urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Submission: On April 21 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 9 countries across 120 domains to perform 558 HTTP transactions. The main IP is 104.20.59.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 63477.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2020. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.20.59.209 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
25 172.67.75.139 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 7 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
7 23.221.200.152 16625 (AKAMAI-AS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.224.207.75 16509 (AMAZON-02)
1 13.33.46.100 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
7 35.201.71.192 15169 (GOOGLE)
2 3 142.250.65.198 15169 (GOOGLE)
1 23.52.162.190 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3 13.224.207.65 16509 (AMAZON-02)
14 13.224.207.67 16509 (AMAZON-02)
1 35.241.45.217 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.226.31.96 16509 (AMAZON-02)
4 26 23.52.162.21 16625 (AKAMAI-AS)
1 13.224.207.49 16509 (AMAZON-02)
6 142.250.80.2 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 23.52.163.40 16625 (AKAMAI-AS)
1 130.211.23.194 15169 (GOOGLE)
2 35.227.238.208 15169 (GOOGLE)
2 151.101.193.140 54113 (FASTLY)
5 13.224.202.14 16509 (AMAZON-02)
2 5 2620:116:800b... 14618 (AMAZON-AES)
1 23.52.162.163 16625 (AKAMAI-AS)
2 52.204.248.204 14618 (AMAZON-AES)
1 34.149.20.76 15169 (GOOGLE)
7 54.166.104.187 14618 (AMAZON-AES)
6 21 35.244.159.8 15169 (GOOGLE)
2 34.107.148.139 15169 (GOOGLE)
8 20 68.67.160.114 29990 (ASN-APPNEX)
6 44.194.134.45 14618 (AMAZON-AES)
2 2602:803:c002... 26667 (RUBICONPR...)
4 54.208.57.183 14618 (AMAZON-AES)
20 104.16.68.69 13335 (CLOUDFLAR...)
2 35.211.165.199 15169 (GOOGLE)
2 204.237.133.116 3257 (GTT-BACKB...)
8 3.230.217.116 14618 (AMAZON-AES)
2 23.0.229.23 16625 (AKAMAI-AS)
1 2600:9000:20e... 16509 (AMAZON-02)
1 3.213.231.202 14618 (AMAZON-AES)
1 23.217.153.125 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 2 51.89.21.20 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
30 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 23 209.54.180.3 16509 (AMAZON-02)
26 2607:f8b0:400... 15169 (GOOGLE)
4 8 34.232.7.173 14618 (AMAZON-AES)
3 3 52.116.221.248 36351 (SOFTLAYER)
8 8 64.202.112.31 23352 (SERVERCEN...)
5 5 173.223.56.123 16625 (AKAMAI-AS)
14 14 2606:ae80:145... 26762 (CNVR-US-EAST)
1 1 20.72.149.136 8075 (MICROSOFT...)
6 11 34.206.186.180 14618 (AMAZON-AES)
5 96.16.29.14 16625 (AKAMAI-AS)
2 54.84.41.110 14618 (AMAZON-AES)
6 104.105.42.146 16625 (AKAMAI-AS)
1 5 198.148.27.139 19189 (PULSEPOINT)
2 3 63.251.114.137 29791 (VOXEL-DOT...)
4 20 35.71.139.29 16509 (AMAZON-02)
22 55 142.251.40.226 15169 (GOOGLE)
4 4 207.198.113.169 13768 (COGECO-PEER1)
2 2 52.0.156.250 14618 (AMAZON-AES)
3 3 107.178.246.49 15169 (GOOGLE)
4 7 104.36.115.113 62713 (AS-PUBMATIC)
4 25 23.78.138.84 16625 (AKAMAI-AS)
3 3 69.90.254.78 13768 (COGECO-PEER1)
4 63.251.114.182 29791 (VOXEL-DOT...)
19 19 35.71.131.137 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 69.173.144.165 26667 (RUBICONPR...)
16 18 35.211.178.172 15169 (GOOGLE)
5 5 52.200.181.105 14618 (AMAZON-AES)
5 5 68.67.161.182 29990 (ASN-APPNEX)
2 104.36.115.114 62713 (AS-PUBMATIC)
7 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
6 142.250.64.98 15169 (GOOGLE)
1 18.67.65.85 16509 (AMAZON-02)
1 52.1.9.6 14618 (AMAZON-AES)
1 3.140.125.127 16509 (AMAZON-02)
1 2 23.195.109.72 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 3 69.12.8.74 11742 (SPOTX-IAD)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
2 2 3.214.98.210 14618 (AMAZON-AES)
2 2 51.161.117.180 16276 (OVH)
1 1 69.166.1.10 27630 (AS-XFERNET)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
6 6 151.101.130.49 54113 (FASTLY)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
4 6 3.218.90.66 14618 (AMAZON-AES)
1 1 54.156.95.15 14618 (AMAZON-AES)
2 2 35.186.253.211 15169 (GOOGLE)
4 7 8.43.72.97 26667 (RUBICONPR...)
4 4 35.190.90.30 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 142.250.80.34 15169 (GOOGLE)
8 8 67.202.105.24 32748 (STEADFAST)
1 2 67.202.105.32 32748 (STEADFAST)
2 151.101.193.108 54113 (FASTLY)
1 2 3.95.80.233 14618 (AMAZON-AES)
4 4 199.127.204.142 26120 (RHYTHMONE)
3 3 199.38.167.128 54312 (ROCKETFUEL)
5 5 147.75.38.124 54825 (PACKET)
3 3 162.248.18.11 62713 (AS-PUBMATIC)
1 1 34.102.253.54 15169 (GOOGLE)
4 22 8.28.7.83 62713 (AS-PUBMATIC)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 3 8.28.7.84 62713 (AS-PUBMATIC)
4 5 185.167.164.42 198622 (ADFORM)
1 2 104.18.100.194 13335 (CLOUDFLAR...)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
8 8 18.197.103.129 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 54.210.154.62 14618 (AMAZON-AES)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
7 7 216.200.232.249 30419 (MEDIAMATH...)
4 4 34.237.108.132 14618 (AMAZON-AES)
5 11 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
2 2620:100:a001::c 19750 (AS-CRITEO)
6 6 52.200.63.55 14618 (AMAZON-AES)
3 3 74.119.119.150 19750 (AS-CRITEO)
2 2 44.201.217.92 14618 (AMAZON-AES)
1 1 52.21.125.8 14618 (AMAZON-AES)
1 1 34.111.151.213 15169 (GOOGLE)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 173.231.178.85 29791 (VOXEL-DOT...)
1 2 54.211.115.184 14618 (AMAZON-AES)
2 2 23.10.88.241 16625 (AKAMAI-AS)
7 104.36.115.109 62713 (AS-PUBMATIC)
2 52.206.102.177 14618 (AMAZON-AES)
1 1 51.68.39.188 16276 (OVH)
1 2 4.78.226.233 3356 (LEVEL3)
1 1 45.35.192.162 40676 (AS40676)
1 2 13.224.207.10 16509 (AMAZON-02)
3 23.52.163.93 16625 (AKAMAI-AS)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 34.74.216.17 396982 (GOOGLE-CL...)
4 4 8.43.72.98 26667 (RUBICONPR...)
1 1 23.1.200.83 16625 (AKAMAI-AS)
1 1 54.159.196.118 14618 (AMAZON-AES)
6 34.117.239.71 396982 (GOOGLE-CL...)
1 1 2a04:4e42:400... ()
1 151.101.1.44 ()
1 5.161.54.172 ()
1 1 50.19.44.88 ()
1 1 104.45.178.220 ()
1 34.203.95.120 ()
558 111
2    104.20.59.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
2    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
25    172.67.75.139 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
5    2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
1    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    23.221.200.152 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-152.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
m.addthis.com
s7.addthis.com
api-public.addthis.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    13.224.207.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-75.phl50.r.cloudfront.net
ecdn.analysis.fi
1    13.33.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-100.ewr52.r.cloudfront.net
ecdn.firstimpression.io
6    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com
d.pub.network
c.pub.network
3    142.250.65.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
1    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    13.224.207.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-65.phl50.r.cloudfront.net
sb.scorecardresearch.com
14    13.224.207.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-67.phl50.r.cloudfront.net
cdn.firstimpression.io
tagan.adlightning.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
6    2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    13.226.31.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-31-96.ewr53.r.cloudfront.net
ats.rlcdn.com
26    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
1    13.224.207.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-49.phl50.r.cloudfront.net
geo.privacymanager.io
6    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
10    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
www.reddit.com
5    13.224.202.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-202-14.phl50.r.cloudfront.net
c.amazon-adsystem.com
5    2620:116:800b:21:44af:4f54:8af4:5563 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    23.52.162.163 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-163.deploy.static.akamaitechnologies.com
s.ntv.io
2    52.204.248.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-248-204.compute-1.amazonaws.com
tlx.3lift.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
7    54.166.104.187 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-104-187.compute-1.amazonaws.com
btlr.sharethrough.com
21    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
us-u.openx.net
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
20    68.67.160.114 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
6    44.194.134.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-134-45.compute-1.amazonaws.com
c.deployads.com
2    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    54.208.57.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-57-183.compute-1.amazonaws.com
ads.yieldmo.com
20    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
2    35.211.165.199 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
2    204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
8    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
2    23.0.229.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-229-23.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    2600:9000:20ed:3200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    3.213.231.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-231-202.compute-1.amazonaws.com
jadserve.postrelease.com
1    23.217.153.125 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-153-125.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    51.89.21.20 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p14.id5-sync.com
id5-sync.com
1    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
3    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
30    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
23    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
26    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    34.232.7.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-7-173.compute-1.amazonaws.com
match.prod.bidr.io
3    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
8    64.202.112.31 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
5    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
stags.bluekai.com
e.dlx.addthis.com
14    2606:ae80:1451:21::410 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
districtm-match.dotomi.com
33across-match.dotomi.com
1    20.72.149.136 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
11    34.206.186.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-186-180.compute-1.amazonaws.com
match.sharethrough.com
5    96.16.29.14 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-29-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    54.84.41.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-41-110.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
6    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    63.251.114.137 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
20    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
55    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
cm.g.doubleclick.net
4    207.198.113.169 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
3    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
7    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
25    23.78.138.84 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-138-84.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
hbx.media.net
3    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
4    63.251.114.182 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
19    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
data.adsrvr.org
match.adsrvr.org
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
18    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    68.67.161.182 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
7    2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
googleads.g.doubleclick.net
14    2607:f8b0:4006:824::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net
googleads4.g.doubleclick.net
1    18.67.65.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-85.iad89.r.cloudfront.net
tag.researchnow.com
1    52.1.9.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-9-6.compute-1.amazonaws.com
geo.moatads.com
1    3.140.125.127 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-125-127.us-east-2.compute.amazonaws.com
mb.moatads.com
2    23.195.109.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-109-72.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:1f18:612b:4264:29b9:1155:5103:2a66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
3    69.12.8.74 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    3.214.98.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-98-210.compute-1.amazonaws.com
sync.extend.tv
2    51.161.117.180 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns572508.ip-51-161-117.net
c.us1.dyntrk.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
6    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    54.156.95.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-95-15.compute-1.amazonaws.com
pixel.everesttech.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
7    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
4    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2607:f8b0:4020:1::6 (Montreal, Canada)

