40 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"26871-1886c4548e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
49422
vendor~main~9b1fde68.8bdbbff6.chunk.js
subscriptions.hi2free.cloud/static/js/ 		162 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/vendor~main~9b1fde68.8bdbbff6.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
9f005ea7c666b9206298ee3b32a01bff3a5568ff1162b9fb56a90004fec1d56f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Tue, 30 May 2023 10:47:40 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"2895b-1886c4548e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
49495
vendor~main~27f19aac.7f04e1aa.chunk.js
subscriptions.hi2free.cloud/static/js/ 		212 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/vendor~main~27f19aac.7f04e1aa.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
02f5d2ef7ee4cb56c3d962b5c1249998e36c466ab2ac523fe1c4bf7e7da4a123
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 253 443
last-modified
Wed, 28 Jun 2023 10:23:11 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"350b4-18901874a98"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
66395
vendor~main~4f420515.fc79e47a.chunk.js
subscriptions.hi2free.cloud/static/js/ 		150 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/vendor~main~4f420515.fc79e47a.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
0495956dfac4a4733a2516231a8cc06c8646da6f6ee2db217a9e0f1d11ed35d9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 254 443
last-modified
Tue, 30 May 2023 10:47:40 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"257f5-1886c4548e0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
46959
component~main~748942c6.0b8950a4.chunk.js
subscriptions.hi2free.cloud/static/js/ 		248 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/component~main~748942c6.0b8950a4.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
399d94f3e5901827d8df8915f24d725844a249eb9a5b55fe3814d25ce0e37e5f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Thu, 13 Jul 2023 11:11:31 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"3df5f-1894ef2eeb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
73303
component~main~b07b7304.456812f7.chunk.js
subscriptions.hi2free.cloud/static/js/ 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/component~main~b07b7304.456812f7.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
be0f653b20c778db276901fe37758ae96e1be8b5097ac2484e14c8b6603b2d63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Thu, 13 Jul 2023 11:11:31 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"29bce-1894ef2eeb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
47355
component~main~6e6dca10.0046e915.chunk.js
subscriptions.hi2free.cloud/static/js/ 		118 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/component~main~6e6dca10.0046e915.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
a2b21466dbeca76bdd11431825244f50047c1ff91ebc756035b29b9d4d5a08ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 253 443
last-modified
Thu, 13 Jul 2023 11:11:31 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"1d948-1894ef2eeb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
28403
main.40cbef78.js
subscriptions.hi2free.cloud/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/main.40cbef78.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
7dd5bd54666e2c00f2af0cc883ea8d33e1c1e53fd8f98f74268010c5a821ae8c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw2 111 253 443
last-modified
Thu, 13 Jul 2023 11:11:31 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"14bb-1894ef2eeb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
2177
component~amp-route~common-route~homepage-route~section-route~video-route~493df0b3.7d8e7498.chunk.js
subscriptions.hi2free.cloud/static/js/ 		158 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/component~amp-route~common-route~homepage-route~section-route~video-route~493df0b3.7d8e7498.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
15a44fc96cdf9d8fd58944c89dae288824dea803b8d5c12d205d5cce48925489
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 253 443
last-modified
Thu, 13 Jul 2023 11:11:31 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"279fd-1894ef2eeb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
47503
component~homepage-route~f71cff67.68185f2d.chunk.js
subscriptions.hi2free.cloud/static/js/ 		121 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/component~homepage-route~f71cff67.68185f2d.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
0ad72e91c71320c28b59ee906f08f9d329c10cd8b5c3531cfb7c4783b15ede28
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Thu, 13 Jul 2023 11:11:31 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"1e27f-1894ef2eeb8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
28664
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ss3gfiwT9vXTSvNlfc+4JQ==
age
74098
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6820
x-ms-lease-status
unlocked
last-modified
Thu, 13 Jul 2023 02:45:40 GMT
server
cloudflare
etag
0x8DB834B3F1108FD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1f8a20f3-f01e-00ad-23c2-b5f88c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e7a9e1a4bea4bc0-BUF
js
www.googletagmanager.com/gtag/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1615344-2
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c49857022262c26f22ebc605a592a979b90ca58e1a85a647c672f4b9404a263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60842
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Jul 2023 13:33:33 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:37:14 GMT
content-encoding
gzip
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:35:23 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
68179
etag
W/"649b804b-9482"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
R_KWv4L61HP8a_I976s6ONIwDRx0F1folqUHNftdJu9yvbpxgqAbVQ==
expires
Sun, 16 Jul 2023 18:37:14 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:c400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 14:59:40 GMT
content-encoding
gzip
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
81233
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
gi3tUaXxG8tgITSwQK8D-CPjgLL2qinKQEEdU4T6AOeAC7BOL2-IvA==
expires
Sun, 16 Jul 2023 14:59:40 GMT
nr.js
subscriptions.hi2free.cloud/thirdparty/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/thirdparty/nr.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
755b1bc5bfbf9123d1ba9343b914035de650cd26adac11f5b8b748c9b07cb94c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
x-rq
mdw1 0 2 9980
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Tue, 28 Jun 2022 12:47:45 GMT
server
nginx/1.24.0
x-powered-by
Express
etag
W/"7a3e-181aa5a7968"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
10902
expires
Wed, 28 Jun 2023 12:55:35 GMT
splunk-otel-web.min.js
subscriptions.hi2free.cloud/thirdparty/ 		158 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/thirdparty/splunk-otel-web.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
cc9cd7bd5e2415d3edb3ad951a728c59f964e2736bfac9942a2160c8711407e2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
x-rq
mdw1 0 2 9980
content-encoding
gzip
strict-transport-security
max-age=15768000
last-modified
Fri, 03 Mar 2023 15:10:57 GMT
server
nginx/1.24.0
x-powered-by
Express
etag
W/"27697-186a806b3e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
39208
expires
Tue, 19 Mar 2024 11:19:04 GMT
ampli.v7.js
subscriptions.hi2free.cloud/thirdparty/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/thirdparty/ampli.v7.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
249865bdd55b5ef365399d3f4e5fd7e6eb244aeb5e9d58191192aa5511e2ebbc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Tue, 20 Jun 2023 13:16:57 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"cf9-188d8f38128"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
1588
Al-Jazeera-Bold.3301c4f5.woff2
subscriptions.hi2free.cloud/static/media/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/media/Al-Jazeera-Bold.3301c4f5.woff2
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
f9481655799aef069f2b350ca931ac81304f96274a6ff71e6de52cddd8a958a0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://subscriptions.hi2free.cloud/
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
x-powered-by
Express
content-length
33453
x-rq
mdw1 0 2 9980
last-modified
Mon, 11 Apr 2022 11:12:02 GMT
server
nginx/1.24.0
etag
W/"82e4-1801852cfd0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 07:24:20 GMT
Al-Jazeera-Heavy.3baf54b4.woff2
subscriptions.hi2free.cloud/static/media/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/media/Al-Jazeera-Heavy.3baf54b4.woff2
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
902be64a2c4af72f18f55d07a190e065416df59f1a72ad1fec2518376ad74928
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://subscriptions.hi2free.cloud/
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
x-powered-by
Express
content-length
34795
x-rq
mdw2 0 2 9980
last-modified
Mon, 04 Apr 2022 17:34:00 GMT
server
nginx/1.24.0
etag
W/"8828-17ff5a3ff40"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Apr 2023 10:27:44 GMT
Al-Jazeera-Light.b09a8096.woff2
subscriptions.hi2free.cloud/static/media/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/media/Al-Jazeera-Light.b09a8096.woff2
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
4255b33999a680484686bb0c9eb3be3d1e7b99a5561c0286674411f45ea7e093
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://subscriptions.hi2free.cloud/
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
x-powered-by
Express
content-length
32951
x-rq
mdw1 0 2 9980
last-modified
Mon, 07 Mar 2022 17:23:08 GMT
server
nginx/1.24.0
etag
W/"8130-17f6567fc60"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Mar 2023 18:01:16 GMT
Al-Jazeera-Regular.0112de0f.woff2
subscriptions.hi2free.cloud/static/media/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/media/Al-Jazeera-Regular.0112de0f.woff2
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
5d73e8c2c5d29fcc824d4e00d7cdd80b485f8e70a28d6106e760a838d3a5e04e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://subscriptions.hi2free.cloud/
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
x-powered-by
Express
content-length
33895
x-rq
mdw1 0 2 9980
last-modified
Mon, 04 Apr 2022 17:34:00 GMT
server
nginx/1.24.0
etag
W/"8480-17ff5a3ff40"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Apr 2023 11:12:38 GMT
c9b6725f-7687-48ef-ad27-870859bc7b32.json
cdn.cookielaw.org/consent/c9b6725f-7687-48ef-ad27-870859bc7b32/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c9b6725f-7687-48ef-ad27-870859bc7b32/c9b6725f-7687-48ef-ad27-870859bc7b32.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b7025d248692bf2ece2687b96fef35295bd577fbfd32020e50268b149ffeaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
FF8G8Ct4fu0MSyjhT1w+1Q==
content-length
2032
x-ms-lease-status
unlocked
last-modified
Wed, 08 Feb 2023 17:33:54 GMT
server
cloudflare
etag
0x8DB09FAA6DE53C2
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
af27cb3c-a01e-0097-74e3-b7bb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e7a9e1b1bf04bc0-BUF
expires
Mon, 17 Jul 2023 13:33:33 GMT
gtm.js
www.googletagmanager.com/ 		161 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6778BQ
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69895b61602814899219a2b22f62b830f4d0e87062461297173adb18019b56b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60184
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Jul 2023 13:33:33 GMT
destination
www.googletagmanager.com/gtag/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-WFKEPR3HG4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6778BQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
877c90a6b4c730fca16b346e4844cce70614bbc46e5efb81c2970175c7139f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 13:33:33 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1615344-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Jul 2023 12:11:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4945
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 16 Jul 2023 14:11:08 GMT
a
www.googletagmanager.com/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=subscriptions.hi2free.cloud%2F&tdp=UA-1615344-2;;0;0;0&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=subscriptions.hi2free.cloud%2F&tdp=UA-1615344-2;;0;0;0&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:33 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.init&eid=0&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.js&eid=1&h=Ag&tr=1rep&ti=1rep&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtag.config&eid=2&h=Ag&epr=1UA&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=24&h=Ag&epr=1UA&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7e7a9e1dfabd4bbd-BUF
access-control-allow-headers
Content-Type
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		157 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=aljazeera.net&domain=aljazeera.net&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09237a43cc10b5f37e7255a0dc8d9e613027370835a420a9d83d1d34bbd80f3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 16 Jul 2023 13:33:34 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
125
x-served-by
cache-ewr18155-EWR
x-timer
S1689514414.226925,VS0,VE20
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 14 Jul 2023 13:33:34 GMT
collect
www.google-analytics.com/g/ 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WFKEPR3HG4&gtm=45je37c0&_p=1182478121&cid=860669918.1689514414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=%E2%80%8F%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%E2%80%8F&dl=https%3A%2F%2Fwww.aljazeera.net%2F&sid=1689514413&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.dimension15=Web&ep.dimension13=Home%20Page
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-WFKEPR3HG4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202209.1.0/ 		376 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 13:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
229oLfugqvtMNLM3e0uPaA==
age
47167
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91423
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:30 GMT
server
cloudflare
etag
0x8DAAB422B1E6529
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9d360d5a-501e-00e4-32e1-5acbec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e7a9e1f2c3a4bc0-BUF
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1182478121&t=pageview&_s=1&dl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&dp=https%3A%2F%2Fwww.aljazeera.net%2F&ul=en-us&de=UTF-8&dt=%E2%80%8F%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%E2%80%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACACI~&jid=1942482836&gjid=1080586136&cid=860669918.1689514414&tid=UA-1615344-2&_gid=1940923963.1689514414&_r=1&gtm=457e37c0&cd15=Web&cd13=Home%20Page&jsscut=1&z=1020715028
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
33P76NM-highres-1689509947.jpg
subscriptions.hi2free.cloud/wp-content/uploads/2023/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2023/07/33P76NM-highres-1689509947.jpg?resize=375%2C250&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
07808b952c02d2f2b721e6ce44d2fc5669d366dc427c27423f31636a9fa5bde8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:34 GMT
x-rq
mdw1 98 228 443
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Jul 2023 12:29:33 GMT
server
nginx/1.24.0
etag
"cf84bf60151f5d2a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16994
features
subscriptions.hi2free.cloud/api/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/api/features
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/static/js/component~main~b07b7304.456812f7.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
801460213af7a4cd223a1aaad88d12d60cd0dca4d0764b9df4b88c1ca4a17286
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
wp-site
aja
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw2 111 253 443
content-encoding
gzip
strict-transport-security
max-age=15768000
server
nginx/1.24.0
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, no-cache
accept-ranges
bytes
content-length
1878
graphql
subscriptions.hi2free.cloud/ 		133 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/graphql?wp-site=aja&operationName=ArchipelagoBreakingTickerQuery&variables=%7B%7D&extensions=%7B%7D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/static/js/vendor~main~27f19aac.7f04e1aa.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
45a942a3685450004b12f1b690d98b4db830dcbd6d0a112f2e57db12d95866a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept
*/*
Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
original-domain
subscriptions.hi2free.cloud
wp-site
aja
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 111 253 443
content-encoding
gzip
strict-transport-security
max-age=15768000
server
nginx/1.24.0
x-powered-by
Express
etag
W/"85-7g2IXKSKijPnUvUsliAsxsxP53k"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=20, must-revalidate
accept-ranges
bytes
content-length
107
/
pro.ip-api.com/json/ 		324 B
480 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=h49qrIxAVSStejH
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/static/js/component~homepage-route~f71cff67.68185f2d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
us-ny-1.pro.ip-api.com
Software
/
Resource Hash
598658fcdf85dd6d5efcf8bfb328deafd7b3bb6eaada0a4adae616d12cf52377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Jul 2023 13:33:36 GMT
Content-Length
324
Content-Type
application/json; charset=utf-8
ads-freestar~30e29b85.d7fe2093.chunk.js
subscriptions.hi2free.cloud/static/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/static/js/ads-freestar~30e29b85.d7fe2093.chunk.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/static/js/main.40cbef78.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
177b6e96495dcffe2a64c8d7fbe53fdd43fd02b10f84572399eeedc4e0e8ef87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
content-encoding
gzip
x-rq
mdw1 111 254 443
last-modified
Wed, 28 Jun 2023 10:23:11 GMT
server
nginx/1.24.0
strict-transport-security
max-age=15768000
x-powered-by
Express
etag
W/"b1e0-18901874a98"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
content-length
13674
index.min.js
players.brightcove.net/665001584001/7lDmqAMR_default/ 		1001 KB
266 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/665001584001/7lDmqAMR_default/index.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/static/js/component~amp-route~common-route~homepage-route~section-route~video-route~493df0b3.7d8e7498.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.173.122 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-122.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3b829c7eca0b6b835a268dd2dc30f2ad7efde0ec19667d12cf2a3db990f87ce2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
YSIVScMElpDxBWWU7UuEmBRLuILZIHUQ
Content-Encoding
gzip
Date
Sun, 16 Jul 2023 13:33:36 GMT
x-amz-request-id
ATAJZ95NM94YWN9Y
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
272095
x-amz-id-2
kWANRaMEYUxHEPUipca2gcA+OZyvrreUcKvm6whTC4r1awc0Pd2FBCVeihxh3e5RxRkXee5Cwr0=
X-BCOV-Response-Mode
1
X-Served-By
cache-iad-kiad7000140-IAD
Last-Modified
Sun, 25 Jun 2023 01:19:19 GMT
Server
AmazonS3
X-Timer
S1687656218.821442,VS0,VE2
ETag
"76c9a1ff9346ee8789077ab20203d202"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=192
Accept-Ranges
bytes
X-Cache-Hits
1
/
pro.ip-api.com/json/ 		324 B
480 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=h49qrIxAVSStejH
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/static/js/component~homepage-route~f71cff67.68185f2d.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
us-ny-1.pro.ip-api.com
Software
/
Resource Hash
598658fcdf85dd6d5efcf8bfb328deafd7b3bb6eaada0a4adae616d12cf52377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 16 Jul 2023 13:33:36 GMT
Content-Length
324
Content-Type
application/json; charset=utf-8
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&e=gtm.js&eid=1&u=Ag&h=Ag&tr=5rep&ti=1rep&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1182478121&t=pageview&_s=2&dl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E2%80%8F%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%E2%80%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACACI~&jid=&gjid=&cid=860669918.1689514414&tid=UA-1615344-2&_gid=1940923963.1689514414&gtm=457e37c0&cd15=Web&cd13=Home%20Page&jsscut=1&z=1310235821
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 11:44:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6556
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=48&u=AgAAAAAAAACAAAE&h=Ag&epr=1UA&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ping
ping.chartbeat.net/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=aljazeera.net&p=subscriptions.hi2free.cloud%2F&u=CT32wdNKqFFD75lU6&d=subscriptions.hi2free.cloud&g=3291&g0=No%20Section&g1=No%20Author&g4=Home%20Page&n=1&f=00001&c=0&x=0&m=0&y=6882&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&v=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&vp=1&PA=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&b=2896&t=0eSalDHLBnNDuqeQjWDQNID59Egb&V=140&z=t%3Dundefined%26E%3D0%26x%3D0%26c%3DNaN%26y%3D6882%26w%3D1200&i=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&tz=0&sn=1&sv=C-NYWBdx51NmI7pfB2DH7bBQpMhe&sr=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&sd=1&im=06870fff&_
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.121.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-121-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
11582027-1-1689484334.jpg
subscriptions.hi2free.cloud/wp-content/uploads/2023/07/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2023/07/11582027-1-1689484334.jpg?resize=770%2C513&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
80e14a703a0e3f4b7fc76e879ea643ccffd69a866e668978b0eaa6a849475d4a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 101 196 443
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Jul 2023 08:09:18 GMT
server
nginx/1.24.0
etag
"fc2949f609dd4689"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61166
Screen-Shot-2021-03-02-at-8.02.26-AM-e1616082398518.png
subscriptions.hi2free.cloud/wp-content/uploads/2021/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2021/03/Screen-Shot-2021-03-02-at-8.02.26-AM-e1616082398518.png?resize=96%2C96&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
65e7e005f1259dbd6c79458f5b0d0f4153c8a3316e5471d498bfc330c305f970
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 98 226 443
strict-transport-security
max-age=15768000
last-modified
Tue, 02 May 2023 06:44:56 GMT
server
nginx/1.24.0
etag
"a4ec56a851f34a39"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9044
%D8%B9%D8%B5%D8%A7%D9%85-%D8%AA%D9%84%D9%8A%D9%85%D8%A9.jpeg
subscriptions.hi2free.cloud/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2022/11/%D8%B9%D8%B5%D8%A7%D9%85-%D8%AA%D9%84%D9%8A%D9%85%D8%A9.jpeg?resize=96%2C96&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
c56945dfb0a004e4c1272f9ac7efed3740cc6faf087bba8a9992843d8dc706dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw2 102 93 443
strict-transport-security
max-age=15768000
last-modified
Wed, 12 Jul 2023 14:18:37 GMT
server
nginx/1.24.0
etag
"9ac77dee66ef6406"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1950
d0fdaf25.jpg
subscriptions.hi2free.cloud/wp-content/uploads/2022/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2022/09/d0fdaf25.jpg?resize=96%2C96&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
b5bf122a5a8be2fcd08ec646c44d655eda49fddd50aaa419679e1c7bf18f4ab3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw2 100 143 443
strict-transport-security
max-age=15768000
last-modified
Thu, 04 May 2023 01:07:42 GMT
server
nginx/1.24.0
etag
"3835e4b512c42580"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1886
Screen-Shot-2020-11-19-at-14.40.21-e1615890783621.png
subscriptions.hi2free.cloud/wp-content/uploads/2020/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2020/05/Screen-Shot-2020-11-19-at-14.40.21-e1615890783621.png?resize=96%2C96&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
b14e16d341f82b9b1af4792cdefe33e782cb8360396be9e7e4f96b08ec94c8a4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
lhr3 109 27 443
strict-transport-security
max-age=15768000
last-modified
Fri, 28 Apr 2023 20:25:11 GMT
server
nginx/1.24.0
etag
"b003af3c590059f5"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9102
e9260cc4-2de4-4518-a939-1bfa49b13772.jpeg
subscriptions.hi2free.cloud/wp-content/uploads/2000/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2000/01/e9260cc4-2de4-4518-a939-1bfa49b13772.jpeg?resize=96%2C96&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
9a41eef1cdf9c83f03487b02f4409fefcc8883cce3a2bbf913ee6c07fb80e008
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 98 228 443
strict-transport-security
max-age=15768000
last-modified
Sun, 30 Apr 2023 16:27:55 GMT
server
nginx/1.24.0
etag
"56817af3c9c1e47f"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2290
-%D8%B9%D9%84%D9%88%D8%B4--e1664271866287.jpeg
subscriptions.hi2free.cloud/wp-content/uploads/2022/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2022/03/-%D8%B9%D9%84%D9%88%D8%B4--e1664271866287.jpeg?resize=96%2C96&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
058eafbce0e211353a4ba2f64a0e3e96007d89b01a8f8a367076f2e0bc249b0f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
lhr4 109 83 443
strict-transport-security
max-age=15768000
last-modified
Sat, 29 Apr 2023 07:55:39 GMT
server
nginx/1.24.0
etag
"1c78c47372013fdd"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2855
RC2432ASICV3-1689495865.jpg
subscriptions.hi2free.cloud/wp-content/uploads/2023/07/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2023/07/RC2432ASICV3-1689495865.jpg?resize=770%2C513&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
70b8b823e5d5d6b1b16336707dc100f0aae7fe5622b410f560c87fec06dfa0be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 98 226 443
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Jul 2023 09:04:43 GMT
server
nginx/1.24.0
etag
"bbd1b37a6b292078"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
58502
RC2CM1A8OD2H-1688585347.jpg
subscriptions.hi2free.cloud/wp-content/uploads/2023/07/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2023/07/RC2CM1A8OD2H-1688585347.jpg?resize=770%2C513&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
75af253a3313295cfaa7b4288c964a11f6aa3dfadffb765ab2b9c88132814722
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 100 214 443
strict-transport-security
max-age=15768000
last-modified
Wed, 05 Jul 2023 19:33:41 GMT
server
nginx/1.24.0
etag
"0a774d2b75fd956e"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55220
fb920c1d-8e16-4460-98eb-5d66a5d1ee21.jpeg
subscriptions.hi2free.cloud/wp-content/uploads/2017/08/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://subscriptions.hi2free.cloud/wp-content/uploads/2017/08/fb920c1d-8e16-4460-98eb-5d66a5d1ee21.jpeg?resize=375%2C250&quality=80
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 /
Resource Hash
e90bb4345e5558905c85070ca994880201a9241dcf21caaa6b3f4887bd864624
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
x-rq
mdw1 98 228 443
strict-transport-security
max-age=15768000
last-modified
Sun, 16 Jul 2023 12:50:05 GMT
server
nginx/1.24.0
etag
"4978dbe9bbf019b3"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26844
analytics-browser-1.10.3-min.js.gz
cdn.amplitude.com/libs/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-1.10.3-min.js.gz
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-115-222.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15458445673fba82012b228c22995b52e1e990c00640ad0af4070c33bb5b549b