ASN15169 (GOOGLE, US)
r1---sn-t0a7ln7d.c.2mdn.net
1    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
ade.googlesyndication.com
8    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    3.95.80.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-80-233.compute-1.amazonaws.com
sync.bfmio.com
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
3    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    162.248.18.11 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
22    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
5    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
5    2600:1f18:4e9:5a01:166f:faec:e70b:6d2e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
8    18.197.103.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-103-129.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    54.210.154.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-154-62.compute-1.amazonaws.com
sync.ipredictive.com
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
7    216.200.232.249 (Monrovia, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    34.237.108.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-108-132.compute-1.amazonaws.com
pixel.advertising.com
11    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
6    52.200.63.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-63-55.compute-1.amazonaws.com
pm.w55c.net
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    44.201.217.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-201-217-92.compute-1.amazonaws.com
ads.avct.cloud
1    52.21.125.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-125-8.compute-1.amazonaws.com
d.adroll.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    173.231.178.85 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    54.211.115.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-115-184.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
2    23.10.88.241 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-10-88-241.deploy.static.akamaitechnologies.com
px.owneriq.net
7    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    52.206.102.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-102-177.compute-1.amazonaws.com
rtb.adentifi.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    4.78.226.233 (Mobile, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
2    13.224.207.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-207-10.phl50.r.cloudfront.net
aa.agkn.com
3    23.52.163.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-93.deploy.static.akamaitechnologies.com
c21lg-d.media.net
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    34.74.216.17 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.216.74.34.bc.googleusercontent.com
dmx.us-east-29.districtm.io
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    54.159.196.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-196-118.compute-1.amazonaws.com
cms-xch.33across.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
cms-xch-chicago.33across.com
events-ssc.33across.com
1    2a04:4e42:400::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.1.44 (None, )

ASN- ()
match.taboola.com
1    5.161.54.172 (None, )

ASN- ()
matching.truffle.bid
1    50.19.44.88 (None, )

ASN- ()
docker.creative-serving.com
1    104.45.178.220 (None, )