Request headers

Referer
https://subscriptions.hi2free.cloud/
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:37 GMT
content-encoding
gzip
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
x-amz-version-id
zvHDhGbwzkN23Nlp8aZqvT3F8K5f8hcz
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
24321
last-modified
Thu, 04 May 2023 05:41:38 GMT
server
AmazonS3
etag
"e8c3433e862182f22310947e7b3d22a5"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
FfqnHCA8N3A2F2ZCtZIX1IKgwT7M8V6z6xql_QTddh2_3uo9-K9HQg==
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=49&u=AgAAAAAAAACAAAE&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
stats.g.doubleclick.net/j/ 		2 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1615344-2&cid=860669918.1689514414&jid=1942482836&gjid=1080586136&_gid=1940923963.1689514414&_u=YADAAUAAAAAAACACI~&z=1740274855
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 16 Jul 2023 13:33:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&e=*&eid=48&u=AgAAAAAAAACAAAE&h=Ag&epr=2UA&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ar.json
cdn.cookielaw.org/consent/c9b6725f-7687-48ef-ad27-870859bc7b32/f9c00066-10f9-4d99-81ee-38bfe0598e85/ 		455 KB
61 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c9b6725f-7687-48ef-ad27-870859bc7b32/f9c00066-10f9-4d99-81ee-38bfe0598e85/ar.json
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
881618daf360e6f41c941a882dd2cd1381e894376987edf6c7c0f5f8b0216626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 13:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
6SIZIoIOSpAUyr+Jl5tuMg==
content-length
61832
x-ms-lease-status
unlocked
last-modified
Wed, 08 Feb 2023 17:28:49 GMT
server
cloudflare
etag
0x8DB09F9F0B4BA0A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
369ba277-401e-017c-6de4-b70386000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e7a9e272cef4bc0-BUF
expires
Mon, 17 Jul 2023 13:33:35 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.dom&eid=50&u=AgAAAAAAAACAAAE&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:35 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1615344-2&cid=860669918.1689514414&jid=1942482836&_u=YADAAUAAAAAAACACI~&z=1016155958
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
graphql
subscriptions.hi2free.cloud/ 		133 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/graphql?wp-site=aja&operationName=ArchipelagoBreakingTickerQuery&variables=%7B%7D&extensions=%7B%7D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
45a942a3685450004b12f1b690d98b4db830dcbd6d0a112f2e57db12d95866a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept
*/*
Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
original-domain
subscriptions.hi2free.cloud
wp-site
aja
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
x-rq
mdw1 111 253 443
content-encoding
gzip
strict-transport-security
max-age=15768000
server
nginx/1.24.0
x-powered-by
Express
etag
W/"85-7g2IXKSKijPnUvUsliAsxsxP53k"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=20, must-revalidate
accept-ranges
bytes
content-length
107
pubfig.min.js
a.pub.network/aljazeera-net/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/aljazeera-net/pubfig.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe83ace19af20b49a4a7bcb7c5f89255847fb7aadc9d56184646e30ef4b8e25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:37 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
ADPycdsSC-nrkoo_SmV4L5it1kMtFzyTeclzykwrCWn8JAPq6gIg3j9AMrOUQKWRweMiclRe--NO5vDQPNGMYJHJEkfNoA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 20 Jun 2023 15:55:48 GMT
server
cloudflare
etag
W/"7d6e56d0fae02a253b57b8c980102ae1"
vary
Accept-Encoding
x-goog-hash
crc32c=4+Xh+w==, md5=fW5W0PrgKiU7V7jJgBAq4Q==
x-goog-generation
1687276548679844
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
105862
cf-ray
7e7a9e2dbd8b4bc0-BUF
expires
Sun, 16 Jul 2023 14:03:37 GMT
otFlatRtl.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otFlatRtl.json
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac6d94f93af967cdc992f7aec7a550c2266b19b5e76546f8e4e912e29360bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 13:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XRd1GQx01np8mxSmmzf8Cg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3014
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:22 GMT
server
cloudflare
etag
0x8DAAB42262503C0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bd3e850c-801e-016a-3ae3-b7c218000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7e7a9e2e2d9c4bc0-BUF
otCommonStylesRtl.css
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStylesRtl.css
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb36fd03894fec67d01859d63ce79c2cc82c983b0fde655247041d3199c6dfe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jul 2023 13:33:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
EOdfo5DhM9ysqEvq1o4rSA==
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
41dce16f-401e-0177-77e3-b71bf2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
7e7a9e2e2d9d4bc0-BUF
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=51&u=AgAAAAAAAACAAAE&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=52&u=AgAAAAAAAACAAAE&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
optimize.js
www.googleoptimize.com/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K96T3RN
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
557929cda9c42ae0a80515db84238e7989cc418ba4f52352aeb551131019ed09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49627
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jul 2023 13:33:36 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 23 Jul 2023 13:33:36 GMT
js
www.googletagmanager.com/gtag/ 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-947178488&l=dataLayer&cx=c
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
243fa2e2f228fba6f0306f5717cbe39357ad86bb0a443965202ddd133a01089e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67921
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Jul 2023 13:33:36 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=53&u=AgAAAAAAAACAAAE&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.triggerGroup&eid=54&u=AgAAAAAAAACAAAE&h=Ag&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:36 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
6319531289112
edge.api.brightcove.com/playback/v1/accounts/665001584001/videos/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/665001584001/videos/6319531289112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accept
Access-Control-Request-Method
GET
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods
HEAD,GET,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Sun, 16 Jul 2023 13:33:36 GMT
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4540-YYZ
x-timer
S1689514417.866678,VS0,VE0
vtt.global.min.js
vjs.zencdn.net/vttjs/0.15.3/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.15.3/vtt.global.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-nyc-kteb1890023-NYC
date
Sun, 16 Jul 2023 13:33:36 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 18:56:37 GMT
etag
"9ab357d51e365493dab6cf243489069b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7354
x-cache-hits
2418
6319531289112
edge.api.brightcove.com/playback/v1/accounts/665001584001/videos/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.api.brightcove.com/playback/v1/accounts/665001584001/videos/6319531289112
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54856c66656eab92e6f8b7f440455b644c834b1f0b9c70bc3cd8801ed79e0327

Request headers

Accept
application/json;pk=BCpkADawqM2WV_cMXnGg7cQ_h8ZF7RlC8EyY4uVca2LT3ze4PrU4MCCuj3F7TA2rOsSXAXgLDcWKavBi2M5_R7HRDOAnsQ1OX4yzxA00cLv37ggu76kll4P_eX4
Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

bc-override-client-ip
107.189.242.70
date
Sun, 16 Jul 2023 13:33:36 GMT
powered-from
us-east-1a
bcov-request-id
c54b4bd5-347e-4f86-af96-58a881fa48c7
via
1.1 varnish
age
194
policy-key-accountid
665001584001
x-cache
HIT
powered-by
BC
content-length
1445
x-served-by
cache-yyz4540-YYZ
policy-key-raw
BCpkADawqM2WV_cMXnGg7cQ_h8ZF7RlC8EyY4uVca2LT3ze4PrU4MCCuj3F7TA2rOsSXAXgLDcWKavBi2M5_R7HRDOAnsQ1OX4yzxA00cLv37ggu76kll4P_eX4
x-timer
S1689514417.896053,VS0,VE5
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control
max-age=0, no-cache, no-store
account-status
APPROVED
accept-ranges
bytes
access-control-allow-headers
content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits
1
tracker
metrics.brightcove.com/v2/ 		35 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&event=player_init&time=1689514416652&autoplay=false&seq=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:36 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracker
metrics.brightcove.com/v2/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F665001584001%2Fvideos%2F6319531289112&time=1689514416668&autoplay=false&seq=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:36 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ 		445 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
386463a39e6688ebbd9b6573ab4c82d32fb70490071bdd4ac4551f41647bf23f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c42325ee42fbc37c7aaccace384e427a1ee5677f459601f36ba1662da8980fce

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
tracker
metrics.brightcove.com/v2/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&usage=qualityLevels!2.0.9&usage=qualityMenu!1.4.0&usage=convivaPlugin!&usage=social!3.14.0&usage=pr%3A1.00&usage=using-ad-blocker&usage=inpage-embed&event=player_load&time=1689514416813&qos.events.content.ratechange=1689514416693&qos.events.content.volumechange=%5B1689514416693%2C1689514416753%5D&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=33100000&qos.performance.memory.totalJSHeapSize=44700000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1689514415200&qos.performance.timing.domContentLoadedEventStart=1689514415173&qos.performance.timing.domInteractive=1689514415158&qos.performance.timing.domLoading=1689514413050&qos.performance.timing.responseEnd=1689514413149&qos.performance.timing.responseStart=1689514412876&qos.performance.timing.requestStart=1689514412362&qos.performance.timing.secureConnectionStart=1689514412244&qos.performance.timing.connectEnd=1689514412360&qos.performance.timing.connectStart=1689514412141&qos.performance.timing.domainLookupEnd=1689514412141&qos.performance.timing.domainLookupStart=1689514412106&qos.performance.timing.fetchStart=1689514412101&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1689514412100&qos.player.dimensions=%5B%5B1689514416813%2C%220x0%22%2C%22370x208.125%22%5D%5D&qos.player.pixelratio=%5B%5B1689514416813%2C1%5D%5D&qos.player.screendimensions=%5B%5B1689514416813%2C%221600x1200%22%5D%5D&seq=2
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:36 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracker
metrics.brightcove.com/v2/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&usage=player-loader&usage=react-player-loader&usage=inpage-embed&event=player_load&time=1689514416896&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=33100000&qos.performance.memory.totalJSHeapSize=44700000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=1689514415200&qos.performance.timing.domContentLoadedEventStart=1689514415173&qos.performance.timing.domInteractive=1689514415158&qos.performance.timing.domLoading=1689514413050&qos.performance.timing.responseEnd=1689514413149&qos.performance.timing.responseStart=1689514412876&qos.performance.timing.requestStart=1689514412362&qos.performance.timing.secureConnectionStart=1689514412244&qos.performance.timing.connectEnd=1689514412360&qos.performance.timing.connectStart=1689514412141&qos.performance.timing.domainLookupEnd=1689514412141&qos.performance.timing.domainLookupStart=1689514412106&qos.performance.timing.fetchStart=1689514412101&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1689514412100&qos.performance.bcInit=433.70000076293945&qos.player.dimensions=%5B%5B1689514416896%2C%220x0%22%2C%22370x208.125%22%5D%5D&qos.player.pixelratio=%5B%5B1689514416896%2C1%5D%5D&qos.player.screendimensions=%5B%5B1689514416896%2C%221600x1200%22%5D%5D&seq=3
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:36 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&e=*&eid=24&u=AgAAAAAAAACAAAEI&h=Ag&epr=2UA&z=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:37 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
tracker
metrics.brightcove.com/v2/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&event=catalog_response&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F665001584001%2Fvideos%2F6319531289112&time=1689514417053&response_time_ms=385&seq=4
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:37 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rules-p-DAMBunjxFvwVp.js
rules.quantcount.com/ 		130 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-DAMBunjxFvwVp.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42f82fe01d19254ab0e8b8152f5f16eddcb058f3d6278203a8c3feea3fa7f289

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:27 GMT
via
1.1 2f04b33f21912079fa9d6afaee0c5dd0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
11
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
130
last-modified
Thu, 09 Mar 2017 01:25:53 GMT
server
AmazonS3
etag
"9acbd7c9270768f47606a1fdb7b0bb11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
_ALbWFBlaFdfFhQ8SmUtZ1V2oGVbP_NelDMMS6r2glu-R1v3rldiBg==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947178488/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947178488/?random=1689514417306&cv=11&fst=1689514417306&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9971f39e901f926d6acb28c8ab479cb8abb8defb721b7c04fac88554483f6c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1366
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/947178488/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/947178488/?random=1689514417384&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&label=O6blCOKKl18Q-JfTwwM&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&gtm_ee=1&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3Dconversion%3Bcolor%3Dffffff&rfmt=3&fmt=4
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
335743971dfeaf710eb412da9fa08af16b4630e514d6d78a3a6fd0a414e5e439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1642
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.jpg
cf-images.eu-west-1.prod.boltdns.net/v1/static/665001584001/829e2b8b-18b0-4674-9465-723c144e0dba/352dc29a-d8a3-426f-90b6-d7ee4db800dc/1920x1080/match/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.eu-west-1.prod.boltdns.net/v1/static/665001584001/829e2b8b-18b0-4674-9465-723c144e0dba/352dc29a-d8a3-426f-90b6-d7ee4db800dc/1920x1080/match/image.jpg
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-80.ewr50.r.cloudfront.net
Software
/ BC
Resource Hash
f48cba86445877b77cac7a7fbe4d94326d68012ae2eadc7e72569379821ec95c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 25 Jun 2023 01:17:18 GMT
Via
1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop
EWR50-C1
X-Powered-From
gantry
X-Powered-By
BC
Age
1858579
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Length
66357
X-Amz-Cf-Id
pR47tryYID5d9lDB7Oeg9k-vH0ad8lngwAK1Ss32-9-VUNSELrtIMg==
Expires
Tue, 25 Jun 2024 01:17:18 GMT
index.m3u8
live-hls-web-aja-fa.getaj.net/AJA/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/index.m3u8
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
035857a62dfa3a5a60c66a10e023b88598fc838a308ef9012a20c5dc14c6640f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:37 GMT
via
1.1 varnish
server
Varnish
x-cache
HIT
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
accept-ranges
bytes
content-length
1759
retry-after
0
x-cache-hits
0
68fba505-01ff-4150-98ee-96100dd8f47c
https://subscriptions.hi2free.cloud/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subscriptions.hi2free.cloud/68fba505-01ff-4150-98ee-96100dd8f47c
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80b8a79436e490ab59fd011c9361dbb0203ec5fa6e14c5306f173a82ea8f0355

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
6656
Content-Type
application/javascript
432e59ad-7178-4383-ad5b-c9ba3ac03613
https://subscriptions.hi2free.cloud/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subscriptions.hi2free.cloud/432e59ad-7178-4383-ad5b-c9ba3ac03613
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e5860213cad1fab761d5e706d5689c7be724047ac398b80e8c2237ee58b5e51

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
777e626a-ced7-4e2f-8b12-9e771405cacb
https://subscriptions.hi2free.cloud/ 		87 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://subscriptions.hi2free.cloud/777e626a-ced7-4e2f-8b12-9e771405cacb
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e5860213cad1fab761d5e706d5689c7be724047ac398b80e8c2237ee58b5e51

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
88599
Content-Type
application/javascript
pixel;r=364989471;source=gtm;rf=0;a=p-DAMBunjxFvwVp;url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F;uht=2;fpan=1;fpa=P0-2000944900-1689514417089;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=...
pixel.quantserve.com/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=364989471;source=gtm;rf=0;a=p-DAMBunjxFvwVp;url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F;uht=2;fpan=1;fpa=P0-2000944900-1689514417089;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=hi2free.cloud;dst=0;et=1689514417469;tzo=0;ogl=url.https%3A%2F%2Fsubscriptions%252Ehi2free%252Ecloud%2Ctitle.%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%2Cimage.https%3A%2F%2Fsubscriptions%252Ehi2free%252Ecloud%2Fimages%2Flogo_aja_social%252Epng%2Ctype.article;ses=fcf70ff9-f547-4f2b-8bfb-de9675c496a4;mdl=
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
wsg
62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com/0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com/0/wsg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2620:10b:7001:10::108 , United States, ASN11483 (CONVIVA-AS, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, If-Modified-Since, Cache-Control
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 16 Jul 2023 13:33:37 GMT
Status
200
wsg
62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com/0/ 		158 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com/0/wsg
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2620:10b:7001:10::108 , United States, ASN11483 (CONVIVA-AS, US),
Reverse DNS
Software
/
Resource Hash
45e50e0de5a6f0e1e4e14965adf01a43a59e44709e3104cea3d76bdc796dd444

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

Status
200
Access-Control-Allow-Origin
*
Date
Sun, 16 Jul 2023 13:33:37 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Keep-Alive, User-Agent, If-Modified-Since, Cache-Control
Content-Length
158
Content-Type
application/json
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947178488/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947178488/?random=1689514417621&cv=11&fst=1689514417621&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3DAutoplay%3Bevent_category%3DBrightcove%20Video%3Bevent_label%3DLivestream%20Widget%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89b16f47abeedf73fe214c4a2e7435066b0e19c6af486260c31a7aed32d8e6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1434
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracker
metrics.brightcove.com/v2/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&time=1689514417593&event=play_request&video=6319531289112&video_name=AJA%20Livestream%20-%20Web%20-%20Fastly&custom_fields=&video_data=&video_ads_supported=true&tags=hd&tags=live&tags=livestream&media_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2Findex.m3u8&seq=5_-1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:37 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=1182478121&t=event&ni=1&_s=3&dl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Brightcove%20Video&ea=Autoplay&el=Livestream%20Widget&_u=aADAAUABQAAAACACI~&jid=&gjid=&cid=860669918.1689514414&tid=UA-1615344-2&_gid=1940923963.1689514414&gtm=457e37c0&cd15=Web&cd13=Home%20Page&jsscut=1&z=641177047
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 11:44:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
6558
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
06.m3u8
live-hls-web-aja-fa.getaj.net/AJA/ 		378 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/06.m3u8
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
10429a04b8e4bfe26c1e2d48ee0a781b96274c86e330e30074a31200b8107457

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10576-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
3
x-timer
S1689514418.737396,VS0,VE5
vary
Accept-Encoding
x-cache
HIT, HIT
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=5, public
accept-ranges
bytes
content-length
138
x-cache-hits
60, 1
tracker
metrics.brightcove.com/v2/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&time=1689514417483&event=video_impression&video=6319531289112&video_name=AJA%20Livestream%20-%20Web%20-%20Fastly&custom_fields=&video_data=&video_ads_supported=true&tags=hd&tags=live&tags=livestream&media_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2Findex.m3u8&preload=auto&qos.content.sourceMimeType=application%2Fvnd.apple.mpegurl&seq=6_0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:37 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.google.com/pagead/1p-conversion/947178488/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947178488/?random=1134917599&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%...
  • https://www.google.com/pagead/1p-conversion/947178488/?random=1134917599&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%2Fsubscriptions.hi2fr...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/947178488/?random=1134917599&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&label=O6blCOKKl18Q-JfTwwM&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&gtm_ee=1&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3Dconversion%3Bcolor%3Dffffff&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtyT3BRWVF0dV93c3VMazBhemNBUkltQUk4Vk9VSTBBOXYtWlk4bzMybDRaakFBbjR2ZGlXUFR4eWFCdE5MbENJNjJFSlg5X0NnGlhDaEFJOEtyT3BRWVE5TGZucGV2N2c2VTVFaTRBSktMYVVjNFhIaWRSbER1QjUwcll3bFdleTFLVnU2dlprSU1obmhGdmhGSVpCVnAxOUtqeWpjLXJBRGdvIhMI85DK1auTgAMVnANoCB3N9wZG&is_vtc=1&ocp_id=sfGzZLP0HZyHoPMPze-bsAQ&cid=CAQSKQBpAlJW0H_2Zd-hgcgkoVF4MZ8hcfWA-sH4wCkkXoZXZ9xJWa1EGjH9&random=4239790968
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/947178488/?random=1134917599&cv=11&fst=1689514417384&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&hl=en&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&label=O6blCOKKl18Q-JfTwwM&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&gtm_ee=1&auid=1732439467.1689514417&uamb=0&uaw=0&data=event%3Dconversion%3Bcolor%3Dffffff&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtyT3BRWVF0dV93c3VMazBhemNBUkltQUk4Vk9VSTBBOXYtWlk4bzMybDRaakFBbjR2ZGlXUFR4eWFCdE5MbENJNjJFSlg5X0NnGlhDaEFJOEtyT3BRWVE5TGZucGV2N2c2VTVFaTRBSktMYVVjNFhIaWRSbER1QjUwcll3bFdleTFLVnU2dlprSU1obmhGdmhGSVpCVnAxOUtqeWpjLXJBRGdvIhMI85DK1auTgAMVnANoCB3N9wZG&is_vtc=1&ocp_id=sfGzZLP0HZyHoPMPze-bsAQ&cid=CAQSKQBpAlJW0H_2Zd-hgcgkoVF4MZ8hcfWA-sH4wCkkXoZXZ9xJWa1EGjH9&random=4239790968
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947178488/ 		42 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947178488/?random=1689514417306&cv=11&fst=1689512400000&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=129010346&rmt_tld=0&ipr=y
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947178488/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947178488/?random=1689514417621&cv=11&fst=1689512400000&bg=ffffff&guid=ON&async=1&gtm=45be37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&frm=0&tiba=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&data=event%3DAutoplay%3Bevent_category%3DBrightcove%20Video%3Bevent_label%3DLivestream%20Widget%3Bnon_interaction%3Dtrue&fmt=3&is_vtc=1&random=2893555345&rmt_tld=0&ipr=y
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20230209T014501-06-1360850.ts
live-hls-web-aja-fa.getaj.net/AJA/ 		525 KB
526 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/20230209T014501-06-1360850.ts
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f152deb53be6212958debd28f7e70c0e5a9ab182776358f6808e8d4594a3a006

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10578-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:37 GMT
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
39
x-timer
S1689514418.918069,VS0,VE1
x-cache
HIT, HIT
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
538056
x-cache-hits
51, 1
init
d.pub.network/v2/ 		71 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=1659&env=PROD
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4fce436edab496f69371f60f5713624413cdd898b5f1b8d0fd72a0516410e867

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:38 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
nr-spa-1215.min.js
js-agent.newrelic.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding
gzip
via
1.1 varnish
date
Sun, 16 Jul 2023 13:33:38 GMT
strict-transport-security
max-age=300
x-amz-request-id
REH41XMFPHFSWRTG
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17465
x-amz-id-2
pUmhdlBQRUWbos5Ij3coocC6a2mrkQrusgeIAP5akdhig32f99Gb8YyhHFUxwJ+ySFIsPI2Fot0=
x-served-by
cache-yyz4577-YYZ
last-modified
Mon, 24 Jan 2022 22:13:54 GMT
server
AmazonS3
x-timer
S1689514418.061808,VS0,VE0
etag
"7e1862f7a390ed9fc02c299216395547"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
121
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=*&eid=59&u=AgAAAAAAAACAAAEI&h=Ag&epr=1UA.2UA&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
httpapi
api2.amplitude.com/2/ 		94 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.115.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f6f9da1decb9ee935e54f10cf01a705d45d38238a18739e61c12a369ae08bdb9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 16 Jul 2023 13:33:39 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-64b3f1b3-34675bce6d6b78c07605dcda
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.115.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-115-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Sun, 16 Jul 2023 13:33:39 GMT
strict-transport-security
max-age=15768000
fc104076d9
bam-cell.nr-data.net/1/ 		56 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/fc104076d9?a=462331462&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=6023&ck=1&ref=https://subscriptions.hi2free.cloud/&be=3058&fe=5863&dc=3083&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1689514412100,%22n%22:0,%22f%22:1,%22dn%22:6,%22dne%22:41,%22c%22:41,%22s%22:144,%22ce%22:260,%22rq%22:262,%22rp%22:776,%22rpe%22:1049,%22dl%22:950,%22di%22:3058,%22ds%22:3073,%22de%22:3100,%22dc%22:5863,%22l%22:5863,%22le%22:5864%7D,%22navigation%22:%7B%7D%7D&fp=2099&fcp=2099&jsonp=NREUM.setToken
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-nyc-kteb1890042-NYC
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 11:59:35 GMT
content-encoding
gzip
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
5645
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
h8428J-iEGnKZQOqDha1Enw41rS2cmvhp1GcJcGDxlF6wrYi0S968A==
pubfig.engine.js
a.pub.network/core/pubfig/095042adf62e8923c69e92b2e24b0fc2b26b2f25/ 		448 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/095042adf62e8923c69e92b2e24b0fc2b26b2f25/pubfig.engine.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5771dc90260898a088685aa0db0b397aaa90ca073ca5fa5c55579179d9acd3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:38 GMT
content-encoding
gzip
cf-cache-status
HIT
age
272673
x-guploader-uploadid
ADPycdvHoqfPbgPVOtaFwtrzz-4_CzRGdCGTc-HbbNpO9gW62h1yM2ykIL23ZhSruXZmKrP4IE_Lf5io5QrPTpVh2fdkQLSpZF3A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Mon, 12 Jun 2023 15:14:49 GMT
server
cloudflare
etag
W/"0a5ec7ffae6d478660537f168b82896e"
vary
Accept-Encoding
x-goog-hash
crc32c=fKueoA==, md5=Cl7H/65tR4ZgU38Wi4KJbg==
x-goog-generation
1686582889305545
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
458686
cf-ray
7e7a9e396e874bc0-BUF
expires
Sun, 16 Jul 2023 14:33:38 GMT
20230209T014501-06-1360851.ts
live-hls-web-aja-fa.getaj.net/AJA/ 		525 KB
525 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/20230209T014501-06-1360851.ts
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81f69174fafd9eaa2bee7f9252f23a37e2e620538e7a28ea57f6200155f880bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10554-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:38 GMT
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
29
x-timer
S1689514418.196618,VS0,VE6
x-cache
HIT, HIT
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
537492
x-cache-hits
2, 1
/
optimise.net/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=subscriptions.hi2free.cloud&t=desktop
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
09c33fc2893b5204f50db0dcb889c7fd68be9ae5de5e332f6037768b74967021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:39 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
fs-client-rtt
24
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
config.js
cdn.confiant-integrations.net/xo3fRB6eUC5P3ISDGKZ3MfNrX3M/gpt_and_prebid/ 		108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/xo3fRB6eUC5P3ISDGKZ3MfNrX3M/gpt_and_prebid/config.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f978eba1c763836365baf9bee0b7ed0e1fbfaf1de52f6f4842aa208ffd16504

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 11:15:32 GMT
server
cloudflare
x-amz-request-id
81Q9R128V8QDJVV1
etag
W/"609fe2ccda7a1560447f43077c18217d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7e7a9e40bcc34bbb-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4EWPFsWHQ+AritPVX0+9QQG6RBovaufqvrwbhEhutiqkh4vGU8YH8j2Q5TgOFwAR1O+VSMIuWXY=
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a797e7e09b11a1bbfeec51cc6661c068a744d37a0ecb64b0dfe925249739b7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27644
x-xss-protection
0
server
cafe
etag
979 / 19554 / m202307100101 / config-hash: 3977741291496309648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 13:33:39 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
476 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1763e11b4302396d6a0c6906f2281ef1999a7065474fc8844cc72a02e43ec21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 16 Jul 2023 13:14:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1107
etag
W/"6bca14b2a1fb3d5475f37a05ba93a5a2"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWCirf8PqccM6DJS400VjiSjxHOzxqmdY1Wgc2QuH4iBsubv9zWIgxZ%2FMlbEEclcajrWKTBPnvrqafgktoGhHGYFceWPzHWbdqo5qF4y5xVholUycrgkQ8BzBJ0K2Pd4WkMArlhV8Zjt9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7e7a9e428b4c8c81-EWR