ASN- ()
mweb.ck.inmobi.com
1    34.203.95.120 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
76 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 196
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
294 KB
63 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
ade.googlesyndication.com — Cisco Umbrella Rank: 271
342 KB
51 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
ads.pubmatic.com — Cisco Umbrella Rank: 461
image6.pubmatic.com — Cisco Umbrella Rank: 622
simage4.pubmatic.com — Cisco Umbrella Rank: 1174
image8.pubmatic.com — Cisco Umbrella Rank: 605
simage2.pubmatic.com — Cisco Umbrella Rank: 620
image4.pubmatic.com — Cisco Umbrella Rank: 880
image2.pubmatic.com — Cisco Umbrella Rank: 898
aud.pubmatic.com Failed
56 KB
30 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
contextual.media.net — Cisco Umbrella Rank: 527
cs.media.net — Cisco Umbrella Rank: 1824
hbx.media.net — Cisco Umbrella Rank: 1409
c21lg-d.media.net — Cisco Umbrella Rank: 1760
89 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
65 KB
27 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
secure.adnxs.com — Cisco Umbrella Rank: 438
acdn.adnxs.com — Cisco Umbrella Rank: 597
89 KB
25 bleepstatic.com
www.bleepstatic.com — Cisco Umbrella Rank: 127395
172 KB
23 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
ssum.casalemedia.com — Cisco Umbrella Rank: 1353
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 556
32 KB
23 openx.net
freestar-d.openx.net — Cisco Umbrella Rank: 8421
us-u.openx.net — Cisco Umbrella Rank: 411
rtb.openx.net — Cisco Umbrella Rank: 1537
4 KB
22 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 569
eb2.3lift.com — Cisco Umbrella Rank: 400
9 KB
21 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1674
cdn.districtm.io — Cisco Umbrella Rank: 1572
dmx.us-east-29.districtm.io — Cisco Umbrella Rank: 190873
8 KB
21 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com — Cisco Umbrella Rank: 567
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2538
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
token.rubiconproject.com — Cisco Umbrella Rank: 675
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1194
41 KB
20 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1151
x.bidswitch.net — Cisco Umbrella Rank: 289
8 KB
19 adsrvr.org
data.adsrvr.org — Cisco Umbrella Rank: 5644
match.adsrvr.org — Cisco Umbrella Rank: 355
10 KB
19 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 846
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
8 KB
18 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1077 Failed
match.sharethrough.com — Cisco Umbrella Rank: 582
4 KB
16 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
gcdn.2mdn.net — Cisco Umbrella Rank: 1008
r1---sn-t0a7ln7d.c.2mdn.net — Cisco Umbrella Rank: 319531
572 KB
16 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1496
ssc-cms.33across.com — Cisco Umbrella Rank: 994
cms-xch.33across.com — Cisco Umbrella Rank: 3818
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 1694
events-ssc.33across.com — Cisco Umbrella Rank: 8238
6 KB
14 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5352
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 3714
medianet-match.dotomi.com — Cisco Umbrella Rank: 9688
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3142
districtm-match.dotomi.com — Cisco Umbrella Rank: 8601
33across-match.dotomi.com — Cisco Umbrella Rank: 3169
5 KB
13 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1459
299 KB
12 moatads.com
z.moatads.com — Cisco Umbrella Rank: 390
geo.moatads.com — Cisco Umbrella Rank: 583
mb.moatads.com — Cisco Umbrella Rank: 626
px.moatads.com — Cisco Umbrella Rank: 419
114 KB
12 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1312
id.rlcdn.com — Cisco Umbrella Rank: 601
idsync.rlcdn.com — Cisco Umbrella Rank: 327
37 KB
12 pub.network
a.pub.network — Cisco Umbrella Rank: 6014
d.pub.network — Cisco Umbrella Rank: 6282
c.pub.network — Cisco Umbrella Rank: 6190
351 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 77
2 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
124 KB
8 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 866
5 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 593
5 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 503
2 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 576
pixel.everesttech.net — Cisco Umbrella Rank: 3287
1 KB
7 mathtag.com
mathid.mathtag.com Failed
sync.mathtag.com — Cisco Umbrella Rank: 445
4 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
ce.lijit.com — Cisco Umbrella Rank: 930
7 KB
7 addthis.com
s9.addthis.com — Cisco Umbrella Rank: 148577
m.addthis.com — Cisco Umbrella Rank: 1411
s7.addthis.com — Cisco Umbrella Rank: 1487 Failed
api-public.addthis.com — Cisco Umbrella Rank: 4030
e.dlx.addthis.com — Cisco Umbrella Rank: 1696
219 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 884
4 KB
6 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 614
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5536
sync-pp.ads.yieldmo.com — Cisco Umbrella Rank: 10045
2 KB
6 deployads.com
c.deployads.com — Cisco Umbrella Rank: 4041
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
209 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 383
dis.criteo.com — Cisco Umbrella Rank: 706
2 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 769
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 577
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
2 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 835
2 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 578
4 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 975
pixel.quantserve.com — Cisco Umbrella Rank: 423
cms.quantserve.com — Cisco Umbrella Rank: 1127
11 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 723
5 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 371
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 542
2 KB
4 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 962
791 B
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
1 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
3 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 481
4 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 718
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 824
s.tribalfusion.com — Cisco Umbrella Rank: 2497
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 531
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 677
us.creativecdn.com — Cisco Umbrella Rank: 2699
986 B
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1157
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 434
665 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 825
1 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1681
id5-sync.com — Cisco Umbrella Rank: 699
15 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
506 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 431
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4748
965 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1130
93 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1082
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1390
569 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2853
894 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 732
614 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1068
984 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 555
551 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1264
598 B
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1348
3 KB
2 dyntrk.com
c.us1.dyntrk.com — Cisco Umbrella Rank: 5737
1 KB
2 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1745
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1031
522 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1158
2 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 3204
mweb.ck.inmobi.com
1 KB
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 12925
914 B
2 reddit.com
www.reddit.com — Cisco Umbrella Rank: 2185
958 B
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 10697
4 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1307
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1133
api.btloader.com — Cisco Umbrella Rank: 1274
38 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 17877
cdn.firstimpression.io — Cisco Umbrella Rank: 18219
100 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
2 bleepingcomputer.com
www.bleepingcomputer.com — Cisco Umbrella Rank: 63477
11 KB
1 gumgum.com
rtb.gumgum.com
209 B
1 creative-serving.com
docker.creative-serving.com
475 B
1 truffle.bid
matching.truffle.bid
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2253
485 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 2968
482 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 919
211 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2020
366 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1594
112 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4000
390 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 234
666 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2403
534 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3831
462 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4507
539 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 868
874 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1001
183 B
1 researchnow.com
tag.researchnow.com — Cisco Umbrella Rank: 2588
443 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1654
17 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1183
762 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 903
1 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3577
115 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1691
855 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1433
596 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 7205
537 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1567
4 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1340
3 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 22035
5 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1199
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
38 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 loopme.me Failed
csync.loopme.me Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 bnmla.com Failed
match.bnmla.com Failed
558 120
Domain Requested by
55 cm.g.doubleclick.net 22 redirects googleads.g.doubleclick.net
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
eb2.3lift.com
us-u.openx.net
30 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tagan.adlightning.com
s0.2mdn.net
26 tpc.googlesyndication.com tagan.adlightning.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
25 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
23 s.amazon-adsystem.com 2 redirects tagan.adlightning.com
s.amazon-adsystem.com
bh.contextweb.com
ap.lijit.com
sync-amz.ads.yieldmo.com
match.sharethrough.com
simage4.pubmatic.com
eb2.3lift.com
us-u.openx.net
contextual.media.net
ssum-sec.casalemedia.com
22 simage2.pubmatic.com 4 redirects ads.pubmatic.com
20 eb2.3lift.com 4 redirects a.pub.network
eb2.3lift.com
20 ib.adnxs.com 8 redirects a.pub.network
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
eb2.3lift.com
acdn.adnxs.com
19 us-u.openx.net 6 redirects googleads.g.doubleclick.net
a.pub.network
us-u.openx.net
18 x.bidswitch.net 16 redirects contextual.media.net
18 match.adsrvr.org 18 redirects
17 contextual.media.net ap.lijit.com
a.pub.network
contextual.media.net
16 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
16 dmx.districtm.io a.pub.network
cdn.districtm.io
14 s0.2mdn.net www.bleepingcomputer.com
s0.2mdn.net
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
tagan.adlightning.com
13 tagan.adlightning.com a.pub.network
tagan.adlightning.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
11 match.sharethrough.com 6 redirects s.amazon-adsystem.com
match.sharethrough.com
8 rtb.mfadsrvr.com 8 redirects
8 ssc-cms.33across.com 8 redirects
8 px.moatads.com e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
8 b1sync.zemanta.com 8 redirects
8 match.prod.bidr.io 4 redirects s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
ads.pubmatic.com
cdn.districtm.io
8 c2shb.ssp.yahoo.com a.pub.network
7 image2.pubmatic.com ads.pubmatic.com
7 id.rlcdn.com 4 redirects contextual.media.net
7 sync.mathtag.com 7 redirects
7 image6.pubmatic.com 4 redirects ads.pubmatic.com
7 btlr.sharethrough.com a.pub.network
7 www.google.com 1 redirects tagan.adlightning.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
6 pm.w55c.net 6 redirects
6 pixel.rubiconproject.com 3 redirects
6 ups.analytics.yahoo.com 4 redirects us-u.openx.net
6 sync-tm.everesttech.net 6 redirects
6 cs.media.net 4 redirects contextual.media.net
6 googleads4.g.doubleclick.net www.bleepingcomputer.com
googleads.g.doubleclick.net
6 googleads.g.doubleclick.net e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
www.bleepingcomputer.com
tagan.adlightning.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
a.pub.network
de.tynt.com
6 c.pub.network a.pub.network
6 e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
6 c.deployads.com a.pub.network
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
6 www.googletagservices.com a.pub.network
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 ad.turn.com 5 redirects
5 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
ads.pubmatic.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 prebid.a-mo.net 5 redirects
5 secure.adnxs.com 5 redirects
5 sync.srv.stackadapt.com 5 redirects
5 bh.contextweb.com 1 redirects s.amazon-adsystem.com
bh.contextweb.com
5 ads.pubmatic.com s.amazon-adsystem.com
simage4.pubmatic.com
a.pub.network
ads.pubmatic.com
5 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
5 js-sec.indexww.com a.pub.network
ssum-sec.casalemedia.com
5 a.pub.network www.bleepingcomputer.com
a.pub.network
tagan.adlightning.com
4 token.rubiconproject.com 4 redirects
4 medianet-match.dotomi.com 4 redirects
4 idsync.rlcdn.com 1 redirects us-u.openx.net
ads.pubmatic.com
4 pixel.advertising.com 4 redirects
4 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
4 sync.1rx.io 4 redirects
4 cdn.districtm.io a.pub.network
cdn.districtm.io
4 odr.mookie1.com 4 redirects
4 px.ads.linkedin.com 3 redirects
4 ce.lijit.com ap.lijit.com
4 pixel-sync.sitescout.com 4 redirects
4 stags.bluekai.com 4 redirects
4 ads.yieldmo.com a.pub.network
sync-amz.ads.yieldmo.com
3 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
3 cms-xch-chicago.33across.com de.tynt.com
3 c21lg-d.media.net contextual.media.net
3 dis.criteo.com 3 redirects
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 image8.pubmatic.com 3 redirects
3 p.rfihub.com 3 redirects
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 ums.acuityplatform.com 3 redirects
3 pixel.tapad.com 3 redirects
3 ap.lijit.com 2 redirects s.amazon-adsystem.com
3 um.simpli.fi 3 redirects
3 adservice.google.com tagan.adlightning.com
3 pixel.quantserve.com 2 redirects
3 s7.addthis.com s9.addthis.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 ad.doubleclick.net 2 redirects www.bleepingcomputer.com
3 www.gstatic.com www.bleepingcomputer.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
2 33across-match.dotomi.com 2 redirects
2 districtm-match.dotomi.com 2 redirects
2 aa.agkn.com 1 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 rtb.adentifi.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 pubmatic-match.dotomi.com 2 redirects
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 ads.avct.cloud 2 redirects
2 gum.criteo.com contextual.media.net
2 hbx.media.net contextual.media.net
2 pippio.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 sync.bfmio.com 1 redirects
2 acdn.adnxs.com a.pub.network
2 de.tynt.com 1 redirects a.pub.network
2 rtb.openx.net 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 c.us1.dyntrk.com 2 redirects
2 sync.extend.tv 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 simage4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 loadm.exelator.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 adservice.google.ca tagan.adlightning.com
2 id5-sync.com 1 redirects cdn.id5-sync.com
2 htlb.casalemedia.com a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 grid.bidswitch.net a.pub.network
2 fastlane.rubiconproject.com a.pub.network
2 prebid.media.net a.pub.network
2 freestar-d.openx.net a.pub.network
2 tlx.3lift.com a.pub.network
2 www.reddit.com s9.addthis.com
2 api.floors.dev a.pub.network
2 z.moatads.com s9.addthis.com
s0.2mdn.net
2 ad-delivery.net www.bleepingcomputer.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com www.bleepingcomputer.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
2 www.bleepingcomputer.com static.cloudflareinsights.com
1 rtb.gumgum.com
1 mweb.ck.inmobi.com 1 redirects
1 docker.creative-serving.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 cms-xch.33across.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 dmx.us-east-29.districtm.io
1 us.creativecdn.com 1 redirects
1 sync.resetdigital.co 1 redirects
1 dsp.nrich.ai 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 dmp.brand-display.com 1 redirects
1 d.adroll.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 c.bing.com eb2.3lift.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ssum.casalemedia.com 1 redirects
1 ade.googlesyndication.com
1 r1---sn-t0a7ln7d.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 cms.quantserve.com e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
1 e.dlx.addthis.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 dsp.adkernel.com 1 redirects
1 s.tribalfusion.com
1 sync.go.sonobi.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 mb.moatads.com tagan.adlightning.com
1 geo.moatads.com tagan.adlightning.com
1 tag.researchnow.com e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
1 sync-pp.ads.yieldmo.com sync-amz.ads.yieldmo.com
1 pixel-eu.rubiconproject.com 1 redirects
1 data.adsrvr.org 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 jadserve.postrelease.com tagan.adlightning.com
1 rules.quantcount.com secure.quantserve.com
1 ssc.33across.com a.pub.network
1 s.ntv.io a.pub.network
1 secure.quantserve.com a.pub.network
1 api-public.addthis.com s9.addthis.com
1 api.btloader.com freestar-io.videoplayerhub.com
1 m.addthis.com s9.addthis.com
1 v1.addthisedge.com s9.addthis.com
1 geo.privacymanager.io ats.rlcdn.com
1 ats.rlcdn.com a.pub.network
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 pghub.io a.pub.network
1 cdn.firstimpression.io ecdn.firstimpression.io
1 widgets.outbrain.com www.bleepingcomputer.com
1 d.pub.network a.pub.network
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 static.cloudflareinsights.com www.bleepingcomputer.com
1 s9.addthis.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
0 uipglob.semasio.net Failed
0 aud.pubmatic.com Failed
0 pixel.onaudience.com Failed
0 core.iprom.net Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 match.bnmla.com Failed ads.pubmatic.com
0 mathid.mathtag.com Failed ads.pubmatic.com
558 200