Redirect headers

date
Sun, 16 Jul 2023 13:33:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KndYh0gAfftn976BqZG9fusYe%2BSJpdtL7KphPoFK9y5YYyi3rDIu%2FfiwgW582%2F%2B3kI%2Fusv9JVg%2Bd23h7RrXOTtuielu1mzm%2FQys1Rarm7lv5dDkQ7Fh7Kax3abFAN1AEfvph5%2FZqU2Bg0dtx5wbV4UBRTo7F%2FTQvTd16Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
7e7a9e40c9b643a7-EWR
expires
Sun, 16 Jul 2023 14:33:39 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&ref=&_it=freestar&partner_id=474
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
D9H0BKD49BT4VXPH
age
1729
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7e7a9e40c8a04376-EWR
x-amz-id-2
NYMqTPppEBiG4bbM2+rgByDV6NSeJDUeioacPP/TyAP0fbAmvOO4RCVRrzA/p/xpSBZuJnb15Hs=
prebid-analytics-7.48.2.js
a.pub.network/core/ 		593 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.48.2.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7468c8590db5b9d0bf5301cbe0f6ab2825cd7425b8afdf0fc1f219cddfea50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:38 GMT
content-encoding
gzip
cf-cache-status
HIT
age
52987
x-guploader-uploadid
ADPycduaoyzgaiBOEAutv_SdyZ3svnGIKOgSXLSY3d3pVZZM1JXA_rnRpGHgT9U9OXUbtWIRmuXdZRRwnVmHA-wscYAFFQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 31 May 2023 19:58:10 GMT
server
cloudflare
etag
W/"d9426714d573a19f2e5851f8dba89346"
vary
Accept-Encoding
x-goog-hash
crc32c=9WAIIw==, md5=2UJnFNVzoZ8uWFH426iTRg==
x-goog-generation
1685563090540655
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
607426
cf-ray
7e7a9e3b7ea74bc0-BUF
expires
Mon, 17 Jul 2023 13:33:38 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-1615344-2&v=3&t=t&pid=538428011&cv=1&rv=37c0&tc=1&es=1&e=gtm.load&eid=60&u=AgAAAAAAAACAAAEI&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:38 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=subscriptions.hi2free.cloud&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sun, 16 Jul 2023 13:33:39 GMT
expires
0
fs-client-rtt
24
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
tracker
metrics.brightcove.com/v2/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&time=1689514419472&usage=hls-timestamp-offset%2Cvariant%253Aar%2Cvhs-timestamp-offset&event=video_engagement&player_height=208&player_width=370&video_duration=0&rendition_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2F06.m3u8&rendition_indicated_bps=428640&rendition_mime_type=application%2Fvnd.apple.mpegurl&rendition_height=240&rendition_width=426&media_requests=1&media_transfer_duration=123&media_bytes_transferred=538056&measured_bps=34995512&media_seconds_loaded=20&rebuffering_seconds=1.7&video=6319531289112&video_name=AJA%20Livestream%20-%20Web%20-%20Fastly&custom_fields=&video_data=&video_ads_supported=true&tags=hd&tags=live&tags=livestream&media_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2Findex.m3u8&qos.bitrates=%7B%22bitrates%22%3A%5B%5D%2C%22playlists%22%3A%5B%5D%2C%22rendered%22%3A%5B%5B1689514419460%2C428640%5D%2C%5B1689514419460%2C428640%5D%5D%2C%22throughput%22%3A%5B%5D%7D&qos.events.content.durationchange=%5B1689514417483%2C1689514417890%5D&qos.events.content.loadstart=1689514417484&qos.events.content.play=1689514417593&qos.events.content.waiting=1689514417679&qos.events.content.resize=1689514418174&qos.events.content.loadedmetadata=1689514418175&qos.player.dimensions=%5B%5B1689514418174%2C%220x0%22%2C%22370x208.125%22%5D%2C%5B1689514418175%2C%220x0%22%2C%22370x208.125%22%5D%5D&qos.player.pixelratio=%5B%5B1689514418174%2C1%5D%2C%5B1689514418175%2C1%5D%5D&qos.player.screendimensions=%5B%5B1689514418174%2C%221600x1200%22%5D%2C%5B1689514418175%2C%221600x1200%22%5D%5D&qos.frames.dropped=0&qos.frames.corrupted=0&qos.frames.total=4&seq=7_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:39 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics.min.js
a.pub.network/core/analytics/1.1.1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.1.1/analytics.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
323297
x-guploader-uploadid
ADPycdtL-d1ypYlWRA8uXKLY6itJWNdp5-rIwtvaRFxWHZrtXMPi0-fZbIp1gyAhpCSph8ftX7IZpX1GvesWlUUfhW9w9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 21 Mar 2023 16:29:06 GMT
server
cloudflare
etag
W/"9faa51c72267d7040ea861c2a59c266f"
vary
Accept-Encoding
x-goog-generation
1679416146332026
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
13155
cf-ray
7e7a9e41ff1f4bc0-BUF
expires
Sun, 16 Jul 2023 14:33:39 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689514419506&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&c8=%D8%A7%D9%84%D8%AC%D8%B...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689514419506&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&c8=%D8%A7%D9%84%D8%AC%D8%...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689514419506&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&c8=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&c9=
Protocol
H2
Server
18.164.96.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-43.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
uv2-9ScP9WCFaTuS9ZuOJuNsth0E8VZInIW1DwpbVUqfazSZOA5FRg==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 16 Jul 2023 13:33:39 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1689514419506&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&c8=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&c9=
content-length
0
x-amz-cf-id
XF1XgtT5cc5fDYGcHByJpyu-vRDXe6hQihuEkVY_unL-DrrDe4S9YA==
tracker
metrics.brightcove.com/v2/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&time=1689514419477&event=video_view&load_time_ms=1994&start_time_ms=1829&video=6319531289112&video_name=AJA%20Livestream%20-%20Web%20-%20Fastly&custom_fields=&video_data=&video_ads_supported=true&tags=hd&tags=live&tags=livestream&media_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2Findex.m3u8&seq=8_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:39 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=subscriptions.hi2free.cloud&url=https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7e7a9e42ed4b8cb9-EWR
content-length
0
content-type
application/json
date
Sun, 16 Jul 2023 13:33:39 GMT
debug
OPTIONS block
expires
Mon, 15 Jul 2024 13:33:39 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		98 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=subscriptions.hi2free.cloud&url=https://subscriptions.hi2free.cloud/
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb1bf05d844dae8563f0996e492392a9ddcc1cd1ae61fd5fcb486309eba4c3f

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7e7a9e433d988cb9-EWR
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 12:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4317
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127471
x-xss-protection
0
server
cafe
etag
16392902606907886609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 15 Jul 2024 12:21:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		49 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subscriptions.hi2free.cloud
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1cd78d1deedc819349009b3933e20bd08a32eff85a6bbe0d54d5aa19951c535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Sun, 16 Jul 2023 13:33:39 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305161109/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 15:12:41 GMT
server
cloudflare
x-amz-request-id
E590K39KCDJ6XAHT
age
505679
etag
W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7e7a9e428cd14bbb-BUF
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xWpL2y7a31ypQ2VWzoLvHh+PEH1qA+uO6IhzoBxc0oK0Uvxs875f+rWTl+nDWMEu1nxYwTe5h9qMWXcf4kcQA2IoUQD4K9NiYK2mv0wXH2w=
fc104076d9
bam-cell.nr-data.net/events/1/ 		24 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/fc104076d9?a=462331462&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=7582&ck=1&ref=https://subscriptions.hi2free.cloud/
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:39 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-nyc-kteb1890042-NYC
20230209T014501-06-1360852.ts
live-hls-web-aja-fa.getaj.net/AJA/ 		523 KB
523 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/20230209T014501-06-1360852.ts
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e48626b1c9493ac25cdf5945c17862c55dbea0f8433e1db5d1871ab4005e9a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10557-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:39 GMT
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
20
x-timer
S1689514420.709989,VS0,VE2
x-cache
HIT, HIT
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
535424
x-cache-hits
12, 1
state
api.btloader.com/mw/ 		0
102 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 16 Jul 2023 13:33:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
234640
x-guploader-uploadid
ADPycdszkiGnM0Myw_lJGglmgMK31ZIBooGZkbj8gGCYbZtLlpmODm3uEGUibZx_IoGp92pBK4f997J93qRhguPastp5Uw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77%2BhK2XEY37FM7CmyBbhr0j4D3PzPJSc1i6UcoP8Lc4HrEWH61E5gFpj9tk7tNzGQrtBcd3dah0cSKXsMrxkz%2Faqol98Lx%2BH9NpqakvrTHSh73WuIVCD6WAjWjL9T9Itwr6CI4BBIaVgjRyn9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7e7a9e44e9cf8c2a-EWR
expires
Thu, 13 Jul 2023 20:28:14 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 07:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22394
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 07:20:25 GMT
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6950706482206128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
234640
x-guploader-uploadid
ADPycdszkiGnM0Myw_lJGglmgMK31ZIBooGZkbj8gGCYbZtLlpmODm3uEGUibZx_IoGp92pBK4f997J93qRhguPastp5Uw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LKXytfACKRfj0GroGwZr7mC0Ult0HHfgPMz3599puyfsAAkV3vQImoNSkMUtPXae1zwQARgzUaa6M%2F%2BQjDI5pKhiBg%2FwPRxJOItOHsS9%2F13rZxdwCkXvh8SXCouBWWQ4n4k264EoKt2xCnDzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7e7a9e44e9d18c2a-EWR
expires
Thu, 13 Jul 2023 20:28:14 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&domain=subscriptions.hi2free.cloud&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 16 Jul 2023 13:33:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
293842
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		236 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:27:19 GMT
content-encoding
gzip
via
1.1 9c6666844f92bfc6b8685747b641abc6.cloudfront.net (CloudFront), 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:22 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
382
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IpngXmpvCpuJ7XUg59ZuLIN62O-emXCErQsO7gC-x6k2WHmYI1envA==
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&domain=subscriptions.hi2free.cloud&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=hxTVtnx0YjFERkRaakZneTFKakhBaWp1SnRHNCtkcjVhZm1QNFdZVDVoZWQvYnZhQzVWQ1RwTHlEK090dmhlUzlzVlZWMDVIWjNHcVNQRUt1T1duekJMT2tMQ0Q0VUJmVG1ETFBjeWlWZnYrYUVvdFh5V0xaTW1JMHRPTm...
357 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hxTVtnx0YjFERkRaakZneTFKakhBaWp1SnRHNCtkcjVhZm1QNFdZVDVoZWQvYnZhQzVWQ1RwTHlEK090dmhlUzlzVlZWMDVIWjNHcVNQRUt1T1duekJMT2tMQ0Q0VUJmVG1ETFBjeWlWZnYrYUVvdFh5V0xaTW1JMHRPTmNCU1NIMWZidU1yZHp4cU1HV1RFeW1vS1MzZUE4dnQxVGREdGpENXBiMjB6ZVFXZUtCckoyelhUbkpDZlFKNmhYSmR5emQzRUtTTWlRRkVnSlRKWTl0Q2VhcTJsU0gzSkp1VWRDTjlQeDlmemdQS0M4ZDMwRUE5eGUyNXc5dzBNQWlBNmZ3Rld2fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c6fcb6d1b0b66adddd96da567a815b9cbf0cb8de8dc5edc665d1ad92b0a3db63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1023488
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://subscriptions.hi2free.cloud
location
https://mug.criteo.com/sid?cpp=hxTVtnx0YjFERkRaakZneTFKakhBaWp1SnRHNCtkcjVhZm1QNFdZVDVoZWQvYnZhQzVWQ1RwTHlEK090dmhlUzlzVlZWMDVIWjNHcVNQRUt1T1duekJMT2tMQ0Q0VUJmVG1ETFBjeWlWZnYrYUVvdFh5V0xaTW1JMHRPTmNCU1NIMWZidU1yZHp4cU1HV1RFeW1vS1MzZUE4dnQxVGREdGpENXBiMjB6ZVFXZUtCckoyelhUbkpDZlFKNmhYSmR5emQzRUtTTWlRRkVnSlRKWTl0Q2VhcTJsU0gzSkp1VWRDTjlQeDlmemdQS0M4ZDMwRUE5eGUyNXc5dzBNQWlBNmZ3Rld2fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
538174
content-length
0
expires
0
rid
match.adsrvr.org/track/ 		109 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
0be63a5b987016d375429d6f06733ac868ccf7f48a2fab0aee31589e9a0b0be4

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 15 Aug 2023 13:33:40 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WFKEPR3HG4&gtm=45je37c0&_p=1182478121&cid=860669918.1689514414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dt=%E2%80%8F%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%E2%80%8F&dl=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&sid=1689514413&sct=1&seg=1&en=page_view&_ee=1&ep.dimension15=Web&ep.dimension13=Home%20Page&_et=1052
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-WFKEPR3HG4&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:4cb8:1820:80ca:50f7 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 23 Jul 2023 13:33:40 GMT
20230209T014501-06-1360853.ts
live-hls-web-aja-fa.getaj.net/AJA/ 		523 KB
524 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/20230209T014501-06-1360853.ts
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b7a74e469f4007b5a1599722e528f3c5ca1cdae1de7b16caaa4c5d5ddf71d5c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10552-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:40 GMT
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
10
x-timer
S1689514420.157835,VS0,VE2
x-cache
HIT, HIT
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
535988
x-cache-hits
19, 1
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsubscriptions.hi2free.cloud&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e3f5130c846dd2b8362310a320f23c7f7969ac5cc50143e5d39ec4355a498597

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1037
x-amz-cf-id
rQDzFL-Dne95OU9YaaWaUFjKTRNWRrM5ZuL1JMCMc1ISW95cv6ju1A==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hxTVtnx0YjFERkRaakZneTFKakhBaWp1SnRHNCtkcjVhZm1QNFdZVDVoZWQvYnZhQzVWQ1RwTHlEK090dmhlUzlzVlZWMDVIWjNHcVNQRUt1T1duekJMT2tMQ0Q0VUJmVG1ETFBjeWlWZnYrYUVvdFh5V0xaTW1JMHRPTmNCU1NIMWZidU1yZHp4cU1HV1RFeW1vS1MzZUE4dnQxVGREdGpENXBiMjB6ZVFXZUtCckoyelhUbkpDZlFKNmhYSmR5emQzRUtTTWlRRkVnSlRKWTl0Q2VhcTJsU0gzSkp1VWRDTjlQeDlmemdQS0M4ZDMwRUE5eGUyNXc5dzBNQWlBNmZ3Rld2fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 16 Jul 2023 13:33:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
307003
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&pid=I5MqmuE8IXYbk&cb=0&ws=1600x1200&v=23.612.1758&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-33920387172%22%2C%22s%22%3A%5B%22300x200%22%2C%22250x250%22%2C%22300x250%22%2C%22300x333%22%2C%22250x360%22%2C%22240x400%22%2C%22300x400%22%2C%22300x420%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2C5287%2Faljazeeranet_left_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C651%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
MCWDYJN45YR0F5NXY49S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0xykOakqvwZ2l5luY6Vptowdvf7EdLAJ92JSpDAW0gl1HikYsIp-Qg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&pid=I5MqmuE8IXYbk&cb=1&ws=1600x1200&v=23.612.1758&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-393027584444%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C5287%2Faljazeeranet_leaderboard_mid%22%7D%5D&schain=1.0%2C1!freestar.com%2C651%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-32.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
V1Y27RNBK9HY430JWS0Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
WgVAuF-6UQAxP_JXJ_N4pdgcMKn0QmRUfDB9kzULmAucEZPRG6pb7A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rR5GH411e6LhBdlNr0lmjWOVeVX_WqxwXI2xb9C5-bXte4GiwEQy_A==
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fdc1529a023ad44ec7cf1bda79b7bda73eb1a1ac083f1137df06319eab596687

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
rtd
id.hadron.ad.gt/api/v1/ 		27 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
7e7a9e47093a8cb9-EWR
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
7e7a9e4709418cb9-EWR
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.50.109 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-50-109.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sun, 16 Jul 2023 13:48:40 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
QE25AP5B0A1SX8VA
age
3532
etag
W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7e7a9e49b9e24366-EWR
x-amz-id-2
H1HtQ7Y3PMReoGQrKfEbqSb1ob9cq5WD2ExAlV0uXQZW67AicNYC+DQ/40jjyjBaFXK5VR63cLI8IxW+gcCVbw==
cookie_sync
s2s.t13.io/ 		2 KB
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
759e04eaa9539d3a3ae4a443f791936280919bc7380eaad0b5a77dd9c338e620

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
592
expires
0
auction
s2s.t13.io/openrtb2/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
50301c75f19849b98e507b09634c522d2f5a89e3f4dfaa78792f6e577129a4ce

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2221
expires
0
prebid
prebid.media.net/rtb/ 		338 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1e813fc6a9f53055f214e73372bea159b2dd5b80ba96cc3276f84b368ccaba6e

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 16 Jul 2023 13:33:40 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f3730a02&cmd=bid&req=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&eidaudigent.com=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy&eidpubcid.org=491fcae1-5230-454f-896d-3a13f9b4d93d&eidadserver.org=a236f525-c1e6-4768-a469-4b87cf809c0d&secure=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e9c405ffee2e699c1329a296dac6db2e29484c347e31c4d163d6f452f4fb7707

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319471d01dd0b17&cmd=bid&req=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&eidaudigent.com=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy&eidpubcid.org=491fcae1-5230-454f-896d-3a13f9b4d93d&eidadserver.org=a236f525-c1e6-4768-a469-4b87cf809c0d&secure=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
5ec34cd5c7043332a37e8854ff8a76e2aac0044af00449bfd15009cd763d5e05

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
content-length
80
/
colossusssp.com/ 		2 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.247.192.254 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://subscriptions.hi2free.cloud
Date
Sun, 16 Jul 2023 13:33:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fdc1529a023ad44ec7cf1bda79b7bda73eb1a1ac083f1137df06319eab596687

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 16 Jul 2023 13:33:40 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7e7a9e46c8da8cb9-EWR
content-length
0
content-type
application/json
date
Sun, 16 Jul 2023 13:33:40 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7e7a9e46c8e08cb9-EWR
content-length
0
content-type
application/json
date
Sun, 16 Jul 2023 13:33:40 GMT
debug
rtd-nx-ny
server
cloudflare
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 16 Jul 2023 13:33:40 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4463217233626802&correlator=3932991338040383&eid=31072020&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&iu_parts=15184186%3A5287%2Caljazeeranet_left_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x200%7C250x250%7C300x250%7C300x333%7C250x360%7C240x400%7C300x400%7C300x420%7C300x600&ifi=1&adks=1725958395&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3Daljazeeranet_left_sticky%26fs_ad_product%3Dbanner%26amznbid%3D1%26amznp%3D1%26fsbid%3Dtimeout&eri=5&cust_params=user-agent%3DChrome%26fs_session_id%3Ddb96bbb7-9fc8-43d0-aba3-2e7e6141068a%26fs_pageview_id%3D630c6a1d62887cd10a69aa727992fee1%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D24%26fs_clientservermask%3D23233333323333223221%26fs_testgroup%3Doptimised&sc=1&cookie_enabled=1&cdm=subscriptions.hi2free.cloud&abxe=1&dt=1689514420843&dlt=1689514413050&idt=6861&adxs=285&adys=2434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.aljazeera.net%2F%20&loc=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&frm=20&vis=1&psz=370x0&msz=370x0&fws=516&ohw=370&ga_vid=860669918.1689514414&ga_sid=1689514421&ga_hid=1182478121&ga_fc=true
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd6d8cf6d9e28cec957d487e58e4a20f5f61dfc11213eaad47e8ece23b7eead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12095
x-xss-protection
0
google-lineitem-id
5541932768
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378997085
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307100101&st=env
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cd9c5a3055c9f3435de302cdb9fd07878ba01b5d487834cd5119fc37e97666b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11788
x-xss-protection
0
container.html
a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE68 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:41 GMT
expires
Mon, 15 Jul 2024 13:33:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
s2s.t13.io/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f...
  • https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=gd910640c7418fd4a70e&gdpr=&gdpr_consent=&us_privacy=
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=gd910640c7418fd4a70e&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://s2s.t13.io/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=gd910640c7418fd4a70e&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
auction
s2s.t13.io/openrtb2/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
cb3023872e04fc84eaae1031562a6c732f59b131293efe3802084aaf2fe362f0

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.119.0
content-type
application/json
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2222
expires
0
/
colossusssp.com/ 		2 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.247.192.254 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://subscriptions.hi2free.cloud
Date
Sun, 16 Jul 2023 13:33:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
prebid.media.net/rtb/ 		338 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c7a6917529f7f26998e6eb7e4f0cf3c83bf8c434da74efa35dc491003ed35c97

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 16 Jul 2023 13:33:40 GMT
bid-request
a.teads.tv/hb/ 		16 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.101.144 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-101-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 16 Jul 2023 13:33:41 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9694120174744413194708f0170a00&cmd=bid&req=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&eidaudigent.com=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy&eidpubcid.org=491fcae1-5230-454f-896d-3a13f9b4d93d&eidadserver.org=a236f525-c1e6-4768-a469-4b87cf809c0d&secure=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
bcdf8bb1a4e21c488b42766d1847d2026a56fd82eac8fb15a46c2a3df1a39da3

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a969412017474441319470184320795&cmd=bid&req=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&eidaudigent.com=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy&eidpubcid.org=491fcae1-5230-454f-896d-3a13f9b4d93d&eidadserver.org=a236f525-c1e6-4768-a469-4b87cf809c0d&secure=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
8dec82336782450801b5279370164bd030b33c91346bc30cd2901fc853d690fc

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df35500551&pos=8a9698b40175759a19619dee240d0031&cmd=bid&req=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&eidaudigent.com=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy&eidpubcid.org=491fcae1-5230-454f-896d-3a13f9b4d93d&eidadserver.org=a236f525-c1e6-4768-a469-4b87cf809c0d&secure=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
2f2ade5159c1207f6679a59f8a82baa0aa1c988e9c06ee81e49ad1a4971ec10a

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
content-length
79
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 13:33:41 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
ee28b6c375e985329de7a899d154b39bd704cc2d9338c347c73281e93fa34e2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://subscriptions.hi2free.cloud
date
Sun, 16 Jul 2023 13:33:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4463217233626802&correlator=3932991338040383&eid=31072020&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fifs&iu_parts=15184186%3A5287%2Caljazeeranet_leaderboard_mid&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=2869597148&sfv=1-0-40&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_placementName%3Daljazeeranet_leaderboard_mid%26fs_ad_product%3DlazyLoad%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26hb_auction_id%3D686e1282-1b47-4cd2-bd79-4b215a2a6f3d%26freestar_path%3D%252F%26freestar_domain%3Daljazeera.net%26custom_bidder_size%3Dttdfsx_728x90%26hb_format%3Dbanner%26hb_adid%3D917f328bc9ab924%26hb_bidder%3Dttdfsx%26hb_size%3D728x90%26hb_pb%3D0.05&eri=5&cust_params=user-agent%3DChrome%26fs_session_id%3Ddb96bbb7-9fc8-43d0-aba3-2e7e6141068a%26fs_pageview_id%3D630c6a1d62887cd10a69aa727992fee1%26fs_used_optimise%3Dtrue%26floors_user%3D1%26floors_rtt%3D24%26fs_clientservermask%3D23233333323333223221%26fs_testgroup%3Doptimised&sc=1&cookie_enabled=1&cdm=subscriptions.hi2free.cloud&abxe=1&dt=1689514421255&dlt=1689514413050&idt=6861&adxs=436&adys=962&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.aljazeera.net%2F%20&loc=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&ga_vid=860669918.1689514414&ga_sid=1689514421&ga_hid=1182478121&ga_fc=true
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5c385ae7358a5ffc108c997ad04a842bcb541ffc4444dc922a275d74b8252e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12026
x-xss-protection
0
google-lineitem-id
5541932768
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378987458
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 96CC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
121337
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 03:51:24 GMT
expires
Sun, 14 Jul 2024 03:51:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6E14 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
feeaf9824ea9e629efb766eba7809db81a60968ec9380fdb266bf59258cadf7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Goup710K7jnyrdbnRNSCDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-Goup710K7jnyrdbnRNSCDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:41 GMT
expires
Sun, 16 Jul 2023 13:33:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cm
u.openx.net/w/1.0/ Frame DFA6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdp...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%...
890 B
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6e2a711d626909216e2ef18157066decfc3c3cc49fcaa83b10bbfeb8cb1f674c

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
559
content-type
text/html
date
Sun, 16 Jul 2023 13:33:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 16 Jul 2023 13:33:41 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 1C40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlAMgStnWK79OivyeNmYjSuIas-OiVm_mtDTqvqryl3PlF5Nt0JAXCk_oDtAxGgV1-dzvJGC7Mv7P8o1xwLfq6YZAsevrhJd3tlvDzfeWPAS_1tzfv315fAwHo6shqGTkxp-SbChuV54EVQnohgl_aJqJJKAcbPduaq2NNcRFwjPzVkrJv2IllBQbkpV0EB74D0JD1kotyHeZssf7SwJYmhvMTAzqzhF3tXelx2rI5LM8QSNbE4S4CtuEATcy2jqFgUDroYhD1ZzCx10Wq0yOTUxlZYs18GVrre0-6AppUJDkJir3WBg0wjrz04bQiZ1e_Aqqq9UIxLKdZLVY-qFdRL-iXE5HdUStvHLM9eVtNtLsJ&sai=AMfl-YQ4TSpplNAtPmakbLAnQCVz1J8mNp2YVDPlvGiAv7mfEr-qIN-n3ZBZ7DIvKGxoRMqAWLPRTQVvoRJ7gbm4Sk5LZSKnSKtwlUwwkulTMH63vL6u31go3hP8FSXWSSY&sig=Cg0ArKJSzFXSYjV54VWtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1C40 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1edd5e4886725c081167b928f272037d70466412edb802a54ea00d90dba15440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27644
x-xss-protection
0
server
cafe
etag
907 / 19554 / m202307100101 / config-hash: 3977741291496309648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 13:33:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C40 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 13:33:41 GMT
pixel
protected-by.clarium.io/ Frame 1C40 		68 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_eG8zZlJCNmVVQzVQM0lTREdLWjNNZk5yWDNNLzI2OTE2ODA1NTY6MzAweDYwMA==&v=5&s=v31h5fegb8d&id=eyJkZnAiOnsiYWQiOjQ4Njg1NDEyNjcsImMiOjEzODM3ODk5NzA4NSwibCI6NTU0MTkzMjc2OCwibyI6MjY5MTY4MDU1NiwiQSI6Ii8xNTE4NDE4Niw1Mjg3L2FsamF6ZWVyYW5ldF9sZWZ0X3N0aWNreSIsInkiOjAsImNvIjowLCJzIjoiZGl2LWdwdC1hZC0zMzkyMDM4NzE3MiJ9fQ%3D%3D&cb=6198762&h=subscriptions.hi2free.cloud&d=eyJ3aCI6ImVHOHpabEpDTm1WVlF6VlFNMGxUUkVkTFdqTk5aazV5V0ROTkx6STJPVEUyT0RBMU5UWTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyNjkxNjgwNTU2LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.226.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-226-204.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ Frame 1C40 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 12:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
4319
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127471
x-xss-protection
0
server
cafe
etag
16392902606907886609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 15 Jul 2024 12:21:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 1C40 		49 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subscriptions.hi2free.cloud
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1cd78d1deedc819349009b3933e20bd08a32eff85a6bbe0d54d5aa19951c535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Sun, 16 Jul 2023 13:33:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307100101&jk=4463217233626802&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
setuid
s2s.t13.io/ Frame DFA6 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=9cbb0d34-32bb-0bcf-2242-6987069d42cc
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame DFA6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZLPxtQAAAaRLpQAN
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZLPxtQAAAaRLpQAN&_test=ZLPxtQAAAaRLpQAN
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZLPxtQAAAaRLpQAN&_test=ZLPxtQAAAaRLpQAN
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4520-YYZ
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1689514422.933785,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZLPxtQAAAaRLpQAN&_test=ZLPxtQAAAaRLpQAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
31a2e4bf-1b88-aa6f-7819-bf6778914d08
pr-bh.ybp.yahoo.com/sync/openx/ Frame DFA6 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/31a2e4bf-1b88-aa6f-7819-bf6778914d08?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:8254:be27:a710:e85f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame DFA6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fdb3fe86-978e-83dc-89c0-2b05eff54ba1
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fdb3fe86-978e-83dc-89c0-2b05eff54ba1&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fdb3fe86-978e-83dc-89c0-2b05eff54ba1&dcc=t
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1N6ESXRYGR8Q8W8ZXYJZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RE8P5BK8Z2FBTEZ2MKG8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fdb3fe86-978e-83dc-89c0-2b05eff54ba1&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DFA6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a56582fb-8b24-3826-49ce-a99287c68041&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=a56582fb-8b24-3826-49ce-a99287c68041&gdpr=0&gdpr_consent=
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=a56582fb-8b24-3826-49ce-a99287c68041&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=a56582fb-8b24-3826-49ce-a99287c68041&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame DFA6 		170 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODkwYTUxMzEtNDI1My02NjgyLTVjMmUtZjMyYjRkMjQ0ZTIx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DFA6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwMXdJ8ZrppOG9R824jNS4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwMXdJ8ZrppOG9R824jNS4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELwMXdJ8ZrppOG9R824jNS4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 1C40 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5716dce83da5cfb5cb47c7ded58494dc459b262b1e24bd8021f10a8753bc0dba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
882.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
9a1d154afa039eb904671d1b89c903a20b481e70b3e6a5a5a88eb7c79f8a291b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 6339 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvom3smoVA83PaoRot6gWRgV0gY837NTcqjJv88ClcDSUjR41-XGhJGtSuaIpUIdf04x-4Wqdwa7_fRdND-sqHVJ8uItqMNzgy2gY9DEE3EmUqDcL6c833Vh_CDkDBdvlyjPuXfm3OIgUWhdXgZ7Y-BeIpPht47DmcUFcbhD_y1lcm__lBm1m8YLnZ8cftShYq6GPOCJWf3wOoZK_-UsNOlHXt6zajDfO0CiNN41Vko5eZovBXDVoTjU_lsbPoaAr2gOZrfNJa6XKf1czoeK7BcCWIj_ZTucToxSRSHFNOpl9ETRtInI4gllSXBBrhcM0ozmrUaAmbnoWqkODljRmZQP3RT9RGUZhBoRTmGpOrzY5etFIhaRQ&sai=AMfl-YQxBWBQ2j1X8SkyEmwDhpbkX_3C7EQAzCPpROvAStnqbt2P5luexOAlInKs7Jl81fzzzyeGpHmg2DcLSzkruBb7QKEeN-Z7KzFjKKChkco0sdeOOFpDPXVguD14Wd4&sig=Cg0ArKJSzAhy92EDOvYhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6339 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b06ab1078c240dc6e4f7a06d7717c38667f9c1a02cb1122d51e82a1222d647c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27647
x-xss-protection
0
server
cafe
etag
700 / 19554 / 31076034 / config-hash: 3977741291496309648
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jul 2023 13:33:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6339 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Jul 2023 13:33:41 GMT
pixel
protected-by.clarium.io/ Frame 6339 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_eG8zZlJCNmVVQzVQM0lTREdLWjNNZk5yWDNNLzI2OTE2ODA1NTY6OTcweDkw&v=5&s=v31h5fegbkh&id=eyJkZnAiOnsiYWQiOjQ4Njg1NDEyNjcsImMiOjEzODM3ODk4NzQ1OCwibCI6NTU0MTkzMjc2OCwibyI6MjY5MTY4MDU1NiwiQSI6Ii8xNTE4NDE4Niw1Mjg3L2FsamF6ZWVyYW5ldF9sZWFkZXJib2FyZF9taWQiLCJ5IjowLCJjbyI6MCwicyI6ImRpdi1ncHQtYWQtMzkzMDI3NTg0NDQ0In19&cb=1401967&h=subscriptions.hi2free.cloud&d=eyJ3aCI6ImVHOHpabEpDTm1WVlF6VlFNMGxUUkVkTFdqTk5aazV5V0ROTkx6STJPVEUyT0RBMU5UWTZPVGN3ZURrdyIsIndkIjp7Im8iOjI2OTE2ODA1NTYsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.226.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-226-204.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:41 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 96CC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 13:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
172914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 13:31:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1C40 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=250149695076439&correlator=821562109000231&eid=31076048%2C31075594&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fif&iu_parts=187334984%3A5287%2CAlJazeera-Display%2CAJ-Display-300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=1&adks=1042751368&sfv=1-0-40&sc=1&cookie=ID%3D8c3809f4c9d493a7%3AT%3D1689514421%3ART%3D1689514421%3AS%3DALNI_MZcHqODxXUw8w_ZuxAxBkifeAeCtQ&gpic=UID%3D00000cca8ea8ae25%3AT%3D1689514421%3ART%3D1689514421%3AS%3DALNI_MYXG6Plyf8u05n0bDALKxr-mryxYw&abxe=1&dt=1689514422197&lmt=1689514422&dlt=1689514421399&idt=553&adxs=250&adys=2434&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=pws9j3rhmqj1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&ref=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&top=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&frm=23&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=860669918.1689514414&ga_sid=1689514422&ga_hid=846275632&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69a7dedd57e39117d27245dc511f080ec25ce663a3717a561baba908f6e3be40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12745
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:42 GMT
expires
Mon, 15 Jul 2024 13:33:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fdc1529a023ad44ec7cf1bda79b7bda73eb1a1ac083f1137df06319eab596687

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 16 Jul 2023 13:33:42 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
truncated
/ Frame 6339 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
489ad77f385273b101db46dc83e0d4a361eda2c7f201c8a51298fa1bcd8e1a87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/ Frame 6339 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
68225
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127471
x-xss-protection
0
server
cafe
etag
16392902606907886609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 14 Jul 2024 18:36:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 6339 		49 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subscriptions.hi2free.cloud
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1cd78d1deedc819349009b3933e20bd08a32eff85a6bbe0d54d5aa19951c535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Sun, 16 Jul 2023 13:33:42 GMT
/
ce.lijit.com/beacon/prebid-server/ Frame 1FDD
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%2...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%2...
  • https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%2...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ec45ddba29652fe196fcb5ca57089074c821afa9612648e4b2e35b3cf79d3d2e

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
730
Content-Type
text/html
Date
Sun, 16 Jul 2023 13:33:42 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Sun, 16 Jul 2023 13:33:42 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ewr1
9.gif
id5-sync.com/c/882/1245/0/
Redirect Chain
  • https://id5-sync.com/i/882/8.gif?id5id=ID5*sWgWicdqbntovpAw5oh4i3R5JAsLGF7xgAxlIJqNs9FVuwPJN3ZMu55olfI52Y96VbwnDKCfPbyifb5GN-K1Yg&o=api&gdpr_consent=undefined&gdpr=false
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F203%2F7%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/882/203/7/2.gif?puid=c8a83155-0f0c-49cd-97d7-497a142bd40b&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a236f525-c1e6-4768-a469-4b87cf809c0d&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/882/108/5/4.gif?puid=b734197a-ac0d-4024-b515-56c18866579a&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/882/434/4/5.gif?puid=5874b1ec-beca-4cf3-89c9-e5d59f67c2a8&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/882/796/3/6.gif?puid=0af6397d-5477-4a4e-bcb8-9fa2047d927c&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-9717TzVJxeDht45u1181_CYDtYNHeU8IU0KeEtKUbw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F3%2F2%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/882/3/2/7.gif?puid=b46b64b3-f1b9-4000-b1f0-7390bd8181e3&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/882/2/1/8.gif?puid=8520540174920231937&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=a236f525-c1e6-4768-a469-4b87cf809c0d&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1245%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/882/1245/0/9.gif?puid=G_YtaTZHp5wL8MgORNewKj87&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/882/1245/0/9.gif?puid=G_YtaTZHp5wL8MgORNewKj87&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sun, 16 Jul 2023 13:33:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/882/1245/0/9.gif?puid=G_YtaTZHp5wL8MgORNewKj87&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1C40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEgmGEyQcMEgI30R2zn2AOXVeZl3vfMAh9ET70I7wAXVyxGaqYh3O3aUinP6iDWDpBr7gZ6-HjI_Qo1_JAsUNgLFxPwwN6-hueghqqTlhVUs7CCpxTXhuhSZ5lsw90dnXoE7HAnXoYTullX1G6ogMHub4Q7MNWTaCAEOCPDIXaFlLaHCJT2sZBOgsLw-f34HfNeNQyf0E8Fmm2fBJ-MobHu7w9eRD1br7fgaHPd0RslSIW9DbVBhXMrUoX_48WZPP-N5r_XizvZ8BF_UO1Do1mWLtIBcQJSau47U5IF2iaqe0q1EUEncPD7mmks1IFwQHdg3u7WimWvvJbING7x2KufR48LZqb&sai=AMfl-YRstC7e5COSbQRzu0byvOlqcD32WHYNNdhaSndVIjrrgq4RYB0200KdGK6wdCUwRrU_QbFcJrEBNpf74GyHrVcWwxa45uy2jhs_BORYYZNmTbI08KuMplXdDg7IVkQ&sig=Cg0ArKJSzLHfU43ji93OEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 13:33:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C40 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
985f9f1e6a9a3bb5a377819d5e54c318c340f9735204af50f26604d1b9b4f458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6339 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3114242646467937&correlator=3034449282809289&eid=31072019%2C31076034&output=ldjh&gdfp_req=1&vrg=202307100101&ptt=17&impl=fif&iu_parts=187334984%3A5287%2CAlJazeera-Display%2CAJ-Display-970x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&ifi=1&adks=1252849843&sfv=1-0-40&sc=1&cookie=ID%3D8c3809f4c9d493a7%3AT%3D1689514421%3ART%3D1689514421%3AS%3DALNI_MZcHqODxXUw8w_ZuxAxBkifeAeCtQ&gpic=UID%3D00000cca8ea8ae25%3AT%3D1689514421%3ART%3D1689514421%3AS%3DALNI_MYXG6Plyf8u05n0bDALKxr-mryxYw&abxe=1&dt=1689514422668&lmt=1689514422&dlt=1689514421849&idt=561&adxs=315&adys=917&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=8dwmyurti78&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&ref=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&top=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=860669918.1689514414&ga_sid=1689514423&ga_hid=967995241&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d08287d39e6d342402b999fa2a43ed5e43545401be93d07e776fa8e942bb1790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11108
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F6C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:42 GMT
expires
Mon, 15 Jul 2024 13:33:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C40 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 13:33:42 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306202201000/ Frame FE82 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 17:10:47 GMT
age
332575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61909
x-xss-protection
0
server
sffe
etag
"f919e19544cf979d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 17:10:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame FE82 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Jul 2023 16:29:11 GMT
age
162271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"64cbd7fca0464c6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 13 Jul 2024 16:29:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame FE82 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 06:20:00 GMT
age
371622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28896
x-xss-protection
0
server
sffe
etag
"4dcd9a8c59f0d36a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 06:20:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame FE82 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 00:05:42 GMT
age
394080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"b82574a955fb50a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 00:05:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame FE82 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 09:45:28 GMT
age
445694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"5e14f2792a869535"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 09:45:28 GMT
css
fonts.googleapis.com/ Frame FE82 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jul 2023 13:14:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jul 2023 13:33:42 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:15:13 GMT
x-content-type-options
nosniff
server
cafe
age
58709
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 16 Jul 2023 21:15:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE82 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:15:13 GMT
x-content-type-options
nosniff
server
cafe
age
58709
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 16 Jul 2023 21:15:13 GMT
l
www.google.com/ads/measurement/ Frame FE82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtMYuskYsrR7lMcEUtiHRby7ohi3weA6e7ND7PaqJG1QEPGiW1PwmFJZXGI03_Sz9QQIf4RvfmkqpFng_q8DKSkMX3mA
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
truncated
/ Frame FE82 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9462acdffdc37384c976ea389d0721e0462563bc1b4f0787a2fd7740d80f64e2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
setuid
s2s.t13.io/ Frame 1FDD 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=G_YtaTZHp5wL8MgORNewKj87&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:42 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=968062839092010088&expires=30&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=
Date
Sun, 16 Jul 2023 13:33:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1689514422973
  • https://ad.turn.com/r/cs?pid=45&rndcb=8878845196
  • https://sync.1rx.io/usersync/turn/8326670277707603110?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 16 Jul 2023 13:33:43 GMT
Server
Tengine
ETag
RX1d836e92ba8e4b739a3c630d6d88d254005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Content-Type
text/html
Connection
keep-alive
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1689514422792&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=70994DFFC04E4ED08DB67F011D5F43D7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=70994DFFC04E4ED08DB67F011D5F43D7
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 16 Jul 2023 13:33:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=70994DFFC04E4ED08DB67F011D5F43D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 15 Jul 2023 13:33:42 GMT
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AACqZk7JZ-MAACT01x1ecw&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AACqZk7JZ-MAACT01x1ecw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AACqZk7JZ-MAACT01x1ecw&gdpr=0
Date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=19a6162f-cb84-4e10-8726-db8f5a0d51e2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=19a6162f-cb84-4e10-8726-db8f5a0d51e2
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=19a6162f-cb84-4e10-8726-db8f5a0d51e2
date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:42 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 1FDD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=Ks38SNdeiWbtmKaRr3Zn&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=Ks38SNdeiWbtmKaRr3Zn&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=Ks38SNdeiWbtmKaRr3Zn&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT, Sun, 16 Jul 2023 13:33:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 62EF 		778 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7687a92d7d49967d080f74bdc0d23db10b1dbd40e5102ad70d214f2d7672f2e8

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
477
content-type
text/html
date
Sun, 16 Jul 2023 13:33:42 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F4D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37883
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 13:33:42 GMT
expires
Mon, 17 Jul 2023 00:05:05 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8036 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37883
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 13:33:42 GMT
expires
Mon, 17 Jul 2023 00:05:05 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6339 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoXJ4kBzUXqBXVX3LgjQA9IqQXV-tMyml78Iv9Aynyb1jLG-1OJdqhvlBVGLDIZyiX3H8a6ll_6PceiSgIHmjNfCq7F0aSR3Clp29zi0oDsqVdT07lVecC5G7D-b2GOV4iwjskqtRUHRPPcPk4tCL1zGyEj6b96wqtis5rc76l_lcfp1DfPNgw6k-s9u_rkHtqVrZvmE__-PfRO_LVn_CILMFH-7L6gzo0Ommz_ge9JMffN8WANrwfQTkTuY9TUPvRRgpO-HJOBS852emDsZtpIfVR6CWQvgaSHaXVCYtu6Mwn3PKxEaZh23-N2pMKLfTyFrXUKVKnCYy-5pgEcc2YWn-zx4m6psPMTg&sai=AMfl-YTny4AdktdC-qlrM-T3LL2oQk8rySAlXjNU7Phtl1vSq3xw9mGkfnoElLZME1Pkx6N2K2-fZhsUgtHVPsaw9w-3tiQcqHUMudp9EgkzW7iRrRs-LhjQsSg1vUjtzUQ&sig=Cg0ArKJSzHO7urxqgW_7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Jul 2023 13:33:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6339 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
609ce15962a314e55f56771cdbae274244452cacb46ff76bbdf97898b137c0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11771
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
121338
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 03:51:24 GMT
expires
Sun, 14 Jul 2024 03:51:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7FF1 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5a19bd081e4f69832a80d25fba80bd11c3ae79cb1759989dbbf7fedff67f446
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tY-AgHbfYr7FQE0Zyf1-FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-tY-AgHbfYr7FQE0Zyf1-FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:42 GMT
expires
Sun, 16 Jul 2023 13:33:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FE82 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://subscriptions.hi2free.cloud
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 04:45:59 GMT
x-content-type-options
nosniff
age
204464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jul 2024 04:45:59 GMT
merge
ce.lijit.com/ Frame 62EF 		43 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=c98b5c3b-6190-022b-0e72-1f34ff77bf13&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 62EF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 62EF
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a31bf107-d023-05a1-032f-3144b44a414d
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=a31bf107-d023-05a1-032f-3144b44a414d
95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=a31bf107-d023-05a1-032f-3144b44a414d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1955&partner_device_id=a31bf107-d023-05a1-032f-3144b44a414d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58294/ Frame 62EF 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8ba10172-534e-026f-1ae9-689810657428
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
db_sync
px.ads.linkedin.com/ Frame 62EF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=f0a3fd9d-4663-0e46-16b7-2961be5de199
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokZjBhM2ZkOWQtNDY2My0wZTQ2LTE2YjctMjk2MWJlNWRlMTk5EAAaDQi348-lBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&rand=08081373
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&rand=08081373&expected_cookie=32f108e1-a4d1-46ba-9510-bbd5613bd4b8
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&rand=08081373&expected_cookie=32f108e1-a4d1-46ba-9510-bbd5613bd4b8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7EAD3CFBC75C4480BA7AE1EAA9783117 Ref B: NYCEDGE1309 Ref C: 2023-07-16T13:33:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAmrsgHeDWXpPlnA9sqA==

Redirect headers

date
Sun, 16 Jul 2023 13:33:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 23CEDEA581B841FCB580FE71B2F650D3 Ref B: NYCEDGE1309 Ref C: 2023-07-16T13:33:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=6f32c649bd4eff680ca60523b785f74cb4ade26b8bd922085569956d3fa6a66c791426b5417dce21&rand=08081373&expected_cookie=32f108e1-a4d1-46ba-9510-bbd5613bd4b8
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAmrsc/FY2BtsIPaFPug==
sd
us-u.openx.net/w/1.0/ Frame 62EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8520540174920231937
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8520540174920231937
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
an-x-request-uuid
a2b43a54-b90e-4372-99ac-4bea3b9c0a49
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8520540174920231937
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 62EF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2778235536787152038&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2778235536787152038&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2778235536787152038&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6339 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jul 2023 13:33:43 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306202201000/ Frame B7E9 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 17:10:47 GMT
age
332576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61909
x-xss-protection
0
server
sffe
etag
"f919e19544cf979d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 17:10:47 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame B7E9 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Jul 2023 16:29:11 GMT
age
162272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"64cbd7fca0464c6f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 13 Jul 2024 16:29:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame B7E9 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 06:20:00 GMT
age
371623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28896
x-xss-protection
0
server
sffe
etag
"4dcd9a8c59f0d36a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 06:20:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame B7E9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 00:05:42 GMT
age
394081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1898
x-xss-protection
0
server
sffe
etag
"b82574a955fb50a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 11 Jul 2024 00:05:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306202201000/v0/ Frame B7E9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306202201000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jul 2023 09:45:28 GMT
age
445695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"5e14f2792a869535"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 10 Jul 2024 09:45:28 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7E9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:15:13 GMT
x-content-type-options
nosniff
server
cafe
age
58710
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 16 Jul 2023 21:15:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B7E9 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307100101/pubads_impl.js?cb=31076034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:15:13 GMT
x-content-type-options
nosniff
server
cafe
age
58710
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 16 Jul 2023 21:15:13 GMT
truncated
/ Frame B7E9 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a088e9aa53d4d22322d7ca2a81103e730fff42e3b7ce415e9671563fdc950b30