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
www.adlightning.com
Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-16 -
2022-05-15		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-16 -
2022-06-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-02-23 -
2022-05-24		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2022-08-16		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-03-22 -
2022-06-20		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.deployads.com
Amazon		 2021-06-03 -
2022-07-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.yieldmo.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.researchnow.com
Amazon		 2021-11-13 -
2022-12-11		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
truffle.bid
R3		 2022-04-16 -
2022-07-15		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh

This page contains 85 frames:

Primary Page: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Frame ID: 390EF4CFBA23D406356B6601E3620DE9
Requests: 152 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 639F72038DEBC8F6569F9CC45AA8F6A5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9FB3D890CADA0D7CC264247A864F7BD0
Requests: 1 HTTP requests in this frame

Frame: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7DE2ED3406F2B0EBBC64A2C8594344D1
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: 3CA56BAC1218A24BBD9AE2BC3B95FBA3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Frame ID: 9DD663080A86E5BDE121FC899A37686C
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcYxJqjLrHAN-4FBiAAAAAAA&expiration=1650636439&is_secure=true
Frame ID: 4E8D7A5D82E0CA2C8F8E29F9351ECEF2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOMyb-I4qy8rNxwR_-xwYD85pTlxMS_-7kjjiCtQ
Frame ID: 66BEA545345159C11576C487C86C4874
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: F495CB3791FD80630DE9753347BD922A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 3276D75AC8F79D312CD82D12B3AE0667
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: B992EA9E02063139D73771700B6095DF
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 3FEBF8A1F0045A138CE779ED933968E8
Requests: 2 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 303CBD19DD3DDD2351F0D1335404B459
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8298961850055676383&ex=appnexus.com
Frame ID: A453FA85D8F3713E10059D15BCE3CE80
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: A042B1DED62F5A27FBF676206BC97BAA
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1011297303317820384187
Frame ID: 8F819211CD12BEFC0BBE523E81C43BA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E5BA96ADD2A6768F146DF7C159BA3A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E48F5CC9EDBD28C39E04949F1595FDCE
Requests: 2 HTTP requests in this frame

Frame: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=A0FE65C3-B086-4EBC-948F-63314685AFBC&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 4B087F6DE3D29F3DC3838362D9E5C57E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DA0FE65C3-B086-4EBC-948F-63314685AFBC%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Frame ID: 3617711A297FE9068B04C99AC8D00E2D
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=A0FE65C3-B086-4EBC-948F-63314685AFBC&ex=pubmatic.com
Frame ID: 1C35B6509BFF4D93DFFE986054D29FB1
Requests: 1 HTTP requests in this frame