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
16798781278786132368
tpc.googlesyndication.com/simgad/ Frame B7E9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16798781278786132368
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052b69260820fc9895897c110efae117cb35d5a203e6ef74683e18a84b37a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 18:20:27 GMT
x-content-type-options
nosniff
age
501196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12968
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 15:56:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 09 Jul 2024 18:20:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 96CC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qMQJcg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F4D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1686546&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3528a7ef4de0c7e7e4efc03429d592eee3401a25a33b4461637fb41d45af37ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
si
googleads.g.doubleclick.net/pagead/drt/ Frame FE82
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Sun, 16 Jul 2023 13:33:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:15:13 GMT
x-content-type-options
nosniff
server
cafe
age
58710
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 16 Jul 2023 21:15:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE82 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306202201000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 21:15:13 GMT
x-content-type-options
nosniff
server
cafe
age
58710
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 16 Jul 2023 21:15:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1237 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
121339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 03:51:24 GMT
expires
Sun, 14 Jul 2024 03:51:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0AB2 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86a9458bfa8231d37d73dd4b23d6a16f823b0eb3cf927133bcb42d6b6cdd00c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-boqxZbRiE2Q9NWfcVEGmOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-boqxZbRiE2Q9NWfcVEGmOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:43 GMT
expires
Sun, 16 Jul 2023 13:33:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 7FF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307100101&jk=250149695076439&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 48D0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 13:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
172916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 13:31:47 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B7E9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/
Protocol
H3
Server
2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

date
Sun, 16 Jul 2023 13:33:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
setuid
s2s.t13.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58690/occ?gdpr=&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-.ymios9E2uGHnrUPGUdYwveSFCBIQv6QQbo2bRA-~A
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-.ymios9E2uGHnrUPGUdYwveSFCBIQv6QQbo2bRA-~A
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=yahoossp&uid=y-.ymios9E2uGHnrUPGUdYwveSFCBIQv6QQbo2bRA-~A
date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adview
securepubads.g.doubleclick.net/pagead/ Frame FE82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNk4dtvGzZIrIEIeBoPMPuvWesAndqdXVcayU7o_AEYKVx-2lOxABINCMmC5gye6Oi8CkjBCgAcj0xcYpyAEBqQJwrwCH9rV6PuACAKgDAcgDCqoE_gFP0NMLQ4CBOXwuK14SjEwe6vpYL2lR7YQrDTc4sadePqC5HLCwhBWHnVikkgjd9FvvK1uhH7z9Uj70MiivlGJ8t9a0lZOq4bx-yNFMKooysxbwRQuNpbd2hsqNnd1bC73L4-xzUB51nW36v32Dibwi-6OXCNlZB_GOJWqdHPWzr_X2BAFsYKGFIMGoCQafvWdNwEmiQ24nh30kkJcCEpjRpysyrljz-OKBflBdvSMeXsu0FkRgSzBzsu8AQ5ie7nqBjHudYWc9IoUZDxYFIh7Y4RsRIQTTR8yR85vawZY9rDUAURlA6Ah_MqKpyBNReLsE2a2sR_fhP0kvGDemXcAE8YGxoKIE4AQBkgUECAQYAZIFBAgFGASAB_HQqqgEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmcEJ0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItMzkzODM0OTk0MTM2Nzk2ORiowBw&sigh=vq0KLoizwME&uach_m=[]&cid=CAQSPABpAlJWCXBjitWX689PDx95TPlmkZdhjZLMe_MbVSQlHgiJNsAc_1-dsImKEvSmJhjsdXoC_m9JTW0cqBgB&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B2E3 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4520-YYZ
x-timer
S1689514424.576735,VS0,VE21
Pug
image2.pubmatic.com/AdServer/ Frame D2DB
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062839092010088
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062839092010088
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 16 Jul 2023 13:33:43 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062839092010088
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame 6549 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
38QZPB58AC27K1YHJ0FG
Pug
image2.pubmatic.com/AdServer/ Frame F8B9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcVprN0paLU1BQUNUMDF4MWVjdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACqZk7JZ-MAACT01x1ecw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5393839811644009848&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACqZk7JZ-MAACT01x1ecw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5393839811644009848%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5393839811644009848&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AACqZk7JZ-MAACT01x1ecw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5393839811644009848%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5393839811644009848&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACqZk7JZ-MAACT01x1ecw&gdpr=0
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACqZk7JZ-MAACT01x1ecw&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 13:33:44 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACqZk7JZ-MAACT01x1ecw&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame AD0B 		0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame EC79
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8520540174920231937&gdpr=0&gdpr_consent=
42 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8520540174920231937&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
568e2c1b-e809-47e2-8a97-3278a7fa1bd7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8520540174920231937&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame E8CB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb
42 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-store, proxy-revalidate
content-length
0
date
Sun, 16 Jul 2023 13:33:43 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 598D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jul 2023 13:33:43 GMT
expires
Sun, 16 Jul 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1232396
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame E7C2
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=623f4e24-23dd-11ee-b003-73d16c6255b2
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=623f4e24-23dd-11ee-b003-73d16c6255b2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:32:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 16 Jul 2023 13:33:43 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=623f4e24-23dd-11ee-b003-73d16c6255b2
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame F4EF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 16 Jul 2023 13:33:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZSfz20w6V599SbOcGzQRzmAJ-SQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 2CAA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WWTOU7591Ql1SD5&gdpr=0&gdpr_consent=
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WWTOU7591Ql1SD5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jul 2023 13:33:43 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WWTOU7591Ql1SD5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-07fb0ce0be4ea1daa@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5A2C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=800770056233
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=800770056233
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:27:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=800770056233
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 7F4A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=40fee599-8abd-43a3-adcb-ac2d69234640&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
42 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.237.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-237-207.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:45 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 16 Jul 2023 13:33:45 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
s.tribalfusion.com/z/ Frame 26CE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7e7a9e5d98c54bbd-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7e7a9e5cc8a84bbd-BUF
content-type
text/html
date
Sun, 16 Jul 2023 13:33:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1699
Pug
simage2.pubmatic.com/AdServer/ Frame C7D7
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 13:33:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame FB8B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 16 Jul 2023 13:33:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
merge
ce.lijit.com/ Frame F7DB 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:43 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ewr1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F4D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rob0oX_wS5Ct_DfmuVY6rQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=37882
accept-ranges
bytes
content-length
5606
expires
Mon, 17 Jul 2023 00:05:05 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1F4D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b734197a-ac0d-4024-b515-56c18866579a%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a236f525-c1e6-4768-a469-4b87cf809c0d&ttd_puid=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame 1F4D
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame 1F4D
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=2fd8d480-d02e-404c-a9da-2f152385481a
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=2fd8d480-d02e-404c-a9da-2f152385481a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.196.240.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-240-12.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 16 Jul 2023 13:33:43 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=2fd8d480-d02e-404c-a9da-2f152385481a
date
Sun, 16 Jul 2023 13:33:43 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUU4NkY0QTEtN0ZGMC00QjkwLUFERkMtMzdFNkI5NTYzQUFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIu9DlZl-_pmN-hrvrotuWY&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIu9DlZl-_pmN-hrvrotuWY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIu9DlZl-_pmN-hrvrotuWY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7
42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:32:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 15 Jul 2023 13:33:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8326670277707603110&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8326670277707603110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8326670277707603110&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1F4D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:8254:be27:a710:e85f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zRSkdKZE2uX1eWXoZDdKFndkqTARVa4-~A&gdpr=0
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zRSkdKZE2uX1eWXoZDdKFndkqTARVa4-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-zRSkdKZE2uX1eWXoZDdKFndkqTARVa4-~A&gdpr=0
date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1e0465217a2021b1&is_secure=true&networkId=17100&version=1&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMVa1hNtjfbwM2HAANAAAAAAA&expiration=1689600823&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&...
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMVa1hNtjfbwM2HAANAAAAAAA&expiration=1689600823&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMVa1hNtjfbwM2HAANAAAAAAA&expiration=1689600823&nuid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0af6397d-5477-4a4e-bcb8-9fa2047d927c&gdpr=0&gdpr_consent=
1 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0af6397d-5477-4a4e-bcb8-9fa2047d927c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0af6397d-5477-4a4e-bcb8-9fa2047d927c&gdpr=0&gdpr_consent=
Date
Sun, 16 Jul 2023 13:33:43 GMT
Connection
keep-alive
X-CI-RTID
c1a8686c-11a6-493e-a1a4-e048452496ac
Content-Length
205
Content-Type
text/html; charset=utf-8
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 1F4D 		0
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=3dc64050-298a-45a5-99dd-041bf54ad8e7&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&gdpr_pd=
1 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 16 Jul 2023 13:33:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 1F4D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_105E7B687_36C87B8B&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-372519204; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:43 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-372519204; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sun, 16 Jul 2023 10:32:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 1F4D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1563302996059876632
42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1563302996059876632
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1563302996059876632
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
adview
securepubads.g.doubleclick.net/pagead/ Frame B7E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKZ5RtvGzZMvOLJHS_gS14qnYCI7jl7Bxrpury8cRkNrdkbM8EAEg0IyYLmDJ7o6LwKSMEKABnIfBuCnIAQPgAgCoAwHIAwiqBP0BT9AZt5g_w_8dJl-3LNbSgrd-VwOCEJ992AqoEXQynkRf8v6lpPZT-55vkyl4OtTIkges3VMsohrtEkjGTBC9lK5imO8dvtZwce5QtidV210rD8tp1E-rHK4sO_N7rcqN7UukRnknGwRk8Fzk7e5MC9vbnwakQqT-AR8FNWo1wMwSIMCru93gYrcGdugDXdbglGM33n1iq8rJVfx-J8JrVJx3M2_ws3QD1fJi2c4nyB7ULAVBZTY-4BQocPuMi79OFaChoIKgsB-F0IA6aYX-T7q7DGT19loq3AS4hibquuPDgWQ9GrMeHyKemWXufjD3CFJA5dWH7urAT4FwN8AE9oy-2KcE4AQBkgUECAQYAZIFBAgFGASgBgOAB5y_kZgEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQlukE0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzkzODM0OTk0MTM2Nzk2ORiowBw&sigh=RKeVfYdeh2E&uach_m=[]&cid=CAQSPABpAlJWvK9QWLJLmw-9_1_v8JmLdt1GPmA5Stt4Kz6cCIVlRkBS51neerM_VD7Qv0eIMYTcKagQyuTCURgB&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0AB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307100101&jk=3114242646467937&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fdc1529a023ad44ec7cf1bda79b7bda73eb1a1ac083f1137df06319eab596687

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:43 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sync
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
dd7362a11b49926f54573dc4d2cc5537b09e77f32af782d5c87cd586c01132b6

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1253
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:43 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 16 Jul 2023 13:33:43 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://subscriptions.hi2free.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 16 Jul 2023 13:33:43 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
pagead2.googlesyndication.com/bg/ Frame 1237 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JuxDZWINa7otHwaisCqyMSq7iwQyCfHq_LhnNSU0b2U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 13:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
172916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14572
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 13:31:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6339 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfU2r9zqUtKBhx7WZTS0gboBxo_DvxN0gSF77duuJAo5KSyac43nyEzOG_F9F_0LyQKvwfLKBb0B6XVWlHt9EthbGWmChmoCAArrG25Bn6afvq7eD3&sig=Cg0ArKJSzIstyhEhjLoJEAE&id=lidar2&mcvt=1104&p=917,315,1007,1285&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20230712&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2869597148&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689514421849&rpt=1032&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=a236f525-c1e6-4768-a469-4b87cf809c0d&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=a236f525-c1e6-4768-a469-4b87cf809c0d&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=a236f525-c1e6-4768-a469-4b87cf809c0d&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzc4ODI0MTk3ODkzNzY5NjY3OTU1OQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBvDLFn6xsBATDNCuf1vGXQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBvDLFn6xsBATDNCuf1vGXQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBvDLFn6xsBATDNCuf1vGXQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 15DB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzc4ODI0MTk3ODkzNzY5NjY3OTU1OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzc4ODI0MTk3ODkzNzY5NjY3OTU1OQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzc4ODI0MTk3ODkzNzY5NjY3OTU1OQ%3D%3D
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 15DB 		0
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3788241978937696679559&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 06079F1D9CDE441AADCCB90F7994726C Ref B: NYCEDGE1309 Ref C: 2023-07-16T13:33:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAmrscsUeKRUUb8Jv7tA==
xuid
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3788241978937696679559&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=eb83c471-d292-4219-8356-4d4b61b1e5a5&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 16 Jul 2023 13:33:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 15DB 		42 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3788241978937696679559&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF94ED9BB45B4FB8B61DDDA16BA89516 Ref B: EWR311000106053 Ref C: 2023-07-16T13:33:44Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3788241978937696679559?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-qysIt4pE2oQbGs74mQQHyyUqear5JW94TNy2zExZew--~A&dongle=0883
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-qysIt4pE2oQbGs74mQQHyyUqear5JW94TNy2zExZew--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 16 Jul 2023 13:33:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-qysIt4pE2oQbGs74mQQHyyUqear5JW94TNy2zExZew--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=xlv75tTjn338WTYihv1G&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5PBWHMNZVORKGU...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xlv75tTjn338WTYihv1G
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xlv75tTjn338WTYihv1G
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:44 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=xlv75tTjn338WTYihv1G
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 15DB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8520540174920231937&dongle=4d58&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8520540174920231937&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
edff7815-aad8-4d07-ac9a-ee5f35828d37
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=8520540174920231937&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
s2s.t13.io/ Frame 15DB 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=3788241978937696679559
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
pd
u.openx.net/w/1.0/ Frame 6B30 		697 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b69565968bc9db1ec7d3e2a4a3fd1419540b4aedb57732e9de8e6c30848db04f

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
453
content-type
text/html
date
Sun, 16 Jul 2023 13:33:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B660 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37881
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 13:33:44 GMT
expires
Mon, 17 Jul 2023 00:05:05 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame A997 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
ac8eb5006347c8781eddd04b6c4f1961a254f15b0bd69fedec3e38879b30ee4a

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1071
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame CC9F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.102.123 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-102-123.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Jul 2023 13:33:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame E71C 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e1ee24c12ae19927153eff764e5059d643240830a2d12d9823cca3dd9c605eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=140311
content-encoding
gzip
content-length
9556
content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 13:33:44 GMT
expires
Tue, 18 Jul 2023 04:32:15 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 47DC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
51
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7e7a9e60ff1836d6-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 16 Jul 2023 13:33:44 GMT
expires
Sun, 16 Jul 2023 17:33:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame C8A8 		853 B
899 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.57.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-57-191.compute-1.amazonaws.com
Software
/
Resource Hash
5cad02c504ad829868733b67374cba710be223579b9684c847c42e5f33de502c

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 16 Jul 2023 13:33:44 GMT
pragma
no-cache
vary
accept-encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 891C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
17594
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 16 Jul 2023 13:33:44 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 21 Jun 2023 06:41:32 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5295, 26033
X-Served-By
cache-lga13626-LGA, cache-yyz4556-YYZ
X-Timer
S1689514424.477259,VS0,VE0
iframe
sync.colossusssp.com/ Frame F99A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.219.212 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
96e21b6b7c6b3446063d3834cfa913d312041045b6be86086f524ddedcdf3edb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 16 Jul 2023 13:33:44 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-F6Sz1tRE2pnuzbZLBxbJGG.Sso_Ao5RETXwsRw--~A&expires=5&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-F6Sz1tRE2pnuzbZLBxbJGG.Sso_Ao5RETXwsRw--~A&expires=5&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 13:33:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

date
Sun, 16 Jul 2023 13:33:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-F6Sz1tRE2pnuzbZLBxbJGG.Sso_Ao5RETXwsRw--~A&expires=5&ssp=themediagrid
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307100101&jk=4463217233626802&bg=!qqmlqf3NAAb90kgr3dI7ADkAdvg8WlIQVvhdZ_xgNOAtkBNUpJVF4RvDsegK_m4Jdo5BtdWqBqo6fm33FbmV5Zzn-8MD7CXim3QCAAAEPlIAAADmaAEHCgDAY_YDsrv78BTlFR8mH0BYgK_11Kc6o3qnt8EAJCU1xOE-x1MPLPD3cxU8T5TwNUKrYUkMGgdne4hCpqYGwxMhl8hEUQ6_FQINEgiHT6sUODViuPQyfEx7Npy6SNbvFWmBsxrQLIJPPTPrPznEuNdZN4-cOFiYnUxWSJCKjXKgy4JHG7bhAH3mUOmkHV3hpTBb1eDXgZgBoLUu0sfS1GqgagInEjMCa2q5QBKuE9qrDslUUIGZD97OA863nB4V126ymQLBJEDuA7nwCxX7lCHvUkh5pj4NaX8X7vJ69DOC5Q8F4puHukKs3g-25IyBTM_6DfKe-1lE2aMM6Q8aRGLEtTq6e5YUImBxgchOlYLndrdFI2NqzeRIHIZ-81tOnU49N8Z5rpMsOoXbLgNZ-cCSWJa2CmvHzhln3dZacvdrhtJch3XL-Yj-n1NzJt6DgFP7ICf5vH3Arw8YHMekwyddpdTQ-Z26FVAXlN_yNHdBStKV6mZziXy_CjFbdOfx3U_OB9COLcD8WJUpH6x7Ehg39pf6yrAPZftSFRCDhPMGfg-ENHmtW7vAq9fdmR4zHoWe_APwLeOVRBhiRsek8d_I9Ywl6T-46e3Fq8oJI0kruT_RkJudVJVZgNyKNaN8RQaEiJMUZLryvE4O0JokXZeR_FNNaf-yMEtFWKON3yd8Jb-xcumjBqipex8l7UJ0o3E32eEAGIwhpt5FMV2a76jzk4nP_9D6vjwB-VZzC20HGv_7GYoKSdYf2QSxv_7WikuW5Z2-HPhLpjdff-AjgT-qJC0esW042olxUq99ZsBTuYNClAdxo_0dJP5_31ckHLrKajhYGBkDCCsbxfsI26eg1qSc4yi8sZ5W10QwWiMFZI4FcV0YlHxvLEQBoQ-U5BviGT0zd_Cz_oZ1KXwzYtpBanwrdH2uXMZ-IFO_tjszoTkZEnNuGR-4FPxUvS6FFabv3wLLR8sbR4aEG4f26fnK9-mVQXsNsO18K-fW5e5f2qLja_YP_-DwfnVxiYCQBibVN1o_5ue_dg14M9PV4NnEb7amCFqUQonRT44zuQaV1hA2Oz-Ah5bp3Q-_4Of-SyNsmBcj4u7A_0FpZYZHgUk5ahb5lNzgKV_uqY96qZyziJZauqyc_MjwcY-L87sH6dIICiT6sRT6dZRFi8G9JRMQt4P0_inlNWwq3M-b9fYQ43LE26vN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 48D0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xjsTUQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
37274
stags.bluekai.com/site/ Frame 6B30 		62 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=8271da5d-be53-05a7-3339-36b61c96e0f2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.21.62 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-21-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 16 Jul 2023 13:33:44 GMT
content-length
62
bk-server
a175
content-type
image/gif
709996.gif
id.rlcdn.com/ Frame 6B30 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 6B30
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=09c81771-93bc-1d10-bee7-e261a20bc083
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kmaajck363fj
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kmaajck363fj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0kmaajck363fj
cache-control
no-cache
cf-ray
7e7a9e62091f4bbd-BUF
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 6B30
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=baebb61e-d95e-0468-3f5b-32d363f48e70&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZLPxuKD9dFjqm9_uti3qgg1z
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZLPxuKD9dFjqm9_uti3qgg1z
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 16 Jul 2023 13:33:44 GMT
server
Aorta/20230710.8b4beed47
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZLPxuKD9dFjqm9_uti3qgg1z
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
441b5c2fcdf4
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 6B30
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=ejMIxyKigQivuuUlVN-6-w==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H2
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6B30
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=0af6397d-5477-4a4e-bcb8-9fa2047d927c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=0af6397d-5477-4a4e-bcb8-9fa2047d927c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=0af6397d-5477-4a4e-bcb8-9fa2047d927c
Date
Sun, 16 Jul 2023 13:33:44 GMT
Connection
keep-alive
X-CI-RTID
ded283ce-eba6-4a37-a8d2-dff76002e3c3
Content-Length
112
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/v000/ Frame C8A8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8303764302
  • https://sync.1rx.io/usersync/tradedesk/a236f525-c1e6-4768-a469-4b87cf809c0d
  • https://sync.targeting.unrulymedia.com/csync/RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-1d836e92-ba8e-4b73-9a3c-630d6d88d2...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.204.57.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-57-191.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Sun, 16 Jul 2023 13:33:44 GMT
Server
Tengine
ETag
RX1d836e92ba8e4b739a3c630d6d88d254005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Content-Type
text/html
Connection
keep-alive
sync
ads.yieldmo.com/v000/ Frame C8A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=8520540174920231937&pn_id=an
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=8520540174920231937&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.204.57.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-57-191.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
89f073c4-e20e-4c43-bbc0-bea65cb73265
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=8520540174920231937&pn_id=an
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C8A8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2Q5MTA2NDBjNzQxOGZkNGE3MGU=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C8A8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=gd910640c7418fd4a70e
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Db734197a-ac0d-4024-b515-56c18866579a%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8520540174920231937&pt=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8520540174920231937&pt=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
dd483953-ebfd-4494-bb71-865f744e9534
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8520540174920231937&pt=b734197a-ac0d-4024-b515-56c18866579a%2C%2C
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame C8A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEJHgjwIshhVkEffvs7QIFno&google_cver=1
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEJHgjwIshhVkEffvs7QIFno&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
18.204.57.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-57-191.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEJHgjwIshhVkEffvs7QIFno&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame A997 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3788241978937696679559
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
b5df56d9-6c8c-409a-8b5f-6d2194f26037
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame A997 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3788241978937696679559
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
c0b2e5f0-9f8c-4826-8186-ed45def72af8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame A997
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=0af6397d-5477-4a4e-bcb8-9fa2047d927c&dongle=d54f&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=0af6397d-5477-4a4e-bcb8-9fa2047d927c&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=0af6397d-5477-4a4e-bcb8-9fa2047d927c&dongle=d54f&gdpr=0&gdpr_consent=
Date
Sun, 16 Jul 2023 13:33:44 GMT
Connection
keep-alive
X-CI-RTID
a477e74d-9ead-49b3-9bc8-3671abeccdc1
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame A997
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&partner_url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3646%26xuid%3D8aac...
  • https://eb2.3lift.com/xuid?mid=3646&xuid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 16 Jul 2023 13:33:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://eb2.3lift.com/xuid?mid=3646&xuid=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&dongle=1fa5&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame A997
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&dongle=4430
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-6527f3db-4c3a-579f-7d49-b39c1b3411ce$ip$96.9.249.36&dongle=4430
Date
Sun, 16 Jul 2023 13:33:44 GMT
Connection
keep-alive
Content-Length
137
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame A997 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.30.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-30-48.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 13:33:44 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame A997 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.30.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-30-48.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 13:33:44 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame A997
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=8326670277707603110&dongle=d407&gdpr=0&gdpr_consent=
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=8326670277707603110&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=8326670277707603110&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame A997 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3788241978937696679559
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame A997
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AACqZk7JZ-MAACT01x1ecw&dongle=bzwx&gdpr=0
37 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AACqZk7JZ-MAACT01x1ecw&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 16 Jul 2023 13:33:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AACqZk7JZ-MAACT01x1ecw&dongle=bzwx&gdpr=0
Date
Sun, 16 Jul 2023 13:33:44 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame CC9F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.102.123 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-102-123.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
717f93dbaef86055de40715df7deea52da11a5477eb0785f20f2eb6a6bd63793

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 13:33:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 16 Jul 2023 11:50:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80256
Connection
keep-alive
Content-Length
10114
Expires
Mon, 17 Jul 2023 11:51:20 GMT
async_usersync
ib.adnxs.com/ Frame 891C 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
1bee328b-a14a-42ef-8b42-bc3d64336ca0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9DD4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
fd46f9a6ab37232f8b471475cc0c3dfd0bb5d9ef5b5ae855c42ad35d70dd6575