Frame: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E030A881E61BA55C7F9697BB9000785C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYtdrKxgEwAQ&v=APEucNU2reyPplIw1q5g_LCxlfCO4_HpMWHND6crwU5SV0tJbZ1UzI0h0tf4nr0pyYrWF0glMmoom0R65J7W9eIR5rJM9FxjkQ
Frame ID: 5ABF801ACBD126E77FE85DE9B774779B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBa8XKPAplBNeuBv-9WXHuNGapSQTTLLhtnfmuMxigAGQIjJYUIE4TVOWkfiBWDBSoohdqzB3iFQWKNo7jE6AS6QKWtsFt0vkeQzrM37tBBoDw5XRqxqqNNvdxsg4fmusFMb1MKSL136w0E6EaB6SQTT3kBQ&dbm_d=AKAmf-DO7e06KFLdBlxla-2SFxGpRKkmnDrpvCY-I_z6DQrAQrCtwQY1_yY1ELPKu6PR13vgP7tn8gGtyHqKCBe-m8MR7fCubOV97LqpyB0JoYQwg2u8b5H0hgrJpsBix9eUnlkAVMxe5tpcDc5fv_JaYVpujgY3nKjn9XuM5ZdhSL6YyMNqJl_a-X0f-JtDDNp3pORyGX_x2K8xgFG0Pap3p0UTn5uZP5YIWrZR8i5XsZvS_7rbfrCQ77PGg6nd7HVx4sjJdyy6ITA2swhaby72UXeyINAjdul9yUmAVhDzyndnQ-omc8HvIUwak3TuVDHzmokJX0HUMZN-fMmGh0Bi6GhMPvmTgOiqV2P5FBJHrJLXLj8MLxpvKFxEG3Vqr3SMmYYp_lPHfrnBwO-wlk6aitl0Vt33wx3lhfYs8yma2DsukgOOofbAxvo-nxbf39dWjNqnzqhTg0LakYJPTg34Fny9icd0ahDvYPeRsUhyNlWd1pLDvmyaYepfkJnay0jGn_jTv9vxGyAZgjbarrX9hSUjDdMHcxTMiyA_TlAPeaLYaOqKlm4QOtFxOQ_6T6DcvV3A3ail1-LVEYNZQUmwqHTcganl7HBEgRqvkvXOfbu2OmEAAaR9pdYMCipHkbY1rHIv58HYEydeSVtZzgutWBiiR7fqT5IsoQNzq3zLpQ-akM5tze3XFz6qHJunYJ61UIMlAm5dM_W591gJqYvtcUs7iysEET_L58ruD3qo4i2Nnb7qHIoHhqBwVdrcvww7Mjtk9ZfqPiP9jSmcs01bTRyKtFP_VwLM8iWd8ChCO7Du16vvce-aQxCem1H3hL1lYbyU9vBUrPybe2yi9WsEcOAgLiQWD-F-AA5g6-7J694MVEyZCNP89GUvhQJl46eb2qpLmmYT1rT1iFL1fCLGA69DBDJcWjx60LlqUSwskQBx4ROoa8b7mc-EcI8ytDn4pmZBZdmNRUUYkEVC4qlfXqYnnVLg2cDX2ekHm3kpyqoknUEB1M9Uf3RzYwToZlUCdiJTTXkXHE4KSxt6LdOrwnMEPgKUhYCcDDrMM3PgdUsPD2Ckc9EmzJcDEp8rQ9MmSXJmtnKUwFvqbNxIyjiClfwOgUu2j8238t0jfDsQ42vMkINywMsimT9WjG12qQpmUX-rrP3NM-GefYtb9tqGBT1PvCYrxhqCV9XMnKBmIS507sRj-8lioaqR-Th_4URAwgPkQMj-rs0Y6RAFY7rDh-Z4AIB-ufkWWcAPJst63PGCjtw3sdxY4qWdgBmB9DAzIXgUImmcJ_Oo371nXK4_LD4065JT8dWBplTAoXVVi-HkkDUeWCqdE596pFuS7v-mldCHQUBek9anTeGGVo0CytWWJ0Y_ss9bRzm4EirphivjildGKKLDniSM8dT9jbcdzqYg2ZdgXAj8KQitxWwlKi6SxCCrKCQfidF65jQeF9NLXT5m6upgv3hZS8w-FhNF4NCopeB1DqvCwcCiyw5AHTukZnhwBj_NpO340Vxr2pyVeMnpSsrd8gijUOU99NOcNkWCPLBngE8jnH5LCBnZU75B4AdRU9M9XgrNxYrHSzDnuPyV63EGKMJvpfUlUwP8ooYVpIajH1lN5631W6_7M_5VxG3EzmVFw7_WsCD9RseLlYfgh0W9UGz2dsrSIeUmTtbO7PixgHBCGdTiykG8J13SBbocHOXntjXi4LWzsMKQwiK3JH6qG2tcGcM3gxf8eHz3Q0ZC-DdEtmXF9Osb_SZpp7hwKed1g0thLWPYuxWrZCCmGaHI9JF3RRGyt7rVo4-CsKPTZYGmHPKbE6Kv8EYNLRwxaeWvvt0kkmjeCTDpIOAdSvGiUIcXKI5OoMpA6DSRroqp6lVEpgOwMdG6BazCwT9c37fHjByOZZYctTrT1ucACWBgLMyvvCrvuxUW1MsHSTNypApFD42tALj6Czq2nTgo3alxuNhcf-ScdBjxgN27GWZ6qh2wRzM-tvCttJ9OwDBtZkaGcx9sb_HymYY5KiuePkqNxVhPgIQrHwODUHlF-GJQxBWMWhzYQIblur4Z2S0RDP9hc5BvM4YO11Eb7upf_esGko-j6RbqlOl6-qihFZ_eFu0QAZ0R1md2mmv4vLYwy-rjqHMlDObwYX7BvvCILcy7RRCPjdBd6bRWrwzavjELjKrXHhGMGg43YOI8v6o8csRCHCcmyiK50bqYpwKlVG7P5AR3dOfSjJ2rzEMw_jHRxqIlu-GOjrrMPpmrMf-_gpX2ZMVIoWROgkjq0BsaltncRp54Z-ID2Y6BlNn-Ox2Nqxp7UBbvL7i9iEfoBHO7rR31zyzMo214w1KG9EGHBZuySKxuZl0tJ4yPE_wY3GIlzrVrs-n4U_PF8SmRASNfuNOkb7yR6e9mzsJs3_9q2exOjMc4HiBXpBH2eM7mWsl04x21Ljro1_gDOc7D5WwSbMNbNvEtmf-ChM-xr88BZSu0GIkViwq1y4HbRCEoRWKQZ1ojsPqgPgvlbGlUbz-u3xWOZRUKxa_osmjM2iTI0ZHT3crZDxuk8BTYiP5QBboPax3MC6F8OfyRjK8n-BcReHy3DNiYpyOjvumBI0FXSalcWBFIj4IbRoUu2zyOb6kHSI1uYrrfoN7g6nIy8ynqtWusxfwPTEeWRx6xz_9IHeVQqnAXir_nvS4ggDhmS-sKbzhkY3zJDWEGEEkvE3_jdqcwHtIV8yOejBijHWMW3TYHORNV2HwYNVkbNt7fUYRqXPBsURhwTqiDfGj-g377PXeVD1sNXliq06KyKp5q158-yAFFK9S50oOWGHquzelIlcsP9mKYmaN6sD-fCJPYCOkTnOx1LHpBCG3zJxI_dBV89MsaaCiA6pN_E8W68fIq6e8b0iBTvwq60QX_oJCpf3rJURfcgzFjwFy-M5XlkP94ro3DkHUSJYQx8WvsKNYbr7rfy8ogEYYbPQKNQa8T_WkGeFjJjTuFoR1wb34zok3DZu46XLEl_crB_V-rP4R3-KW8m3TzHgl3CV55T9K142VI0fPzCPA_Q_4d0nbFNRk3f61PHUms1y2Z9m9qHy6wb60VGv-S7NehAGEo32c5VNCj6RdjiMJmi4gUdN-DQwjwdTpVaqON9gNX7V0dEZpHNmQLTAnY5oD7YyRQwkG6_JbKdwRRaMaUcN9u2mm6kgkPkbxxghNWEAASYvvdD4puRiLTnWIC21TmvtGBQweo5ISxrTTxEt8Zgp263Gw0ew-l-Y0018yFMqGX-vVJkGm-1b13aqs9Ba66TgPt30h26IGsdz0-lZtNjbCSLhKFQhiCWutrF2Qq-sY19j67-A0fPU-Yc27e1zmfngDPodZWTEQ_o25TaeuULjkTNtMATXz4AQ9-hYSwI9-KRVJWeYU&cid=CAASJ-Ro9p3OqXxmnOamTASwl4MRLKDH8PZK1KZuWeqfAhQdhKipOlfWIQ&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Frame ID: CD59A76DBC9D018AA9963B745C544EDA
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BAF8A8A396FFE713400B4E0016E61471
Requests: 3 HTTP requests in this frame

Frame: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F8CEE201266763334BF506421D54CCBC
Requests: 18 HTTP requests in this frame

Frame: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 28F1D3185E0344C453EEACD1A42E2DD9
Requests: 14 HTTP requests in this frame

Frame: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F4430224A77FE986AD7488D3B4573B3
Requests: 18 HTTP requests in this frame

Frame: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 41A3879D6069D349C60F6C919FA331B3
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/3771812/1845205225853235/index.html
Frame ID: 32727F4D1C2E80702EF4FE1FAA9A6B2E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 353918EB0A878EB40C26CF3C8B7079D2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 205B30B6D5C376DA13579F28B81B93FE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi33IvIATAB&v=APEucNXTYt6J1GEL5Wrh9reZrgg48j1Ul0oiWf7DwbL-HslknVVxNswQTU46rzDbg8Ea17YoCXkM4CPAYWJ60K4a0FEblPEpgA
Frame ID: 06D973D1088C836DF940C19B7F881361
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhjC3pfHATAB&v=APEucNWYhAAbE7KFTvlWPOSeO2HROMQyTxPlNX08o5Lgu0WDpPrRFnUHP8fOaU-lUCXsUZ2lrfyrOkR0UnPWg7tmZ0z3IOyJjQ
Frame ID: 8FAAC8D4A75AB06648B971B251528EC7
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Frame ID: D812A34EBE737D927AF2E6F95F53C261
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Frame ID: AC9672700BA482093720B30B36B14E3A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
Frame ID: 6B549E3245081C780A35FAC1CFF17F8F
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC82CCF5FA74C07E8D62EABF70F31CA6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8535F33B116DAE59F38A0CF61813A43
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A59C1FE04248F81026F2AB48B54FAD50
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16BC66D90E6F87BA4E49754D6BFB7222
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: E441FAF27DE174DC569ABB13B78A3D44
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: DA8883615581939E7FED235462448988
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Frame ID: 0BF08A434DEC87398D5D248BBCFA29BA
Requests: 6 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6EFBA6E3F14B1E1B8A382E6A011A0D68
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 6FE91B5EDC986DDFA86758BE78093E63
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C22C60F3A1785FEC9528DC2CA8E01C93
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 626DCF40181577B66236ECE42D6898F4
Requests: 23 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 0671600C06DF2AB57FEAF7CF9ACE7DFD
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D6918FCF3C60F09D1BC9EBDCB05FD71E
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Frame ID: 12CD72A3548D09D4A5FED82FD4869173
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: AC96A6796091CE53FFB8CA4046E74EA3
Requests: 14 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 4352D2DE403AD21DF9127C5626EE7E7D
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 65BA0DE9FDA80C949D8BA0E2DBD518B7
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 84BFCC980880E33E42BE8DE66F8E9616
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 403C373C182CFD793CAE9D67DB377F15
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 54B9218589FBED3D6AA14AB9B56DC15A
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F0E6ED808AA0BC9F15DFDD58332A4CEB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2A23D03C87AB99F9D7822FAB6150E4B9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C8096CDC65207D8F9AC42AB1459A69CC
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2935516401455679000V10&type=rkt&refUrl=&vid=05500456982935516401455679000V10&ovsid=970033154777882003
Frame ID: C666B1B96E0781F0FF93D5BD9AEE7D99
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=023E2F6B-2403-431A-8776-9CD4F5387396
Frame ID: 30704FE363903C528E63F4223B6BF01A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YmFlGwAWPMpOGwAy&gdpr=0&gdpr_consent=
Frame ID: E1D033FAD876A61A3139DF03A721F7C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&gdpr=0&gdpr_consent=
Frame ID: 53C2D89B85E35F7D978C4C155E716CC5
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Frame ID: 0915FDC021AAC3020CE5B89A8D45B6C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7BF02473C6B471CF9916938F5E0893D4
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9C55B7A33F62D225D10649446A250849
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Frame ID: AFE4E2E18D1E786B520FCC10303B1282
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5f37edc2-c17c-11ec-b66f-79feb2a2c73e
Frame ID: 2BF4B4DECD8F338B12DFE1C37950FF71
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=023E2F6B-2403-431A-8776-9CD4F5387396
Frame ID: 10206817B262816E96399AB530E55353
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 30E94AE285C5A643CC5174932876489B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:vm900jVJ1NHxsV5&gdpr=0&gdpr_consent=
Frame ID: 52BDC7DBC7896C48BC0C5912A5E83C32
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664619934089
Frame ID: 9120A29EE552310FEE779E79F965E906
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 7AA91BBD544046F63F72AB5BBEB4145D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7038364451691127419
Frame ID: 6223D4857D8CBBD24ACEE4CFC35D9606
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: B941BFCCD188457FE56F0B88A0AA36D0
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=33c839b9-3596-4b17-9c40-2f22e5351973-tuct95aeaa0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 2DADB7AC4D530912DBF4CFCC9B3FE4C0
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?dspid=6&uuid=76FDC54144714F12816F67C0F1455CDB
Frame ID: 2CC8209D8F187F225E9EB88D2AC7E3B9
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 7C5E48D668EC50A813C8939D1C2D5B0A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B218AED8B3D5AA2917145C23C8351106
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=92731aac-b216-447b-a1d9-45ec9c0bdc5b
Frame ID: 01B945D66B6685F05A741792E0FFD586
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Frame ID: AF530BD293AE8BD55F26E6BF109C3EF5
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 92A51FFDC585C3CFFE1C4C5202022896
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6676370c-cb38-417c-9a6d-3a5538d26582
Frame ID: D44A51E66B5AB879C93F40DC54C3DD4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
Frame ID: EAB813205FDD9102CB8ED6A774C7ADA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ccdecode - rundll32.exe streamci, StreamingDeviceSetup - Program InformationFacebookTwitterLinkedInRedditHacker NewsEmail