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1687
Content-Type
text/html
Date
Sun, 16 Jul 2023 13:33:45 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 16 Jul 2023 13:33:45 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
generate_204
tpc.googlesyndication.com/ Frame 1237 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AQbFLw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
colossus
ids.ad.gt/api/v1/ Frame F99A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=huddledmss
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=130&ssp_id=huddledmss&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=465&user_id=8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.colossusssp.com/bidswitch.gif?puid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
  • https://bh.contextweb.com/bh/rtset?pid=562060&ev=1&us_privacy=[us_privacy]&rurl=https%3A%2F%2Fsync.colossusssp.com/pp.gif?puid=32d84d34-4950-4497-9976-3df62df1274b
  • https://sync.colossusssp.com/pp.gif?puid=32d84d34-4950-4497-9976-3df62df1274b&ev=1&us_privacy=[us_privacy]&pid=562060
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e7a9e66698c1977-EWR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
colossus
ids.ad.gt/api/v1/ Frame F99A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.colossusssp.com/ap.gif?puid=$UID
  • https://sync.colossusssp.com/ap.gif?puid=8520540174920231937
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e7a9e64c8471977-EWR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:44 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=32d84d34-4950-4497-9976-3df62df1274b
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
user-sync
sync.adkernel.com/ Frame F99A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562060&ev=1&us_privacy=[us_privacy]&rurl=https%3A%2F%2Fsync.colossusssp.com/pp.gif?puid=[UID]
  • https://sync.colossusssp.com/pp.gif?puid=[UID]&ev=1&us_privacy=[us_privacy]&pid=562060
  • https://x.bidswitch.net/sync?ssp=huddledmss
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=huddledmss&bsw_param=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&google_hm=Y2MwNGNhM2UtM2MyNC00MDAyLThkZGUtMmNkNWMyYjIxMjk2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMm3DYiBNCy8Q0sa1qefIKM&google_cver=1&ssp=huddledmss&bsw_param=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
  • https://sync.colossusssp.com/bidswitch.gif?puid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
  • https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
sync.cootlogix.com/api/ Frame F99A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=9um7azn&ttd_tpi=1
  • https://sync.colossusssp.com/td.gif?puid=a236f525-c1e6-4768-a469-4b87cf809c0d&ttl=1692106424
  • https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=[UID]
43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=[UID]
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
206.81.15.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=[UID]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
openrtb.cootlogix.com/api/ Frame F99A 		43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openrtb.cootlogix.com/api/cookie?userId=[UID]&partnerId=colossus
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.183.135.134 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
cookie
sync.cootlogix.com/api/ Frame F99A
Redirect Chain
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
  • https://sync.colossusssp.com/4560195433dd0d468e9a635d097ffb01.gif?puid=
  • https://match.prod.bidr.io/cookie-sync/col
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AACqZk7JZ-MAACT01x1ecw
  • https://sync.cootlogix.com/api/cookie?partnerId=omg-colossus&gdpr=[GDPR]&gdpr_consent=[gdpr_consent]&us_privacy=[CCPA]&userId=32d84d34-4950-4497-9976-3df62df1274b
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=omg-colossus&gdpr=[GDPR]&gdpr_consent=[gdpr_consent]&us_privacy=[CCPA]&userId=32d84d34-4950-4497-9976-3df62df1274b
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
206.81.15.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://sync.cootlogix.com/api/cookie?partnerId=omg-colossus&gdpr=[GDPR]&gdpr_consent=[gdpr_consent]&us_privacy=[CCPA]&userId=32d84d34-4950-4497-9976-3df62df1274b
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
colossus
ids.ad.gt/api/v1/ Frame F99A
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=colossus&gdpr=[GDPR]&us_privacy=[CCPA]&redirectUri=https%3A%2F%2Fsync.colossusssp.com%2F021909c6bcf2644c2583393eed86ca15.gif%3Fpuid%3D%24UID%26gdpr%3D%26gdpr_conse...
  • https://sync.colossusssp.com/021909c6bcf2644c2583393eed86ca15.gif?puid=gd910640c7418fd4a70e&gdpr_consent=&gdpr=[GDPR]&us_privacy=[CCPA]
  • https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=[UID]
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=[UID]
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e7a9e6538991977-EWR
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=[UID]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
sync.cootlogix.com/api/ Frame F99A 		43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=spike-colossus&gdpr=[GDPR]&gdpr_consent=[GPDR_consent]&us_privacy=[CCPA]&userId=[UID]
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.81.15.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
user-sync
sync.adkernel.com/ Frame F99A 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
colossus
ids.ad.gt/api/v1/ Frame F99A 		43 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/colossus?id=[AUDIGENT_ID]&cls_id=[UID]
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7e7a9e64c8451977-EWR
content-length
43
content-type
image/gif
712075.gif
id.rlcdn.com/ Frame F99A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/col
  • https://sync.colossusssp.com/500e7b56c46df78315584d09f505b8d4.gif?puid=AACqZk7JZ-MAACT01x1ecw
  • https://id.rlcdn.com/712075.gif?ct=2&cv=
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712075.gif?ct=2&cv=
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://id.rlcdn.com/712075.gif?ct=2&cv=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cookie
sync.cootlogix.com/api/ Frame F99A 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=omg-colossus&gdpr=[GDPR]&gdpr_consent=[gdpr_consent]&us_privacy=[CCPA]&userId=[UID]
Requested by
Host: sync.colossusssp.com
URL: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.81.15.18 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.colossusssp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
cksync
cs.media.net/ Frame E71C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzMyNTE2MDI0NjYzNDAwMDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAVNKgj56k573Vr7Zs2QlRg&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAVNKgj56k573Vr7Zs2QlRg&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=77&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Sun, 16 Jul 2023 13:33:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEAVNKgj56k573Vr7Zs2QlRg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7E9 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshYR8cX6Fd58i39q3a3V1Vd7DgDAYnaewVygi6PczzVxpAh5349ROxZggKes-KiBYxbA61IrBsyU6Grq5j2Cq0fVarO9zLgRchOyxDvMT0n5liiYPmxybz0w9jjy62UoFkwHiiRp9E2Q&sai=AMfl-YTpZRsJocxprOuEbjj659thGuGEIvgk8tCzpjboz9_8YaiwNVuG0WivU48EN3_LerQhoS8QlbkrrfxP72lLtBfaZ6PGT09PPTs62RRNSte5WyvM2ThSOhbmUIRE&sig=Cg0ArKJSzEc1SFoedF-lEAE&cid=CAQSPABpAlJWvK9QWLJLmw-9_1_v8JmLdt1GPmA5Stt4Kz6cCIVlRkBS51neerM_VD7Qv0eIMYTcKagQyuTCURgB&id=ampim&o=315,917&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1063&mtos=0,0,1063,1063,1063&tos=0,0,1063,0,0&tfs=611&tls=1674&g=100&h=100&tt=1675&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame CC9F 		284 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
s2s.t13.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=8520540174920231937
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=8520540174920231937
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:44 GMT
an-x-request-uuid
42929d50-ce38-4266-bf69-a4ede9f82d04
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=8520540174920231937
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Location
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
Date
Sun, 16 Jul 2023 13:33:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 9DD4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLPxue2ulgLG8LuP98lg5QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFkfH_IA8ggG-INUjXqP7ZU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFkfH_IA8ggG-INUjXqP7ZU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFkfH_IA8ggG-INUjXqP7ZU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9DD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLPxue2ulgLG8LuP98lg5QAABZ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEACB73FX2oVO30Rmgta0dfY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEACB73FX2oVO30Rmgta0dfY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEACB73FX2oVO30Rmgta0dfY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9DD4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLPxue2ulgLG8LuP98lg5QAABZ0AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TN68Y43WWH1ABJHB9656
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9DD4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a236f525-c1e6-4768-a469-4b87cf809c0d&expiration=1692106425&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a236f525-c1e6-4768-a469-4b87cf809c0d&expiration=1692106425&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=a236f525-c1e6-4768-a469-4b87cf809c0d&expiration=1692106425&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
ZLPxue2ulgLG8LuP98lg5QAABZ0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9DD4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZLPxue2ulgLG8LuP98lg5QAABZ0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:8254:be27:a710:e85f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum.casalemedia.com/ Frame 9DD4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=index&bsw_custom_parameter=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=b734197a-ac0d-4024-b515-56c18866579a&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=540&dpuuid=b734197a-ac0d-4024-b515-56c18866579a&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=88226671887806799401404925921195804274&pt=b734197a-ac0d-4024-b515-56c18866579a%2Chttps%253A%252F%252Fx.bidswitch.net%252Fs...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=index&bsw_param=cc04ca3e-3c24-4002-8dde-2cd5c2b21296
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc04ca3e-3c24-4002-8dde-2cd5c2b21296&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 16 Jul 2023 13:33:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 9DD4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=70994DFFC04E4ED08DB67F011D5F43D7
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=70994DFFC04E4ED08DB67F011D5F43D7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sun, 16 Jul 2023 13:33:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=70994DFFC04E4ED08DB67F011D5F43D7
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 15 Jul 2023 13:33:45 GMT
CookieIndex
rtb.adentifi.com/ Frame 9DD4 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.128.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-128-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9DD4 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZLPxue2ulgLG8LuP98lg5QAA%261437
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
83739
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7e7a9e66587736c9-YYZ
content-length
43
expires
Mon, 17 Jul 2023 13:33:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307100101&jk=250149695076439&bg=!goGlgdXNAAb90kgr3dI7ADkAdvg8WoG_tYjMoFwBHagNhjdhB6mry0nfe17JhY3CmkuW6UJYpg7hQ80LReeOU3RoWeoA8AqpTBMCAAAD0lIAAAAvaAEHmQLWoCv4zLmamsqW3FfL4CNz7ZTnODSrKxCPmSBNFZSoCih36u0diDuUovPM3_BCeoQ8BXNfWw4Tc80-kGP2sGf7ETH1IG-QYe9qOnmZGm_7P_9-1zQfdgpNoLitWKAzzlDr7DlxizxlHG2kgzTRulNhiR1zjY7zCDfMk3VlQGL5mfTyp_mbFlOn7W5UA2TbqJleksNyOtSyvP-5ynzqov8DIgypGt1Hn2Rczx1zG0Hmg7Bc1TqnHw0IgRaks04WC8Uj1DyeHL0i_ygNaAD2eLDAk0T0_KgLHuJmOkhKX9TmlR0_0xaxafRVI0h-ML8HThoz7L7_kiI3_ZBGDhrZc2wRDXvJFYPXo1a1ZEmTt4JEpd0zUJqPkDyR4isgKPqX_47CE1iaCZi_rvG8RNH6SozBE-PPnXk50m7qTlU6pJbmo1MpoCoPO_T1mYzS61d9MR5gYlJgpub2cKY69oL2Ivu5ij5rm0xsXvoqEmhslyO-TanEQNaoDg0NhngdvtseoDMSgVFODjVPn4LuxqdbG67KmeTvyuTcBz54DpUfqYc4ix1rmBlo6HBhrQf5sqOW8JLU4DGj6dy0MQBjBXbC9H4E2q0swnci-UNnWyevFfQXHLpLkpo-aqxlyW6YTNkuOkzENZe81DlTwZfCHPHFdYn3h6U68QMmcTUU2obllSYeonxVE9yVrqwOAtgdm9l3N_QE4QhJvqL5I5YgNhk0w6zbP-MAaas1VHcHwcZo7Mvna9NeWQTY2PDbLcIZaquVMHVMd6vPUz8JV4oxKkF9ovUiH019h6Y78JU897tfSF3VRsD4gt7gBtc7GIZWU7UbzI385QuYwDgG3PhV4Q2uvhCyheu-BR3583MB3S6oQFYd5BAyO1ZmnRIvcYfnse8QvGOeB1CbQ1-9-bq17lCZwv_7BbVedKmgdph1HETkTZo8yaFj5mGqmZlc4Kndtj-BDjTrDXCe3SRI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5302 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.173.8 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-173-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://subscriptions.hi2free.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37880
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sun, 16 Jul 2023 13:33:45 GMT
expires
Mon, 17 Jul 2023 00:05:05 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame CC9F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=s3ELq_mKTByDNfKP5h5XrQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s3ELq_mKTByDNfKP5h5XrQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s3ELq_mKTByDNfKP5h5XrQ
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GZ8N17YDN1DG949J98CP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=s3ELq_mKTByDNfKP5h5XrQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CC9F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTdmZThlMDZhNDdhYjRjMjFhNDcwYWVjNTg2YTExNDRlZTM3MTMwMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTdmZThlMDZhNDdhYjRjMjFhNDcwYWVjNTg2YTExNDRlZTM3MTMwMg
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTdmZThlMDZhNDdhYjRjMjFhNDcwYWVjNTg2YTExNDRlZTM3MTMwMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CC9F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEs1SDlMUkYtMS1OR1k=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOQmKUJ8SLgO4fP_p6gfLEw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs1SDlMUkYtMS1OR1k=&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs1SDlMUkYtMS1OR1k=&google_push=
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs1SDlMUkYtMS1OR1k=&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CC9F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/9OVgdiwNLfNDtzYHsjFfOw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x9HxzBpE2oKpONQsYC_MSq9IYr6ngEopG80VGQ--~A
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x9HxzBpE2oKpONQsYC_MSq9IYr6ngEopG80VGQ--~A
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 16 Jul 2023 13:33:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x9HxzBpE2oKpONQsYC_MSq9IYr6ngEopG80VGQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame CC9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF1rzTiKyFPW1FyNUUMw67c&google_cver=1
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF1rzTiKyFPW1FyNUUMw67c&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF1rzTiKyFPW1FyNUUMw67c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame CC9F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a236f525-c1e6-4768-a469-4b87cf809c0d&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame CC9F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8YDWNC8W5V68T44TP263
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame CC9F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK5H9LRF-1-NGY
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK5H9LRF-1-NGY
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:45 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A1CC14691E0D42548C0065848BAE829A Ref B: NYCEDGE1309 Ref C: 2023-07-16T13:33:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAmrsuUjZVu9MQvjycvg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK5H9LRF-1-NGY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/pagead/ Frame 6339 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307100101&jk=3114242646467937&bg=!paalpvLNAAb90kgr3dI7ADkAdvg8Wsb7Nijgpr840uTCOEyeElbmllmmC3hNhw80RAJaEwryY6O6TNfsUAHF64F628FpXyz2lVwCAAADAlIAAAARaAEHmQLgF34gZyr3YQKGCEV-YN5BKe9HoN27QAu_B_CKjtp3xkVRIttvF8mzCTtJiyMSjv5vOAtnC1Rq5LM7SplC_6rPua299LfiF5edRaVPo1oPXqE9DjgvTbdVKyH9sK2bGrsqHLWqF7LXQHTe2hp020pX_c9n2u7bsT2DXD_z58qM4yYaXwkgWTHdcKmFcMcP_XccS64lo_Q2lq6iLFQfwnYjSnALGDafQ-uXky8SdhIPPqfVAohTXHCHVq9zO-m5jFUM27RTAnASvTuLBeiTvyI_iwBfWzA-gJFhVxq4LK4f2UMR610Ax7kWE2Kf6TJguKaFCJ09OhaZPVuXP0nHXWWhWyMFrlOhW2U45xf-PQO6t8ozdm4l-7l2SPOP9l8ZAP-kQBOs_PmoMCp3FhsBmDvMWlqO5iMYb9-_QW1TNycMUnl8jE8FP256wZ1KYCmLatUwNnYZqJBukI47UiWLFKc5Ad0pIuXk8Ex7itqLYj4CL18ow07yxNLmVOYTAQsuXDE5n3nUp_mrdRoKFhswcwlshwVIut37ULnTV6DbXp2QZaclgdtojGhyVh7sem6HVTdOwt2uT4ayUmZy4cItZcLtH4C9P8FNKCEN8o01bY-AbuTmVK3IcBGUYgJrqkLE7nD3m92Ql3g1oedrCy3MGDYzphjOgWzm4RGM69V5rwh4pt1BArAmR5N8pck8P91TyTvwksjVNNFGwHCBJLf3zxEKSpgycyrWGnWXUGLb_8PXBasr0SsPlnnntTIhhlIj5ZKQbRhCBntKl6M28Lvm_cIlj7jblBrtha7D_BXwxHmGlTSu617kK4nspP1hVcO1PpETftVuNlwjuX2uGA6GQaRuzrvH4uCwHRw_hDXQXAC7XSfwv_I98WEHQI_nHYlQYNEcJeYEideQWjp_HF7r-gTH-0Iz95vPUczAXdZdS1fmV1yRXW1413M8FP1cbTo7m25htcnYtIICgdWOCOkV0cVTkw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame 1F4D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 10:32:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 891C 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:45 GMT
an-x-request-uuid
03334b23-a842-4199-b280-6396751b8b6c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
graphql
subscriptions.hi2free.cloud/ 		133 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://subscriptions.hi2free.cloud/graphql?wp-site=aja&operationName=ArchipelagoBreakingTickerQuery&variables=%7B%7D&extensions=%7B%7D
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.194.156.79 Toronto, Canada, ASN (),
Reverse DNS
104.194.156.79.static.quadranet.com
Software
nginx/1.24.0 / Express
Resource Hash
45a942a3685450004b12f1b690d98b4db830dcbd6d0a112f2e57db12d95866a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept
*/*
Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
original-domain
subscriptions.hi2free.cloud
wp-site
aja
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jul 2023 13:33:46 GMT
x-rq
mdw1 111 253 443
content-encoding
gzip
strict-transport-security
max-age=15768000
server
nginx/1.24.0
x-powered-by
Express
etag
W/"85-7g2IXKSKijPnUvUsliAsxsxP53k"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=20, must-revalidate
accept-ranges
bytes
content-length
107
PugMaster
image6.pubmatic.com/AdServer/ Frame 8036 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85234915&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5843210e6d5017bf9078bac2eb3e67f04ec8a7d7b0d38ba176ade5473c2e63a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 15 Jul 2023 23:49:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
t.adx.opera.com/pub/ Frame AA6E 		0
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 16 Jul 2023 13:33:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 9FE7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=5921883341
  • https://sync.1rx.io/usersync3/mediamathtest/1508/b46b64b3-f1b9-4000-b1f0-7390bd8181e3?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:36:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 16 Jul 2023 13:33:47 GMT
ETag
RX1d836e92ba8e4b739a3c630d6d88d254005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
image2.pubmatic.com/AdServer/ Frame E8F8
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GZ6-limZCEiWL1Lwu_GzZA
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GZ6-limZCEiWL1Lwu_GzZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GZ6-limZCEiWL1Lwu_GzZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 14B1 		43 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 16 Jul 2023 13:33:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 45AD
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1300efd6-28b5-446c-b3cb-6515bea46e45
1 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1300efd6-28b5-446c-b3cb-6515bea46e45
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 16 Jul 2023 13:33:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=1300efd6-28b5-446c-b3cb-6515bea46e45
strict-transport-security
max-age=15724800; includeSubDomains
pub
matching.truffle.bid/sync/ Frame CAD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 16 Jul 2023 13:33:47 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame B25A 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:47 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-1a5588366602@version_1.563v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame C78A
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7428008271922567350&uid=Q742800827192256...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7428008271922567350
42 B
96 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7428008271922567350
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=72603
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 16 Jul 2023 13:33:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7428008271922567350
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 51B9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7&gdpr=0&gdpr_consent=
1 B
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 13:33:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 16 Jul 2023 13:33:47 GMT
expires
Sat, 15 Jul 2023 13:33:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:70994DFFC04E4ED08DB67F011D5F43D7&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
merge
ce.lijit.com/ Frame 2664 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ewr1
sd
us-u.openx.net/w/1.0/ Frame 8036 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 8036 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.73.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-73-219.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Jul 2023 13:33:47 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 8036 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.155.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-155-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 16 Jul 2023 13:33:46 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 8036 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.91.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-91-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Sun, 16 Jul 2023 13:33:46 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
644e6d30-23dd-11ee-b5d1-0a5c73c9b587
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-01b99af338046efec
Pug
simage2.pubmatic.com/AdServer/ Frame 8036
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8520540174920231937
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8520540174920231937
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 13:33:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:47 GMT
an-x-request-uuid
78a62922-9436-47ef-8f7f-77692b9a8752
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8520540174920231937
x-proxy-origin
96.9.249.36; 96.9.249.36; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8036
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:de1bea1d-32fe-4e00-bc5c-8b6ec781b9cd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:de1bea1d-32fe-4e00-bc5c-8b6ec781b9cd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 16 Jul 2023 10:35:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:de1bea1d-32fe-4e00-bc5c-8b6ec781b9cd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 16 Jul 2023 13:33:47 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F4D 		631 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50642019&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
39c56230af6a829bd15c012f6e390f8a6aca3ba4f53182bc151bd8d33fb73878

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 16 Jul 2023 13:33:44 GMT
content-length
631
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame 4D29 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ewr1
396846.gif
idsync.rlcdn.com/ Frame 1F4D
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f0a3fd9d-4663-0e46-16b7-2961be5de199
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f0a3fd9d-4663-0e46-16b7-2961be5de199
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 16 Jul 2023 13:33:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f0a3fd9d-4663-0e46-16b7-2961be5de199
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD/gdpr=0/ Frame 1F4D 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.20.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-20-252.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jul 2023 13:33:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.39.172
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 1F4D 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame 1F4D 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.69.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-69-212.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 13:33:47 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
06.m3u8
live-hls-web-aja-fa.getaj.net/AJA/ 		378 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/06.m3u8
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2334365d61b1cbe182b37bdca3396517db26aa2e9dd579eb87df256b915ab730

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10576-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:47 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
3
x-timer
S1689514428.780534,VS0,VE104
vary
Accept-Encoding
x-cache
HIT, MISS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=5, public
accept-ranges
bytes
content-length
138
x-cache-hits
71, 0
fc104076d9
bam-cell.nr-data.net/events/1/ 		24 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/fc104076d9?a=462331462&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=16018&ck=1&ref=https://subscriptions.hi2free.cloud/
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.30 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://subscriptions.hi2free.cloud/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 16 Jul 2023 13:33:48 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://subscriptions.hi2free.cloud
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-nyc-kteb1890042-NYC
SPug
simage4.pubmatic.com/AdServer/ Frame 8036 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 10:32:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
s2s.t13.io/ Frame 34BC 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 13:33:49 GMT
expires
0
pragma
no-cache
via
1.1 google
setuid
s2s.t13.io/ Frame 0315 		0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Sun, 16 Jul 2023 13:33:49 GMT
expires
0
pragma
no-cache
via
1.1 google
20230209T014501-06-1360854.ts
live-hls-web-aja-fa.getaj.net/AJA/ 		521 KB
521 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-hls-web-aja-fa.getaj.net/AJA/20230209T014501-06-1360854.ts
Requested by
Host: subscriptions.hi2free.cloud
URL: https://subscriptions.hi2free.cloud/thirdparty/nr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.75 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a23ccad1032dbda3de454e0e2b7fa06c623cc1e460ff7b4ddc40699c3512f0d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-mrs10545-MRS, cache-yyz4558-YYZ
date
Sun, 16 Jul 2023 13:33:49 GMT
via
1.1 varnish, 1.1 varnish
server
nginx/1.18.0 (Ubuntu)
age
9
x-timer
S1689514429.049685,VS0,VE1
x-cache
HIT, HIT
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
533544
x-cache-hits
29, 1
merge
ce.lijit.com/ Frame C68A 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 Houston, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 16 Jul 2023 13:33:49 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ewr1
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=aljazeera.net&p=subscriptions.hi2free.cloud%2F&u=CT32wdNKqFFD75lU6&d=subscriptions.hi2free.cloud&g=3291&g0=No%20Section&g1=No%20Author&g4=Home%20Page&n=1&f=00001&c=0.25&x=0&m=0&y=6882&o=1600&w=1200&j=30&R=1&W=0&I=0&E=20&e=20&v=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&vp=1&PA=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&b=3040&t=BxJLzADucmpTjBT1F-vLOJ2Lo2v&V=140&i=%D8%A7%D9%84%D8%AC%D8%B2%D9%8A%D8%B1%D8%A9%20%D9%86%D8%AA%3A%20%D8%A2%D8%AE%D8%B1%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%AD%D9%88%D9%84%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85&tz=0&sn=1&sv=C-NYWBdx51NmI7pfB2DH7bBQpMhe&sr=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&sd=1&im=06870fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.121.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-121-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=aljazeera.net&p=subscriptions.hi2free.cloud%2F&u=CT32wdNKqFFD75lU6&d=subscriptions.hi2free.cloud&g=3291&g0=No%20Section&g1=No%20Author&g4=Home%20Page&n=1&f=00001&c=0.25&x=0&m=0&y=6882&o=1600&w=1200&j=45&R=0&W=0&I=1&E=20&e=0&v=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&vp=1&PA=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&b=3040&t=BxJLzADucmpTjBT1F-vLOJ2Lo2v&V=140&tz=0&sn=2&sv=C-NYWBdx51NmI7pfB2DH7bBQpMhe&sr=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&sd=1&im=06870fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.121.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-121-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 16 Jul 2023 13:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
tracker
metrics.brightcove.com/v2/ 		35 B
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=6859be0ff6d2d0f5744ac5d5&account=665001584001&destination=https%3A%2F%2Fsubscriptions.hi2free.cloud%2F&platform_version=6.65.4&player=players.brightcove.com%2F665001584001%2F7lDmqAMR_default&player_name=AJA%3A%20Homepage%20Live%20Stream%20Player&source=&autoplay=false&ads_enabled=false&time=1689514430479&event=video_engagement&player_height=208&player_width=370&video=6319531289112&video_name=AJA%20Livestream%20-%20Web%20-%20Fastly&rendition_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2F06.m3u8&rendition_indicated_bps=428640&rendition_mime_type=application%2Fvnd.apple.mpegurl&rendition_height=240&rendition_width=426&media_requests=5&media_transfer_duration=1507&media_bytes_transferred=2680504&measured_bps=69972983&media_seconds_loaded=100&forward_buffer_seconds=31.950204999999997&custom_fields=&video_data=&video_ads_supported=true&tags=hd&tags=live&tags=livestream&media_url=https%3A%2F%2Flive-hls-web-aja-fa.getaj.net%2FAJA%2Findex.m3u8&video_seconds_viewed=10&qos.bitrates=%7B%22bitrates%22%3A%5B%5B1689514419672%2C3901938%5D%2C%5B1689514419672%2C3901938%5D%2C%5B1689514420125%2C27996026%5D%2C%5B1689514420125%2C27996026%5D%2C%5B1689514420383%2C63057411%5D%2C%5B1689514420383%2C63057411%5D%2C%5B1689514429237%2C69972983%5D%2C%5B1689514429237%2C69972983%5D%5D%2C%22playlists%22%3A%5B%5D%2C%22rendered%22%3A%5B%5D%2C%22throughput%22%3A%5B%5B1689514419672%2C20097527%5D%2C%5B1689514419672%2C20097527%5D%2C%5B1689514420125%2C18425806%5D%2C%5B1689514420125%2C18425806%5D%2C%5B1689514420383%2C20015748%5D%2C%5B1689514420383%2C20015748%5D%2C%5B1689514429237%2C22110244%5D%2C%5B1689514429237%2C22110244%5D%5D%7D&qos.events.content.seeked=1689514419476&qos.events.content.loadeddata=1689514419477&qos.events.content.canplay=1689514419477&qos.events.content.playing=1689514419477&qos.events.content.canplaythrough=1689514419478&qos.frames.dropped=20&qos.frames.corrupted=0&qos.frames.total=282&seq=9_0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.232.244.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://subscriptions.hi2free.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=300; includeSubDomains
date
Sun, 16 Jul 2023 13:33:50 GMT
via
1.1 google
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
must-revalidate,no-cache,no-store
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 boolean| credentialless object| onbeforetoggle object| onscrollend string| environment boolean| isDelegatedSite function| getDecodedPathName function| getMetaValue function| clearMetaValue function| clearPreviousPageMetadata function| gtag object| dataLayer number| _sf_endpt object| _sf_async_config object| documentHead object| canonicalNode object| searchTermsNode function| getMediaEmbeds function| setCustomDimensions function| sendGA4PageView function| getUTMQueryParams function| sendPageView function| callback string| previousCanonical string| previousSearchTerm object| canonicalObserver object| OneTrustStub number| usrPersonaAds number| isNonPersonalizedAds function| OptanonWrapper function| getGAEventData function| setupEventListener function| keepReadingGAList function| explainerGAList number| metadataCheckInterval number| intervalCounter number| maxIntervalCounter function| handleEventsAndAdsLoad object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| google_tag_data object| freestar object| analytics string| GoogleAnalyticsObject function| ga object| _cb_shared object| gaGlobal string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| gaplugins object| gaData object| __LOADABLE_LOADED_CHUNKS__ string| __REDIRECTS__ object| regeneratorRuntime object| features object| __archipelago_ui_config object| routes object| newsletters object| arcSettings object| _cbm object| NREUM object| newrelic function| __nr_require object| SplunkRum object| amplitude string| OTEL_TRACES_EXPORTER boolean| freestarReactCompontentLoaded object| Optanon object| OneTrust object| _qevents string| dl object| conversionIds string| url function| callbackFunc undefined| script undefined| type boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs function| videojsFlash object| videojsFlashlsSourceHandler object| httpStreaming function| videojsPerSourceBehaviors function| videojsContextmenu function| videojsContextmenuUi function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog function| videojsPlaylist function| videojsQualityMenu function| videojsSocial object| Conviva function| bc function| WebVTT object| ConvivaVideoAnalytics object| analyticsConnectorInstances function| quantserve function| __qc object| ezt object| _qoptions object| google_optimize object| GooglebQhCsO object| vttjs object| fsdata object| _comscore object| fsprebid function| load_script object| confiant object| googletag function| _hadron object| COMSCORE object| ns_p object| hadron boolean| __halo_loaded__ object| ggeac object| google_js_reporting_queue object| fsprebidChunk object| _pbjsGlobals object| mnet object| au object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt undefined| google_measure_js_timing object| apstag object| _aps boolean| apstagLOADED object| apscustom boolean| creativeVendorLibraryLoaded number| google_unique_id function| setImmediate function| clearImmediate object| ID5 object| __id5_instances object| PublisherCommonId object| GoogleGcLKhOms function| confiantDfpWrap object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