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

558
Requests

68 %
HTTPS

20 %
IPv6

120
Domains

200
Subdomains

111
IPs

9
Countries

3525 kB
Transfer

9406 kB
Size

227
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 48
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 53
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650550038489&ns_c=UTF-8&cv=3.5&c8=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650550038489&ns_c=UTF-8&cv=3.5&c8=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&c9=
Request Chain 138
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 143
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=76FDC54144714F12816F67C0F1455CDB&ex=simpli.fi&status=ok
Request Chain 144
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI5Q HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI5Q HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=wAFWSgI4rKGtqFSiHetv
Request Chain 145
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7d9eccc6d0701223&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcYxJqjLrHAN-4FBiAAAAAAA&expiration=1650636439&is_secure=true
Request Chain 146
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOMyb-I4qy8rNxwR_-xwYD85pTlxMS_-7kjjiCtQ
Request Chain 152
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8298961850055676383&ex=appnexus.com
Request Chain 153
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 154
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1011297303317820384187
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NU94eDFIVEZNMTI5bGFFdUZmTTRmQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=NU94eDFIVEZNMTI5bGFFdUZmTTRmQQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOwpgT8GJX71xQ0q37Ytels&google_cver=1
Request Chain 159
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=7e3c5a034f7a1223&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGcTFWsJat2gMhRw9lAAAAAAA&expiration=1650636439&nuid=&is_secure=true
Request Chain 160
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341%2526gdpr_in_effect%253D%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341%2526gdpr_in_effect%253D%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341%26gdpr_in_effect%3D%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341%26gdpr_in_effect%3D%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr_in_effect=&gdpr_consent=
Request Chain 165
  • https://ums.acuityplatform.com/tum?umid=27&uid=e6035e59639ec77fc6ef41ae&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=66&3pid=664619934089
Request Chain 166
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=08e421e7-ae6f-40aa-912c-21b9b0b66530&gdpr=0&gdpr_consent=
Request Chain 167
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=8RnuZY7TXGpSriqslf2s&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 168
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=L292VL5G-12-AFRI&gdpr=0
Request Chain 170
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=8298961850055676383&pn_id=an
Request Chain 171
  • https://x.bidswitch.net/sync?&ssp=yieldmo HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo HTTP 302
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=&_bee_ppp=1
Request Chain 172
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Request Chain 173
  • https://sync.srv.stackadapt.com/sync?&nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Request Chain 174
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp HTTP 302
  • https://sync-pp.ads.yieldmo.com/sync?userid=qLrMiP7PILrj&ev=1&pn_id=pp&pid=561118
Request Chain 177
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
Request Chain 178
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
Request Chain 179
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
Request Chain 180
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1&C=1
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmFlGfV39O7YkU9AHCXGRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKco65gxobzSSnm4YSVMPVU&google_cver=1
Request Chain 205
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5ODk2MTg1MDA1NTY3NjM4Mw%3D%3D
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
Request Chain 275
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDYwNjM5NjEtM2RkZS0yMDJjLWUwYmItZTQzMTBkYTk2YTkw
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENUynPoSw9OjJAAy48ELQYc&google_cver=1
Request Chain 277
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzExMDViYzktZmQ3MS00ZjE0LWI4YmEtMmI4YzMwZDgwYjdl
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESELqErexBl3ZBAPulTiPBH00&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECNBR2CscTosOXMRBG0nSug&google_cver=1
Request Chain 280
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=5dc86a0a-c17c-11ec-a32c-144e8b5f0403 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWRjODY5YTQtYzE3Yy0xMWVjLWEzMmMtMTQ0ZThiNWYwNDAz
Request Chain 284
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELwduY_NeY-MNzkPHm7Yckg&google_cver=1&google_push=AYg5qPLwaW1DIWhtbQ-GRxr9pkdf2gE5Es374wglI1VvyBlEqWI__qdlHMXkSpXGIvSboSkF796h71_kKHwqm4AGWeMIZbhjkWlb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLwaW1DIWhtbQ-GRxr9pkdf2gE5Es374wglI1VvyBlEqWI__qdlHMXkSpXGIvSboSkF796h71_kKHwqm4AGWeMIZbhjkWlb
Request Chain 285
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEPx3ppmiMo2yzvYB9q0EuPc&google_cver=1&google_push=AYg5qPLfrS7Tlk_EYn4359cz2790eG2eOcb5su21NjjQcn5u6QzAvS5cpxaPA6Qlp2VJnlg-Rvu8_sppOudY_Yl_KKoTGSaiYyTT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLfrS7Tlk_EYn4359cz2790eG2eOcb5su21NjjQcn5u6QzAvS5cpxaPA6Qlp2VJnlg-Rvu8_sppOudY_Yl_KKoTGSaiYyTT
Request Chain 286
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEMdKq3tx3XYtVXeGNhN47OQ&google_cver=1&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8gdShfxt1u55lFUPaB6Ix6SjN-56FPwnsiaYDOokbJgoK_3tTm0 HTTP 302
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEMdKq3tx3XYtVXeGNhN47OQ&google_cver=1&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8gdShfxt1u55lFUPaB6Ix6SjN-56FPwnsiaYDOokbJgoK_3tTm0&prevuid=04030001_6261651b5e4ff&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8gdShfxt1u55lFUPaB6Ix6SjN-56FPwnsiaYDOokbJgoK_3tTm0&google_hm=MDQwMzAwMDFfNjI2MTY1MWI1ZTRmZg%3D%3D
Request Chain 287
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLxzcZHkguFpB-ZTLS1-sfmoZMhaScIJvcRez6B0054P6zBIUX_5-a_k8IVqToYl-AID1F-TX6ghSxI25GHYehda0H4C9Fr%26google_hm%3D%5BUID%5D&google_gid=CAESEDuydW05iu4unQ0-i7O9Dnk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLxzcZHkguFpB-ZTLS1-sfmoZMhaScIJvcRez6B0054P6zBIUX_5-a_k8IVqToYl-AID1F-TX6ghSxI25GHYehda0H4C9Fr&google_hm=fb4985c7-87a3-4bfb-91be-d9ed158d0390
Request Chain 288
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEJpebRvJWGznM7Og_vzH3c&google_cver=1&google_push=AYg5qPIEkW84fJap75b0f_715C8KNTHN6Eap3ZYjyZWm6OfWdER6PLQObWzagQuYw_aExBw0-qCwRqLP-849Egji9jfn852wCmuY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIEkW84fJap75b0f_715C8KNTHN6Eap3ZYjyZWm6OfWdER6PLQObWzagQuYw_aExBw0-qCwRqLP-849Egji9jfn852wCmuY&gdpr=&gdpr_consent=
Request Chain 289
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEEvtNvRhEV4DRMMExGVlRBg&google_cver=1&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESEEvtNvRhEV4DRMMExGVlRBg%26google_cver%3D1%26google_push%3DAYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://rtb2-useast.torchad.com/sync?adkuid=A3529571638518424481&exchange=309&google_gid=CAESEEvtNvRhEV4DRMMExGVlRBg&google_cver=1&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH
Request Chain 295
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED6kVvlJaloA7Pa4Nb4KD-o&google_cver=1&google_push=AYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6kVvlJaloA7Pa4Nb4KD-o&google_cver=1&google_push=AYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 296
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEeK8oemYWKbXJZ6k0ZCRPc&google_cver=1&google_push=AYg5qPK2IV4WzytjNSufQ29UFI2iAS5xhzdjCVltu6XVi1KIHCOvUWr-cHBplOpUU09yMzcjd8gERynMYrHB4nBvW-Pjm5vFww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeK8oemYWKbXJZ6k0ZCRPc&google_push=AYg5qPK2IV4WzytjNSufQ29UFI2iAS5xhzdjCVltu6XVi1KIHCOvUWr-cHBplOpUU09yMzcjd8gERynMYrHB4nBvW-Pjm5vFww
Request Chain 297
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEPx3ppmiMo2yzvYB9q0EuPc&google_cver=1&google_push=AYg5qPLqsYOrXWnu_kCtKvKqNOGYoh5x2Cb4NsUqStzacEfvSDKm54r4umG7xYmzrU1B0QK1E6nnto3b972h29yDerNM5cg-UuE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLqsYOrXWnu_kCtKvKqNOGYoh5x2Cb4NsUqStzacEfvSDKm54r4umG7xYmzrU1B0QK1E6nnto3b972h29yDerNM5cg-UuE
Request Chain 298
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEONLWSmme0CyPvAagjlmryU&google_cver=1&google_push=AYg5qPIxcXCUrP2F_kmbUJ5LDLOw28qDNEiIdfO1qkeVV-fTyeVDhx68Ya2HES_CnbkaJs1wQsXZQqnbn3m5SO3YengzpeM7Mdc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPIxcXCUrP2F_kmbUJ5LDLOw28qDNEiIdfO1qkeVV-fTyeVDhx68Ya2HES_CnbkaJs1wQsXZQqnbn3m5SO3YengzpeM7Mdc
Request Chain 299
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEJpebRvJWGznM7Og_vzH3c&google_cver=1&google_push=AYg5qPLrMNk_cbhL2gj8JjO_XvBdX5H2k9F-rGUdUM8Ar6lqpp_ZIOXED8JUtmNmYQjenPLOg3wHHQZg30Cg5nMNDnQheRROwOU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLrMNk_cbhL2gj8JjO_XvBdX5H2k9F-rGUdUM8Ar6lqpp_ZIOXED8JUtmNmYQjenPLOg3wHHQZg30Cg5nMNDnQheRROwOU&gdpr=&gdpr_consent=