226 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQle2g95UxCgoIgQIQ7vCg95UxCgoI4gEQle2g95UxCgoI5gEQle2g95UxCgoIhwIQle2g95UxCgkICRCV7aD3lTEKCQhJEO7woPeVMQoJCAsQle2g95UxCgoIjAIQle2g95UxCgoIrAIQ7vCg95UxCgoIrQIQ7vCg95UxCgoIzgEQ7vCg95UxCgoIkQIQ7vCg95UxCgoIkgIQ7vCg95UxCgoIlAIQ7vCg95UxCgkIOhCV7aD3lTEKCQgbEO7woPeVMQoKCN4BEO7woPeVMQoJCF8Qle2g95UxCgkIHxCV7aD3lTE=
.hi2free.cloud/ Name: _ga
Value: GA1.2.860669918.1689514414
.hi2free.cloud/ Name: _gid
Value: GA1.2.1940923963.1689514414
.hi2free.cloud/ Name: _gat_gtag_UA_1615344_2
Value: 1
.hi2free.cloud/ Name: _ga_WFKEPR3HG4
Value: GS1.1.1689514413.1.1.1689514414.0.0.0
.hi2free.cloud/ Name: _cb
Value: CT32wdNKqFFD75lU6
.hi2free.cloud/ Name: _chartbeat2
Value: .1689514414979.1689514414979.1.C-NYWBdx51NmI7pfB2DH7bBQpMhe.1
.hi2free.cloud/ Name: _cb_svref
Value: https%3A%2F%2Fsubscriptions.hi2free.cloud%2F
subscriptions.hi2free.cloud/ Name: _splunk_rum_sid
Value: %7B%22id%22%3A%22386e1d61e27dc6bc109c48426a14fb90%22%2C%22startTime%22%3A1689514415186%7D
subscriptions.hi2free.cloud/ Name: AJUserLocation
Value: US
.hi2free.cloud/ Name: AMP_MKTG_9e2bdeb55f
Value: JTdCJTdE
.hi2free.cloud/ Name: _gcl_au
Value: 1.1.1732439467.1689514417
.quantserve.com/ Name: mc
Value: 64b3f1b1-7c766-d2ebb-0bebc
.hi2free.cloud/ Name: AMP_9e2bdeb55f
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJmOTQwYTIyMi0yZDQ4LTRkMDgtYjVjNy1hN2NjNzk3Y2NlZGMlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjg5NTE0NDE2OTc5JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY4OTUxNDQxNzcyMiUyQyUyMmxhc3RFdmVudElkJTIyJTNBMiU3RA==
.hi2free.cloud/ Name: __qca
Value: P0-2000944900-1689514417089
.doubleclick.net/ Name: IDE
Value: AHWqTUkjYEVkHNzVz-n3poTxKv6E8_eSaOPaqk8n3Uao-KjCNOD6Ek8I2AFFHZ-D
.pub.network/ Name: _fsuid
Value: 33a15d2a-6626-490f-a119-9159ff77e9cd
.nr-data.net/ Name: JSESSIONID
Value: e8cdf19b82e72783
.scorecardresearch.com/ Name: UID
Value: 12C1f1141d5cc5fd20c1b631689514419
subscriptions.hi2free.cloud/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.hi2free.cloud/ Name: cookie
Value: 491fcae1-5230-454f-896d-3a13f9b4d93d
.adsrvr.org/ Name: TDID
Value: a236f525-c1e6-4768-a469-4b87cf809c0d
.hi2free.cloud/ Name: cto_bundle
Value: m_jCIF9jdDdXM0wwc1VRMjBGRjMlMkZXTkdsZmV1UWlXdldCVGtKZ3Rsb2NqRWhTQyUyQk5hSGZwZyUyQjdISWhwOHZkWEJhTkp5aUMydmtFa0FuOHJVWG1UQmxReHYyOWJSY3RNSXZZcGM4eEpZSmFrdVJTSGp3ekljaTJaYWhRcmNZYlJUWkJxZA
.hi2free.cloud/ Name: cto_bidid
Value: SUE2hF9GUXZGeXJDc2lNeHJCM3lmN3BDcGVaOTh0QjNhQTUzcTJhcmViJTJGWnQlMkJwNmI5ZXdIOVppcGlZd2kyeU5IaGk5bW40NWRKS09iTDRZUlZRRnhZaHY3ZHclM0QlM0Q
.yahoo.com/ Name: A3
Value: d=AQABBLTxs2QCEIB4gpV4NJedTgo9Q6aRJrcFEgEBAQFDtWS9ZAAAAAAA_eMAAA&S=AQAAAodOvkjilLsdggiV1jg_UOA
.yieldmo.com/ Name: yieldmo_id
Value: gd910640c7418fd4a70e%7C1689514421129%7C0%7C
.teads.tv/ Name: tt_viewer
Value: 4f3bf087-c10f-49ad-8aad-f3a985d6c567
.openx.net/ Name: i
Value: 76c9bda2-22a3-07d1-1318-617ae3e1b3bc|1689514421
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZLPxtQAAAaRLpQAN
.hi2free.cloud/ Name: __gads
Value: ID=8c3809f4c9d493a7:T=1689514421:RT=1689514421:S=ALNI_MZcHqODxXUw8w_ZuxAxBkifeAeCtQ
.hi2free.cloud/ Name: __gpi
Value: UID=00000cca8ea8ae25:T=1689514421:RT=1689514421:S=ALNI_MYXG6Plyf8u05n0bDALKxr-mryxYw
.openx.net/ Name: univ_id
Value: 537072971|a236f525-c1e6-4768-a469-4b87cf809c0d|1689514421973984
.amazon-adsystem.com/ Name: ad-id
Value: A0pmTFoRUEcshCQDR1DZVs0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.id5-sync.com/ Name: id5
Value: 88d22e39-e317-7fdc-b031-272b05526177#1689514422259#2
.id5-sync.com/ Name: callback
Value:
.lijit.com/ Name: ljt_reader
Value: G_YtaTZHp5wL8MgORNewKj87
.lijit.com/ Name: ljtrtbexp
Value: eJxdzLkNwDAMQ9FdVLuwCOvyakZ2DyykiFQ%2BkPiHwmizxjSsCQxCpUuzVhu3vefy7yFiei1eje%2FPHMie%2Fv285%2BUfng%3D%3D
.bidswitch.net/ Name: tuuid
Value: cc04ca3e-3c24-4002-8dde-2cd5c2b21296
.bidswitch.net/ Name: c
Value: 1689514422
.simpli.fi/ Name: suid
Value: 70994DFFC04E4ED08DB67F011D5F43D7
.mfadsrvr.com/ Name: tuuid
Value: 19a6162f-cb84-4e10-8726-db8f5a0d51e2
.mfadsrvr.com/ Name: c
Value: 1689514422
.lijit.com/ Name: _ljtrtb_27
Value: a236f525-c1e6-4768-a469-4b87cf809c0d
.criteo.com/ Name: uid
Value: c8a83155-0f0c-49cd-97d7-497a142bd40b
.lijit.com/ Name: _ljtrtb_76
Value: c98b5c3b-6190-022b-0e72-1f34ff77bf13
.sitescout.com/ Name: ssi
Value: 8aac1792-1110-45c8-8184-57920f7502ba#1689514423082
.tapad.com/ Name: TapAd_TS
Value: 1689514423106
.tapad.com/ Name: TapAd_DID
Value: b734197a-ac0d-4024-b515-56c18866579a
.adnxs.com/ Name: uuid2
Value: 8520540174920231937
.bidswitch.net/ Name: tuuid_lu
Value: 1689514423
.lijit.com/ Name: _ljtrtb_2
Value: 70994DFFC04E4ED08DB67F011D5F43D7
.bidr.io/ Name: bito
Value: AACqZk7JZ-MAACT01x1ecw
.bidr.io/ Name: bitoIsSecure
Value: ok
.mfadsrvr.com/ Name: tuuid_lu
Value: 1689514423
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1689514423
.turn.com/ Name: uid
Value: 8326670277707603110
.creativecdn.com/ Name: u
Value: Ks38SNdeiWbtmKaRr3Zn
.creativecdn.com/ Name: ts
Value: 1689514423
.lijit.com/ Name: _ljtrtb_85
Value: AACqZk7JZ-MAACT01x1ecw
.lijit.com/ Name: _ljtrtb_87
Value: 19a6162f-cb84-4e10-8726-db8f5a0d51e2
.doubleclick.net/ Name: DSID
Value: NO_DATA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzMDAzsjC2NLA0MjA0MLCwEOIz1E1MNfPId8xy8SyMyAYABngT_SQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzMDAzsjC2NLA0MjA0MLCwEOIz1E1MNfPId8xy8SyMyAYABngT_SQAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
.lijit.com/ Name: _ljtrtb_86
Value: Ks38SNdeiWbtmKaRr3Zn
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005%22%7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFpamhiYmRsamG0igWJb2JkCQAf3rd_IAAAAA
.quantserve.com/ Name: sp
Value: CgsIiQ0SBgi348-lBg==
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~2ct1:19aa~2ct1:18z8~2ct1"
.lijit.com/ Name: _ljtrtb_71
Value: AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
.lijit.com/ Name: _ljtrtb_26
Value: cc04ca3e-3c24-4002-8dde-2cd5c2b21296
.deepintent.com/ Name: CDIUSER
Value: di_3c3427d8bc3f423caa100
.mxptint.net/ Name: mxpim
Value: R33647_105E7B687_36C87B8B.1.000000000000000064B3F1B7
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6527f3db-4c3a-579f-7d49-b39c1b3411ce.T0FkHuJtQ3qDhOj0oGiLDGfVaxpjgHkDVx08%2FRi0TUE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AZSfz20w6V599SbOcGzQRzmAJ-SQ.aY710%2FsN2gW93pdY1YL%2Faq%2B55fawOaTb2NGFykBYw1k
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb&KRTB&19420-35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb&KRTB&22979-35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb&KRTB&23403-35sCiY-eAovEmAON35lN3tvKAtjEnwLfi8zKIrTb
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-968062839092010088
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553&KRTB&23418-8aac1792-1110-45c8-8184-57920f7502ba-64b3f1b7-5553
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIu9DlZl-_pmN-hrvrotuWY&KRTB&16514-CAESEIu9DlZl-_pmN-hrvrotuWY&KRTB&23025-CAESEIu9DlZl-_pmN-hrvrotuWY&KRTB&23386-CAESEIu9DlZl-_pmN-hrvrotuWY
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:70994DFFC04E4ED08DB67F011D5F43D7&KRTB&23489-uid:70994DFFC04E4ED08DB67F011D5F43D7
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8520540174920231937&KRTB&23339-8520540174920231937
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-a236f525-c1e6-4768-a469-4b87cf809c0d&KRTB&22918-a236f525-c1e6-4768-a469-4b87cf809c0d&KRTB&23031-a236f525-c1e6-4768-a469-4b87cf809c0d
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8326670277707603110&KRTB&23150-8326670277707603110
.adform.net/ Name: C
Value: 1
.adgrx.com/ Name: ADGRX_UID
Value: 623f4e24-23dd-11ee-b003-73d16c6255b2
.lijit.com/ Name: _ljtrtb_97
Value: RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
.ipredictive.com/ Name: cu
Value: 0af6397d-5477-4a4e-bcb8-9fa2047d927c|1689514423828
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ZSfz20w6V599SbOcGzQRzmAJ-SQ&KRTB&23334-ZSfz20w6V599SbOcGzQRzmAJ-SQ&KRTB&23417-ZSfz20w6V599SbOcGzQRzmAJ-SQ&KRTB&23426-ZSfz20w6V599SbOcGzQRzmAJ-SQ
.dotomi.com/ Name: DotomiTest
Value: 1e0465217a2021b1
.acuityplatform.com/ Name: auid
Value: 800770056233
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRFddAzKamGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAURXXQMymo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_105E7B687_36C87B8B&KRTB&23092-R33647_105E7B687_36C87B8B
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.3lift.com/ Name: tluid
Value: 3788241978937696679559
.pippio.com/ Name: did
Value: 2HZcz7ieGessIEhC
.pippio.com/ Name: didts
Value: 1689514423
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLfjz6UGEgYIgr0rEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&KRTB&23413-AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&KRTB&23479-AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD&KRTB&23505-AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
.adform.net/ Name: uid
Value: 1563302996059876632
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-800770056233&KRTB&23428-800770056233
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-0af6397d-5477-4a4e-bcb8-9fa2047d927c&KRTB&23011-0af6397d-5477-4a4e-bcb8-9fa2047d927c&KRTB&23355-0af6397d-5477-4a4e-bcb8-9fa2047d927c
.thrtle.com/ Name: mc
Value: eyJpZCI6IjJmZDhkNDgwLWQwMmUtNDA0Yy1hOWRhLTJmMTUyMzg1NDgxYSIsImwiOjE2ODk1MTQ0MjM5MjksInQiOjF9
.w55c.net/ Name: wfivefivec
Value: WWTOU7591Ql1SD5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-623f4e24-23dd-11ee-b003-73d16c6255b2&KRTB&23275-623f4e24-23dd-11ee-b003-73d16c6255b2
.w55c.net/ Name: matchpubmatic
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: a6nseFMZaAC7pqGpS71cMjcTkrVQGd3TNdOudDgKcS20DvV09ZabXGoPCD3eeGkr6eG6lkAgTLZcBR0MqP5drdq
.smartadserver.com/ Name: pid
Value: 5393839811644009848
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACqZk7JZ-MAACT01x1ecw
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1563302996059876632&KRTB&23263-1563302996059876632&KRTB&23481-1563302996059876632
ads.avct.cloud/ Name: uuid
Value: 3dc64050-298a-45a5-99dd-041bf54ad8e7
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMVa1hNtjfbwM2HAANAAAAAAA&KRTB&22713-AAAMVa1hNtjfbwM2HAANAAAAAAA&KRTB&22715-AAAMVa1hNtjfbwM2HAANAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-cc04ca3e-3c24-4002-8dde-2cd5c2b21296
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:WWTOU7591Ql1SD5&KRTB&23421-uid:WWTOU7591Ql1SD5
.openx.net/ Name: pd
Value: v2|1689514421.1.2|iKvPvMgakWgy.bwuYhEgKg2f8.wvmmwtvJeSwr
.ads.yieldmo.com/ Name: rptr
Value: unl%3D1174113%7Cc%3D1174113%7Ctapad%3D1174113%7Cdv360%3D1174113%7Can%3D1174113
.csync.loopme.me/ Name: viewer_token
Value: 0b03d44e-06a6-463e-98cd-672cfe0e6aa9
.sportradarserving.com/ Name: zuuid
Value: eb83c471-d292-4219-8356-4d4b61b1e5a5
.sportradarserving.com/ Name: c
Value: 1689514424
.sportradarserving.com/ Name: zuuid_lu
Value: 1689514424
.bing.com/ Name: MUID
Value: 2F15BD72966B689A0596AE2297096970
.c.bing.com/ Name: MR
Value: 0
.zemanta.com/ Name: zuid
Value: xlv75tTjn338WTYihv1G
.go.sonobi.com/ Name: __uis
Value: 5874b1ec-beca-4cf3-89c9-e5d59f67c2a8
.go.sonobi.com/ Name: HAPLB8S
Value: s85107|ZLPxu
.linkedin.com/ Name: li_sugr
Value: 32f108e1-a4d1-46ba-9510-bbd5613bd4b8
.linkedin.com/ Name: bcookie
Value: "v=2&9c91c866-06bf-40f1-891e-dbff67a01f77"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2970:u=1:x=1:i=1689514424:t=1689600824:v=2:sig=AQFqVR2mqVd96yWd2Ifgd_kV6EONmAuz"
.contextweb.com/ Name: V
Value: 7gCl6Rh3ly9C
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5fa90a912657ae4f
.media.net/ Name: visitor-id
Value: 3325160246634000000V10
.colossusssp.com/ Name: gtm_usr
Value: 32d84d34-4950-4497-9976-3df62df1274b
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1689514424
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2In2kdo5a!]tbP6j2F-.aDFd<pAQ.gm4ckdX=`FigQckkaJc!gkspojG:F*f8hgfki'Hq*g0D(P-D:O
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjM3ODgyNDE5Nzg5Mzc2OTY2Nzk1NTkiLCJleHBpcmVzIjoiMjAyMy0xMC0xNFQxMzozMzo0NFoifX0sImJpcnRoZGF5IjoiMjAyMy0wNy0xNlQxMzozMzo0NFoifQ==
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4OTUxNDQyMzYzNywiMjYiOjE2ODk1MTQ0MjQ2NDMsIjE3IjoxNjg5NTE0NDIzMjI5LCIzOSI6MTY4OTUxNDQyNDY0MywiNyI6MTY4OTUxNDQyNDY0M30
.ads.yieldmo.com/ Name: ptran
Value: 8520540174920231937
.media6degrees.com/ Name: clid
Value: 2rxw5o801170kmaajck363fj000000015h010t01701
.media6degrees.com/ Name: acs
Value: 012020k1rxw5o8xzt10
.clickagy.com/ Name: cb
Value: ZLPxuKD9dFjqm9_uti3qgg1z
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-07-16 13:33:44"}]
.technoratimedia.com/ Name: tads_uidp_88
Value: 2819067418001873933412
.technoratimedia.com/ Name: tads_uidp_77
Value: 6cOflAWqkl0ZqfDJ_kQFu3kdRvtaNBUuJbNmYSw6R7g
.technoratimedia.com/ Name: tads_uidp_44
Value: LK5A100Z-1F-I3NM
.technoratimedia.com/ Name: tads_uidp_46
Value: 8875409374437084932
.technoratimedia.com/ Name: tads_uidp_79
Value: ce261499-c750-403d-856b-b7dc926d672a
.technoratimedia.com/ Name: tads_uidp_37
Value: 302bcdfd-f405-3526-a8c6-58bfbc3d6968
.technoratimedia.com/ Name: tads_uidp_48
Value: e653552f-702f-44ab-a0cb-499dfd530718
.technoratimedia.com/ Name: tads_uidp_49
Value: AAACWBQktA5-rgNJaetRAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: b04009de-a3fd-4cb7-985a-7679fb6e3a16
.technoratimedia.com/ Name: tads_uidp_80
Value: y-wLPZUfJE2uEV3Ezz2iy85s1fjU0EKWpB~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZLOcpL1uCZ-A1n4zX1WV.wAA&3585
.technoratimedia.com/ Name: tads_uidp_50
Value: ef06a451-a2cb-44b2-9821-c6ed15b9116a
.technoratimedia.com/ Name: tads_uidp_61
Value: 212161775325804
.technoratimedia.com/ Name: tads_uidp_62
Value: 3324942426634487000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: AuFgFGvEXdS35B-t5s6CyL1vEj8KQZCp
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-4a758c56-bfd9-46db-9311-83b1269be3cc-005
.technoratimedia.com/ Name: tads_uid
Value: A42684DA40694E48B36D7397BF65523E
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230604073159+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.ads.yieldmo.com/ Name: ptrc
Value: CAESEJHgjwIshhVkEffvs7QIFno
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlBMz0Bfcw0zpBnnWNP1+1LqDy1M51uEHB6DNvBEUVBEOBBBzNBMStNeDtup/pEnR6upP/1y/9dvyxvQ==
.bluekai.com/ Name: bku
Value: ZoW99nMhLtuQL4LT
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1lqw|89b.0.1|7dN.0.AACqZk7JZ-MAACT01x1ecw
.ads.yieldmo.com/ Name: ptrunl
Value: RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
.casalemedia.com/ Name: CMID
Value: ZLPxue2ulgLG8LuP98lg5QAA
.casalemedia.com/ Name: CMPS
Value: 1437
.casalemedia.com/ Name: CMPRO
Value: 1437
.cootlogix.com/ Name: ck48wz12sqj7
Value: Mr8142GPgwEvWa64RgiSWUlFBI3PzNDDBZlBQhRdGdQEmhCYwJUGTYEWVBqZFQScVsxU1INZl4MACZkVBNnWnUCWVg9FBpHNHJdVR4jHiVrFi8%3D
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACqZk7JZ-MAACT01x1ecw
.cootlogix.com/ Name: vdzh5_2ba15941
Value: ETt12fkwKb82VkoEBHUkEOwtTV3sIACktFRgCOEACEA0%2BJgEfRBY%3D
.media.net/ Name: data-g
Value: CAESEAVNKgj56k573Vr7Zs2QlRg~~8
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e9b51e064833cb46758b0599508e8bc7
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLVMMjVMNTAzsTA2Tk4yMTM3tUgyMLW0NDWwSLVISjZnAIKUzR93gmgoAABQ8wsn"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI2fxxJ5CCAgAh4ALC"
.mathtag.com/ Name: uuid
Value: b46b64b3-f1b9-4000-b1f0-7390bd8181e3
.rubiconproject.com/ Name: khaos
Value: LK5H9LRF-1-NGY
.cootlogix.com/ Name: vdzh5_96837e5c
Value: G4C12fXaD6KslMBD4HXoOKVFmEAMhLTdHEytDfhR4QQh1diAHUnVVfQN7Xlh5e3MZX2FWcht4Fwp7cCBSV2pWcFRpDg%3D%3D
.cootlogix.com/ Name: vdzh5_11f967df
Value: yXC13Hktr0TGSAyE26M0kBAVUmDjdjQ2cFVCkIR0UHMWpndRonH1IrWxZfBGciZ2wfd1YPfFIRQFFgdDdjBA%3D%3D
.colossusssp.com/ Name: lmg_r
Value: undefined|7|67|8|3
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj446Tq6YKDPBAFEhQKBXRhcGFkEgsIrPeU7OmCgzwQBRIWCgdzdng5dDUwEgsI0o7y7umCgzwQBRIVCgZjYXNhbGUSCwiKzeP56YKDPBAFGAEgAygCMgsI_J7XooCDgzwQBTgBWgc5dW03YXpuYAI.
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-40fee599-8abd-43a3-adcb-ac2d69234640&KRTB&23340-40fee599-8abd-43a3-adcb-ac2d69234640&KRTB&23498-40fee599-8abd-43a3-adcb-ac2d69234640
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 348420f6-0ad6-42fa-8891-095b0f42e163
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 6Bc0rQKOPA4kGmnrrumVbA2gwHX8iBnwF4JDOVgBCztGXTP8vq4uL6iXaGWkuyhXtBwsE6akKvLtWFYhd9YBxQ%3D%3D
.rubiconproject.com/ Name: audit
Value: 1|6TbEAlQAW0okHf9ef3KDpED/WtfXq5A6oLlQcUkmNEAJuCL1SieyTVsdXUY9HDdh/vaBVAiFLs7Lv0ZnN1+t0Vm3DUAyuHnL
.id5-sync.com/ Name: 3pi
Value: 434#1689514424695#-1300216250|2#1689514425528#-1783360308#8520540174920231937|3#1689514425310#-480518653#b46b64b3-f1b9-4000-b1f0-7390bd8181e3|264#1689514423453#-823931204#a236f525-c1e6-4768-a469-4b87cf809c0d|203#1689514423195#-8542054#c8a83155-0f0c-49cd-97d7-497a142bd40b|108#1689514423851#544808946|796#1689514424987#-1088014096|1245#1689514425716#-1563703625
.demdex.net/ Name: demdex
Value: 88226671887806799401404925921195804274
.dpm.demdex.net/ Name: dpm
Value: 88226671887806799401404925921195804274
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4741-2!4741-3!4741
.pubmatic.com/ Name: SyncRTB3
Value: 1690675200%3A8_220_48_5_176_233_13_240_165_3_234_231_22_166_249_46_250_104_55_178_56_71_21_54%7C1690070400%3A2_223_15%7C1690588800%3A96_99_238_214_81_264_239_243_204%7C1690329600%3A63%7C1689984000%3A38%7C1694563200%3A69%7C1690761600%3A35%7C1692057600%3A224
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1690502400%3A257%7C1690070400%3A248_253%7C1690675200%3A263_262_201_256_255%7C1690588800%3A261_259_258_260
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1689536027087
.lijit.com/ Name: _ljtrtb_58
Value: AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
ads.playground.xyz/ Name: connect.sid
Value: s%3AhZDRt47VReYCJYcSoO2-ZWcaKMtp8HtZ.dCzfLvTP%2B5i%2FUoi5XvqXC1etnhm4B7ghMp7%2Bgw6weag
.kargo.com/ Name: ktcid
Value: d77cefb6-e461-0de7-5063-6c05d0d45d35
.bfmio.com/ Name: __187_cid
Value: AE86F4A1-7FF0-4B90-ADFC-37E6B9563AAD
.bfmio.com/ Name: __io_cid
Value: a84fe649a39bbf4fd04522ef851da4cc8ddea058
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005%22%2C%22nxtrdr%22%3Afalse%7D
.rlcdn.com/ Name: rlas3
Value: LLXLVTv3sNLC8Dkz1HoLs3fTHivI/TlDVyl8sggKzNM=
.rlcdn.com/ Name: pxrc
Value: CLfjz6UGEgUI6AcQABIFCOhHEAASBgi46wEQBBIGCIy7KxAB
.adsby.bidtheatre.com/ Name: __kuid
Value: de1bea1d-32fe-4e00-bc5c-8b6ec781b9cd.458728427
.ctnsnet.com/ Name: cid_945b4fd33dea4da49e6a04f3db4fe2a8
Value: 1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7428008271922567350P
.owneriq.net/ Name: pmc
Value: 1
.inmobi.com/ Name: idsp_c
Value: 1300efd6-28b5-446c-b3cb-6515bea46e45
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005&KRTB&17107-RX-1d836e92-ba8e-4b73-9a3c-630d6d88d254-005
.adx.opera.com/ Name: UID
Value: OPUeefd291469f348c7b093e4d44a1b50ad
.c.appier.net/ Name: _auid
Value: GZ6-limZCEiWL1Lwu_GzZA
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-GZ6-limZCEiWL1Lwu_GzZA
.pubmatic.com/ Name: PugT
Value: 1689514427
.pubmatic.com/ Name: SPugT
Value: 1689503549
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiODUyMDU0MDE3NDkyMDIzMTkzNyIsImV4cGlyZXMiOiIyMDIzLTA3LTMwVDEzOjMzOjQ1LjAwMDgyOTEyMVoifSwieWFob29zc3AiOnsidWlkIjoieS0ueW1pb3M5RTJ1R0huclVQR1VkWXd2ZVNGQ0JJUXY2UVFibzJiUkEtfkEiLCJleHBpcmVzIjoiMjAyMy0wNy0zMFQxMzozMzo0My41ODEzMjY5MjJaIn0sImdyaWQiOnsidWlkIjoiY2MwNGNhM2UtM2MyNC00MDAyLThkZGUtMmNkNWMyYjIxMjk2IiwiZXhwaXJlcyI6IjIwMjMtMDctMzBUMTM6MzM6NDUuMTY4MTkwNDE5WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJBRTg2RjRBMS03RkYwLTRCOTAtQURGQy0zN0U2Qjk1NjNBQUQiLCJleHBpcmVzIjoiMjAyMy0wNy0zMFQxMzozMzo0OS4wNzQ1MzQwMTZaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMzc4ODI0MTk3ODkzNzY5NjY3OTU1OSIsImV4cGlyZXMiOiIyMDIzLTA3LTMwVDEzOjMzOjQ0LjIzMDg3MDE2N1oifSwib3BlbngiOnsidWlkIjoiOWNiYjBkMzQtMzJiYi0wYmNmLTIyNDItNjk4NzA2OWQ0MmNjIiwiZXhwaXJlcyI6IjIwMjMtMDctMzBUMTM6MzM6NDEuNzAwMzg5OTE2WiJ9LCJzb3ZybiI6eyJ1aWQiOiJHX1l0YVRaSHA1d0w4TWdPUk5ld0tqODciLCJleHBpcmVzIjoiMjAyMy0wNy0zMFQxMzozMzo0Mi44NzI2NjAwNjdaIn0sInlpZWxkbW8iOnsidWlkIjoiZ2Q5MTA2NDBjNzQxOGZkNGE3MGUiLCJleHBpcmVzIjoiMjAyMy0wNy0zMFQxMzozMzo0MS4yNDMxMDIyNTZaIn19LCJiZGF5IjoiMjAyMy0wNy0xNlQxMzozMzo0MS4yNDI5MzI5NzlaIn0=
.lijit.com/ Name: ljtrtb
Value: eJyNkMtKRDEMht%2FlrA0kaZum7s7MmS4cdDEKyux6BREFL6AgvrutT%2BAu8H%2F8l3wvvFwuHkOwW4x7tAd72FC3nfiIRJuL1mx%2BuVicDm49qES7EvgYEewuIKxb3IPxB9kFJ2Zdt8GyDLYUtCWZBqawBYvIoLU24FJd4czEQSbrB5vYSHfsoFATsF4UkpUANqsvXTEUrIP19P8O6ia77l%2FPT%2F7qDNfjvEP6olY%2Bhxpm6ukBqKqRFhhy0jbivIGQTAExWKWqVnYWEN00nKOO70Zvb2p7vM8fz8d0ejPnl6lNOwpJSLhDyToGN0JQzwI1a3cJq6PGc8Tfc4JmV0wGodEfmTNg8wzUje3d%2B9zJLD%2B%2FZ8xjrA%3D%3D

3 Console Messages

Source Level URL
Text
network error URL: https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.adkernel.com/user-sync?zone=179274&t=image&r=https%3A%2F%2Fsync.colossusssp.com%2F391daa6a645b08ac3da38c9aca2d0c31.gif%3Fpuid%3D%7BUID%7D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62ea30a39dede4f6d44ac289591051076c294526.cws.conviva.com
a.pub.network
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a2f195b3a9eeeec614931d9ac1037e60.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
aorta.clickagy.com
ap.lijit.com
api.btloader.com
api2.amplitude.com
b1sync.zemanta.com
b73f96ca9baed07af5b85189fd3d8e6e.safeframe.googlesyndication.com
b7c3e4c39129bfb510118e5a33f2056e.safeframe.googlesyndication.com
bam-cell.nr-data.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bpi.rtactivate.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c2shb.ssp.yahoo.com
cdn.amplitude.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
ce.lijit.com
cf-images.eu-west-1.prod.boltdns.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.media.net
csync.loopme.me
d.pub.network
data.adsrvr.org
dis.criteo.com
dis.eu.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.api.brightcove.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
geolocation.onetrust.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
js-agent.newrelic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
live-hls-web-aja-fa.getaj.net
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
metrics.brightcove.com
mug.criteo.com
mweb.ck.inmobi.com
openrtb.cootlogix.com
optimise.net
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
players.brightcove.net
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
pro.ip-api.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s2s.t13.io
sb.scorecardresearch.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.chartbeat.com
stats.g.doubleclick.net
subscriptions.hi2free.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.bfmio.com
sync.colossusssp.com
sync.cootlogix.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.127.64.185
104.18.10.47
104.194.156.79
107.178.254.65
108.138.107.138
108.139.54.32
13.225.214.80
130.211.23.194
142.250.65.194
142.250.65.198
142.251.40.194
151.101.193.108
151.101.194.137
151.101.2.27
151.101.2.49
151.101.66.75
162.19.138.119
162.19.138.120
162.247.243.30
169.197.150.8
172.104.64.149
172.240.219.212
173.231.178.115
174.137.133.32
178.250.7.11
18.164.115.222
18.164.96.43
18.204.57.191
185.167.164.37
185.184.8.90
192.40.39.223
195.5.165.20
198.148.27.139
199.127.204.171
199.38.167.131
20.85.134.6
206.81.15.18
207.198.113.87
216.200.232.249
23.105.14.105
23.192.50.109
23.197.21.62
23.198.216.24
23.49.100.28
23.49.101.144
23.49.102.123
23.77.173.122
23.77.173.8
23.88.86.2
23.92.190.68
2600:1f18:4e9:5a01:8254:be27:a710:e85f
2600:9000:21dd:6600:6:44e3:f8c0:93a1
2600:9000:24f1:c400:18:1fcd:353:c61
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:832
2606:4700:4400::ac40:99f6
2606:4700::6812:15ce
2606:4700::6812:17ea
2606:4700::6812:19ad
2606:4700::6812:1d26
2606:4700::6812:a972
2606:ae80:1451:11::2040
2607:f8b0:4004:c08::9a
2607:f8b0:4006:806::2001
2607:f8b0:4006:809::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:824::2002
2620:100:a001::c
2620:10b:7001:10::108
2620:112:f002:bbbb::21
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42::714
2a04:4e42::729
3.209.69.212
3.219.128.143
3.225.218.10
3.230.121.151
3.33.220.150
34.102.163.6
34.102.253.54
34.107.140.113
34.107.148.139
34.111.113.62
34.111.152.239
34.133.71.175
34.160.152.31
34.195.226.204
34.196.240.12
34.204.237.207
34.224.73.219
34.225.72.7
34.236.83.94
35.186.193.173
35.186.253.211
35.190.60.146
35.207.24.140
35.211.118.13
35.211.178.172
35.211.233.246
35.214.141.39
35.244.159.8
35.244.232.184
35.71.139.29
38.91.101.241
38.98.69.175
44.195.117.16
52.205.24.34
52.207.63.185
52.214.91.176
52.44.20.252
52.46.151.131
52.5.155.44
52.86.120.189
52.86.86.10
54.148.115.213
54.173.30.48
63.251.114.137
64.202.112.159
64.227.64.62
64.247.192.254
67.220.226.232
68.183.135.134
68.67.160.117
69.166.1.12
69.90.254.78
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.28.7.84
8.43.72.98
82.145.213.8
01204747c552676cceff27ecab875807de15fc28860715608db3d368ba736b3e
02f5d2ef7ee4cb56c3d962b5c1249998e36c466ab2ac523fe1c4bf7e7da4a123
035857a62dfa3a5a60c66a10e023b88598fc838a308ef9012a20c5dc14c6640f
0495956dfac4a4733a2516231a8cc06c8646da6f6ee2db217a9e0f1d11ed35d9
058eafbce0e211353a4ba2f64a0e3e96007d89b01a8f8a367076f2e0bc249b0f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07808b952c02d2f2b721e6ce44d2fc5669d366dc427c27423f31636a9fa5bde8
09237a43cc10b5f37e7255a0dc8d9e613027370835a420a9d83d1d34bbd80f3e
09c33fc2893b5204f50db0dcb889c7fd68be9ae5de5e332f6037768b74967021
0a7468c8590db5b9d0bf5301cbe0f6ab2825cd7425b8afdf0fc1f219cddfea50
0ad72e91c71320c28b59ee906f08f9d329c10cd8b5c3531cfb7c4783b15ede28
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be63a5b987016d375429d6f06733ac868ccf7f48a2fab0aee31589e9a0b0be4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
10429a04b8e4bfe26c1e2d48ee0a781b96274c86e330e30074a31200b8107457
15458445673fba82012b228c22995b52e1e990c00640ad0af4070c33bb5b549b
15a44fc96cdf9d8fd58944c89dae288824dea803b8d5c12d205d5cce48925489
177b6e96495dcffe2a64c8d7fbe53fdd43fd02b10f84572399eeedc4e0e8ef87
1864b6da1b4b0153bedff49029e75261ed4acd0cdec4625b9d6704ef58a26829
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e813fc6a9f53055f214e73372bea159b2dd5b80ba96cc3276f84b368ccaba6e
1edd5e4886725c081167b928f272037d70466412edb802a54ea00d90dba15440
2334365d61b1cbe182b37bdca3396517db26aa2e9dd579eb87df256b915ab730
243fa2e2f228fba6f0306f5717cbe39357ad86bb0a443965202ddd133a01089e
249865bdd55b5ef365399d3f4e5fd7e6eb244aeb5e9d58191192aa5511e2ebbc
26ec4365620d6bba2d1f06a2b02ab2312abb8b043209f1eafcb8673525346f65
2782883aa2e55fe305dd71c4b8a79cdecd0e3c7b62880f7adf37aafb33739a4a
2cd9c5a3055c9f3435de302cdb9fd07878ba01b5d487834cd5119fc37e97666b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f2ade5159c1207f6679a59f8a82baa0aa1c988e9c06ee81e49ad1a4971ec10a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
335743971dfeaf710eb412da9fa08af16b4630e514d6d78a3a6fd0a414e5e439
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
3528a7ef4de0c7e7e4efc03429d592eee3401a25a33b4461637fb41d45af37ae
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
386463a39e6688ebbd9b6573ab4c82d32fb70490071bdd4ac4551f41647bf23f
399d94f3e5901827d8df8915f24d725844a249eb9a5b55fe3814d25ce0e37e5f
39c56230af6a829bd15c012f6e390f8a6aca3ba4f53182bc151bd8d33fb73878
3b829c7eca0b6b835a268dd2dc30f2ad7efde0ec19667d12cf2a3db990f87ce2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4255b33999a680484686bb0c9eb3be3d1e7b99a5561c0286674411f45ea7e093
42f82fe01d19254ab0e8b8152f5f16eddcb058f3d6278203a8c3feea3fa7f289
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45a942a3685450004b12f1b690d98b4db830dcbd6d0a112f2e57db12d95866a5
45e50e0de5a6f0e1e4e14965adf01a43a59e44709e3104cea3d76bdc796dd444
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489ad77f385273b101db46dc83e0d4a361eda2c7f201c8a51298fa1bcd8e1a87
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c49857022262c26f22ebc605a592a979b90ca58e1a85a647c672f4b9404a263
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4dc6508630cdace96e3c112c234e7a119546e4923676d9ff67a2406333bd189c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e48626b1c9493ac25cdf5945c17862c55dbea0f8433e1db5d1871ab4005e9a9
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fce436edab496f69371f60f5713624413cdd898b5f1b8d0fd72a0516410e867
50301c75f19849b98e507b09634c522d2f5a89e3f4dfaa78792f6e577129a4ce
52337cf2499996a25da3c2f17c8e0492c2d728c4b22bdd9b4da2089fcedac9ba
54856c66656eab92e6f8b7f440455b644c834b1f0b9c70bc3cd8801ed79e0327
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557929cda9c42ae0a80515db84238e7989cc418ba4f52352aeb551131019ed09
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9
5716dce83da5cfb5cb47c7ded58494dc459b262b1e24bd8021f10a8753bc0dba
5843210e6d5017bf9078bac2eb3e67f04ec8a7d7b0d38ba176ade5473c2e63a6
598658fcdf85dd6d5efcf8bfb328deafd7b3bb6eaada0a4adae616d12cf52377
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5af185c4ee2f05f5e2f6407594cd75cb32129871c2ec0f0957be6d3129a8cf54
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
5cad02c504ad829868733b67374cba710be223579b9684c847c42e5f33de502c
5d73e8c2c5d29fcc824d4e00d7cdd80b485f8e70a28d6106e760a838d3a5e04e
5ec34cd5c7043332a37e8854ff8a76e2aac0044af00449bfd15009cd763d5e05
5f978eba1c763836365baf9bee0b7ed0e1fbfaf1de52f6f4842aa208ffd16504
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
609ce15962a314e55f56771cdbae274244452cacb46ff76bbdf97898b137c0e5
6191ac7651d440b704eac8b29a7d30a0d47d7ada32012fdec33c35e6e4f7a2d8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c781fcd72def3572c2070e8f8673ed7928b6de1e8afc8b3db3a7af40ed9a05
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65e121146aa79567ae00f186f794caac9047f8940dbc5449e51f2ef1fb249a76
65e7e005f1259dbd6c79458f5b0d0f4153c8a3316e5471d498bfc330c305f970
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69895b61602814899219a2b22f62b830f4d0e87062461297173adb18019b56b2
69a7dedd57e39117d27245dc511f080ec25ce663a3717a561baba908f6e3be40
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
6e2a711d626909216e2ef18157066decfc3c3cc49fcaa83b10bbfeb8cb1f674c
6e5860213cad1fab761d5e706d5689c7be724047ac398b80e8c2237ee58b5e51
70b8b823e5d5d6b1b16336707dc100f0aae7fe5622b410f560c87fec06dfa0be
717f93dbaef86055de40715df7deea52da11a5477eb0785f20f2eb6a6bd63793
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
755b1bc5bfbf9123d1ba9343b914035de650cd26adac11f5b8b748c9b07cb94c
759e04eaa9539d3a3ae4a443f791936280919bc7380eaad0b5a77dd9c338e620
75af253a3313295cfaa7b4288c964a11f6aa3dfadffb765ab2b9c88132814722
7687a92d7d49967d080f74bdc0d23db10b1dbd40e5102ad70d214f2d7672f2e8
7b17d2d0a88d045b86c025e6a7978189716ddd6776e975bb9de1ad43be17348f
7dd5bd54666e2c00f2af0cc883ea8d33e1c1e53fd8f98f74268010c5a821ae8c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fd6d8cf6d9e28cec957d487e58e4a20f5f61dfc11213eaad47e8ece23b7eead
801460213af7a4cd223a1aaad88d12d60cd0dca4d0764b9df4b88c1ca4a17286
80b8a79436e490ab59fd011c9361dbb0203ec5fa6e14c5306f173a82ea8f0355
80e14a703a0e3f4b7fc76e879ea643ccffd69a866e668978b0eaa6a849475d4a
81f69174fafd9eaa2bee7f9252f23a37e2e620538e7a28ea57f6200155f880bf
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a9458bfa8231d37d73dd4b23d6a16f823b0eb3cf927133bcb42d6b6cdd00c8
877c90a6b4c730fca16b346e4844cce70614bbc46e5efb81c2970175c7139f57
881618daf360e6f41c941a882dd2cd1381e894376987edf6c7c0f5f8b0216626
89b16f47abeedf73fe214c4a2e7435066b0e19c6af486260c31a7aed32d8e6b9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b06ab1078c240dc6e4f7a06d7717c38667f9c1a02cb1122d51e82a1222d647c
8dec82336782450801b5279370164bd030b33c91346bc30cd2901fc853d690fc
8eb1bf05d844dae8563f0996e492392a9ddcc1cd1ae61fd5fcb486309eba4c3f
902be64a2c4af72f18f55d07a190e065416df59f1a72ad1fec2518376ad74928
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9462acdffdc37384c976ea389d0721e0462563bc1b4f0787a2fd7740d80f64e2
96e21b6b7c6b3446063d3834cfa913d312041045b6be86086f524ddedcdf3edb
985f9f1e6a9a3bb5a377819d5e54c318c340f9735204af50f26604d1b9b4f458
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9971f39e901f926d6acb28c8ab479cb8abb8defb721b7c04fac88554483f6c9a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1d154afa039eb904671d1b89c903a20b481e70b3e6a5a5a88eb7c79f8a291b
9a41eef1cdf9c83f03487b02f4409fefcc8883cce3a2bbf913ee6c07fb80e008
9f005ea7c666b9206298ee3b32a01bff3a5568ff1162b9fb56a90004fec1d56f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a088e9aa53d4d22322d7ca2a81103e730fff42e3b7ce415e9671563fdc950b30
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1763e11b4302396d6a0c6906f2281ef1999a7065474fc8844cc72a02e43ec21
a23ccad1032dbda3de454e0e2b7fa06c623cc1e460ff7b4ddc40699c3512f0d1
a2b21466dbeca76bdd11431825244f50047c1ff91ebc756035b29b9d4d5a08ec
a3d516434992267097dddd60c2dc1509991c5a274ae6d38a9db5e596fa7e3937
a6d241c6a1badc2e68fa201e0bca7c97140a61f2f2c2ffd92882a41fd414dc3d
a6d781ef6efa7f5f0c6943c51dea8100c88d7d29473651eb78f25c9e3aba995d
a797e7e09b11a1bbfeec51cc6661c068a744d37a0ecb64b0dfe925249739b7d0
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abe83ace19af20b49a4a7bcb7c5f89255847fb7aadc9d56184646e30ef4b8e25
ac8eb5006347c8781eddd04b6c4f1961a254f15b0bd69fedec3e38879b30ee4a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e16d341f82b9b1af4792cdefe33e782cb8360396be9e7e4f96b08ec94c8a4
b5bf122a5a8be2fcd08ec646c44d655eda49fddd50aaa419679e1c7bf18f4ab3
b69565968bc9db1ec7d3e2a4a3fd1419540b4aedb57732e9de8e6c30848db04f
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b7a74e469f4007b5a1599722e528f3c5ca1cdae1de7b16caaa4c5d5ddf71d5c0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb36fd03894fec67d01859d63ce79c2cc82c983b0fde655247041d3199c6dfe3
bcdf8bb1a4e21c488b42766d1847d2026a56fd82eac8fb15a46c2a3df1a39da3
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
be0f653b20c778db276901fe37758ae96e1be8b5097ac2484e14c8b6603b2d63
c007dea03c59ced667316f47d83e3f606eb317edf5a7161e82f093bfc15fa275
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c42325ee42fbc37c7aaccace384e427a1ee5677f459601f36ba1662da8980fce
c52e2a15cba5be54e6986bd808f5a6aa6705b0efffd9379feb005dabdb748e32
c56945dfb0a004e4c1272f9ac7efed3740cc6faf087bba8a9992843d8dc706dd
c6b7025d248692bf2ece2687b96fef35295bd577fbfd32020e50268b149ffeaf
c6fcb6d1b0b66adddd96da567a815b9cbf0cb8de8dc5edc665d1ad92b0a3db63
c7a6917529f7f26998e6eb7e4f0cf3c83bf8c434da74efa35dc491003ed35c97
cac6d94f93af967cdc992f7aec7a550c2266b19b5e76546f8e4e912e29360bda
cb3023872e04fc84eaae1031562a6c732f59b131293efe3802084aaf2fe362f0
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc9cd7bd5e2415d3edb3ad951a728c59f964e2736bfac9942a2160c8711407e2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08287d39e6d342402b999fa2a43ed5e43545401be93d07e776fa8e942bb1790
d1cd78d1deedc819349009b3933e20bd08a32eff85a6bbe0d54d5aa19951c535
d5771dc90260898a088685aa0db0b397aaa90ca073ca5fa5c55579179d9acd3c
d5a19bd081e4f69832a80d25fba80bd11c3ae79cb1759989dbbf7fedff67f446
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a3ac014a1b220783e4274f66aca38aebc5badb3fbf9924d8fc6901a3d7ae99
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
dd7362a11b49926f54573dc4d2cc5537b09e77f32af782d5c87cd586c01132b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1ee24c12ae19927153eff764e5059d643240830a2d12d9823cca3dd9c605eb8
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5130c846dd2b8362310a320f23c7f7969ac5cc50143e5d39ec4355a498597
e90bb4345e5558905c85070ca994880201a9241dcf21caaa6b3f4887bd864624
e9c405ffee2e699c1329a296dac6db2e29484c347e31c4d163d6f452f4fb7707
ec45ddba29652fe196fcb5ca57089074c821afa9612648e4b2e35b3cf79d3d2e
ee28b6c375e985329de7a899d154b39bd704cc2d9338c347c73281e93fa34e2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052b69260820fc9895897c110efae117cb35d5a203e6ef74683e18a84b37a13
f0644ff47a9b130ccf16f4f996b8ea415e06647674dd28950237526c8593295a
f152deb53be6212958debd28f7e70c0e5a9ab182776358f6808e8d4594a3a006
f48cba86445877b77cac7a7fbe4d94326d68012ae2eadc7e72569379821ec95c
f5c385ae7358a5ffc108c997ad04a842bcb541ffc4444dc922a275d74b8252e1
f6f9da1decb9ee935e54f10cf01a705d45d38238a18739e61c12a369ae08bdb9
f9481655799aef069f2b350ca931ac81304f96274a6ff71e6de52cddd8a958a0
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fd46f9a6ab37232f8b471475cc0c3dfd0bb5d9ef5b5ae855c42ad35d70dd6575
fdc1529a023ad44ec7cf1bda79b7bda73eb1a1ac083f1137df06319eab596687
feeaf9824ea9e629efb766eba7809db81a60968ec9380fdb266bf59258cadf7a
ffc79feebdfe105c3de8840c2a5814b3fae59d3529463fdf9329080967ed92ba