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBd8lf926hZfg2yjuEFxJVI&google_cver=1&google_push=AYg5qPJ73PtP4cIwee10yLsCc6ipnH-2h2MWO6ROjhECoKp4sTZAACic1YaX9IDfDaPgRxyFTvfEZeDVEfn6ZzQrmBrZs3tLoSM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RRm1Edlk5RTJ1RXAuMTdfc3dzbXlseWcuTi4wZEhGdn5B&google_push=AYg5qPJ73PtP4cIwee10yLsCc6ipnH-2h2MWO6ROjhECoKp4sTZAACic1YaX9IDfDaPgRxyFTvfEZeDVEfn6ZzQrmBrZs3tLoSM
Request Chain 301
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMGcsXm4tjkLWlMfT3SgwZE&google_cver=1&google_push=AYg5qPL9wGcqbSZRaM4ziCEGvEKdIq2fTkVpck3pPoKX1xzxRcrw7W83qCWXz-8zja8x6u3jfFCpUHeH5hg-DFCiIgaT0qQ7zS_C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWNiNzZhYjAtZTEzMi00YjJmLThmZDctY2M3ODRhMzQ0MTli&google_push=AYg5qPL9wGcqbSZRaM4ziCEGvEKdIq2fTkVpck3pPoKX1xzxRcrw7W83qCWXz-8zja8x6u3jfFCpUHeH5hg-DFCiIgaT0qQ7zS_C
Request Chain 324
  • https://ad.doubleclick.net/ddm/activity/src=2507573;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Request Chain 327
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJx2_Rn7oIWT_WpEcsoS6hiY7y4Y7yFxjW6csP_r0P0z5WhJ3aghQeJvqSzWYODfIiZX_YLPyFFyreSPBfcR1meZFwShUA&google_gid=CAESEAjBYNlem0eLck6JvW0RPTI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1GbEd3QVdQTXBPR3dBeQ&google_push=AYg5qPJx2_Rn7oIWT_WpEcsoS6hiY7y4Y7yFxjW6csP_r0P0z5WhJ3aghQeJvqSzWYODfIiZX_YLPyFFyreSPBfcR1meZFwShUA
Request Chain 328
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLXF9_fOQoQITSgwp9qfpTEfMcMLY6ndPHKDCYTk6MLzSY_6yGHOaimi-KET5E1q0JVBn2_TQKgVHmJ0bc8w81O1GuxiD8&google_gid=CAESEOAF0MLN_8VxaQEylwM9GlY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjExNDA3MTg3NDIwMDc2OTM3MDMzNg%3D%3D&google_push=AYg5qPLXF9_fOQoQITSgwp9qfpTEfMcMLY6ndPHKDCYTk6MLzSY_6yGHOaimi-KET5E1q0JVBn2_TQKgVHmJ0bc8w81O1GuxiD8
Request Chain 329
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPosetiNr2rbDNes30nra0k&google_cver=1&google_push=AYg5qPIUiWgTmJgpIuWkgUy2bVv0k-6xsg1Hz_vY3xUVUfCVZk7A0nzgjRlIorAJzXmbRbKYTcjGmwBm-WW81Vc4it0pPNjGOpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUiWgTmJgpIuWkgUy2bVv0k-6xsg1Hz_vY3xUVUfCVZk7A0nzgjRlIorAJzXmbRbKYTcjGmwBm-WW81Vc4it0pPNjGOpQ&google_hm=JT9gl10vx6YTL_I_FFKeSg==
Request Chain 330
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP3fNs972eCnuZ6TN-kL8eM&google_cver=1&google_push=AYg5qPKApIQ70hqQFpf8dv09hYJyDWb_DSUo1oM4WEEvFkcasu5eXKT0IMygCkakdiLjcR1hDdGlk9zqPUafqNuDZBvJZjWZHw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP3fNs972eCnuZ6TN-kL8eM&google_cver=1&google_push=AYg5qPKApIQ70hqQFpf8dv09hYJyDWb_DSUo1oM4WEEvFkcasu5eXKT0IMygCkakdiLjcR1hDdGlk9zqPUafqNuDZBvJZjWZHw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qZa_N1MLQtOLu8hCE3Ia-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKApIQ70hqQFpf8dv09hYJyDWb_DSUo1oM4WEEvFkcasu5eXKT0IMygCkakdiLjcR1hDdGlk9zqPUafqNuDZBvJZjWZHw
Request Chain 331
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQxtGL8ckmsCKWNFaIFTDE&google_cver=1&google_push=AYg5qPJtjylIgVPgaLanYD0AHT7k_48C4P5Af5t-kgz2CIqMAy3dsJJUWRVcaU2XO8L4m8ldEB9rCOfY6m-5p3HO9WYjzD_h1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPJtjylIgVPgaLanYD0AHT7k_48C4P5Af5t-kgz2CIqMAy3dsJJUWRVcaU2XO8L4m8ldEB9rCOfY6m-5p3HO9WYjzD_h1g
Request Chain 332
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1
Request Chain 333
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEFtkxK1wZrfBR3Jqdp2Ijp0&google_cver=1&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9
Request Chain 336
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEHhe9-0JozPJxBrf20sZva8&google_cver=1&google_push=AYg5qPJzNumjaJhHgy0GPSwpO-9IgKxXoFRxI-rivcDnJq9Brb0LpW4F6gvl0Tk3xhWVy4h28L08DgllBOtCcxoMzbhA4rPml4QE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPJzNumjaJhHgy0GPSwpO-9IgKxXoFRxI-rivcDnJq9Brb0LpW4F6gvl0Tk3xhWVy4h28L08DgllBOtCcxoMzbhA4rPml4QE&google_hm=MTA1OTU0MjE4MTQ0MzgzNDY2MDE
Request Chain 337
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPosetiNr2rbDNes30nra0k&google_cver=1&google_push=AYg5qPKO9i8SWlTghRHfYJGAwVqY2ribsFpFvHzQkSZRPALy1PiYUN-SII1xDTXjizRmss0jvMvdgXGBJT1kLu9cI8WnjH2Ty4K_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKO9i8SWlTghRHfYJGAwVqY2ribsFpFvHzQkSZRPALy1PiYUN-SII1xDTXjizRmss0jvMvdgXGBJT1kLu9cI8WnjH2Ty4K_&google_hm=JT9gl10vx6YTL_I_FFKeSg==
Request Chain 338
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP3fNs972eCnuZ6TN-kL8eM&google_cver=1&google_push=AYg5qPJPSsxE6iIFc_kOLHut8Db5fkLMfnBNMVeZcq5TYYBScA6RcJKEVzAp5h4RuSgMTfRl2RVdvtrUXzXaCcqPcve0oswfXfBS HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP3fNs972eCnuZ6TN-kL8eM&google_cver=1&google_push=AYg5qPJPSsxE6iIFc_kOLHut8Db5fkLMfnBNMVeZcq5TYYBScA6RcJKEVzAp5h4RuSgMTfRl2RVdvtrUXzXaCcqPcve0oswfXfBS&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Aj4vayQDQxqHdpzU9Thzlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJPSsxE6iIFc_kOLHut8Db5fkLMfnBNMVeZcq5TYYBScA6RcJKEVzAp5h4RuSgMTfRl2RVdvtrUXzXaCcqPcve0oswfXfBS
Request Chain 339
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQxtGL8ckmsCKWNFaIFTDE&google_cver=1&google_push=AYg5qPIuQTbIJ5DJYPX2UzslU6jC74aaFegTFSvFQrEpOn3z3j9iJS_qkm_zz7UiBoyVNBUO3LmduhkZpSjO-ydg-4b7cUr8ESpm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPIuQTbIJ5DJYPX2UzslU6jC74aaFegTFSvFQrEpOn3z3j9iJS_qkm_zz7UiBoyVNBUO3LmduhkZpSjO-ydg-4b7cUr8ESpm
Request Chain 340
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO
Request Chain 341
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEFtkxK1wZrfBR3Jqdp2Ijp0&google_cver=1&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54
Request Chain 352
  • https://gcdn.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/273E46980D8F72555E80CE597B7926063ABDEFA4.B212B004F814E40FC7C99C182617A125A6787199/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/165E8D88530B710251271C1C13C5AC69BEC06417.15C4A29E46C02C1F4FE23FBE178478C5EC86BB7A/key/cms1/cms_redirect/yes/mh/FL/mip/2607:5300:60:7867::11/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1650549143/mv/u/mvi/1/pl/32/file/file.mp4
Request Chain 367
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Request Chain 382
  • https://sync.bfmio.com/syncb?pid=126 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Request Chain 383
  • https://sync.1rx.io/usersync2/sortable HTTP 302
  • https://sync.1rx.io/usersync2/sortable?zcc=1&cb=1650550045597 HTTP 302
  • https://c.deployads.com/cs/r1?b=OPTOUT
Request Chain 384
  • https://x.bidswitch.net/sync?ssp=sortable HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sortable HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033154777882003&expires=30&ssp=sortable HTTP 302
  • https://c.deployads.com/cs/bswt?b=1f1345a2-d50a-4715-8469-b318f811a70d&i=
Request Chain 385
  • https://ssc-cms.33across.com/ps/?ri=0013300001cFpYHAA0&ru=https%3A%2F%2Fc.deployads.com%2Fcs%2FACRS%3Fb%3D33XUSERID33X HTTP 302
  • https://c.deployads.com/cs/ACRS?b=211700591296696
Request Chain 386
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fc.deployads.com%2Fcs%2FADMX%3Fb%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=index_rtb&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=YmFlGeWVK2rxHCPvkD15-QAA%26188 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/2/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=appnexus&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=8298961850055676383 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/4/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=sovrn&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ==&uid=e6035e59639ec77fc6ef41ae HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F5%252F340%253FA%253Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%25253D%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8298961850055676383 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:db770658-fd94-4b00-ae5d-c384f343dce5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%253D%253D%26uid%3D023E2F6B-2403-431A-8776-9CD4F5387396 HTTP 302
  • https://prebid.a-mo.net/cchain/5/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=pubmatic&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=023E2F6B-2403-431A-8776-9CD4F5387396 HTTP 302
  • https://c.deployads.com/cs/ADMX?b=baa9aeef-6266-43cf-ad20-188fa1d22bf1
Request Chain 387
  • https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=themediagrid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2723265135857761152&ssp=themediagrid
Request Chain 388
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&dongle=0cfd
Request Chain 389
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxMTI5NzMwMzMxNzgyMDM4NDE4Nw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJPsdJzCDdg21uXtrM0IddM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 391
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxMTI5NzMwMzMxNzgyMDM4NDE4Nw%3D%3D
Request Chain 392
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1011297303317820384187&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1011297303317820384187&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4cc30f51-5c33-4a30-8bcb-09e4b5be4e21&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4cc30f51-5c33-4a30-8bcb-09e4b5be4e21&_noobservation=1&_expected_cookie=4b09c94fe27a10205d5c1152577c26f4
Request Chain 393
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1011297303317820384187?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rH2QT1hE2oRRAKAePHRyQcVetFpBA76OUuQIsu15sA--~A&dongle=0883
Request Chain 394
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1011297303317820384187&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1f1345a2-d50a-4715-8469-b318f811a70d HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1f1345a2-d50a-4715-8469-b318f811a70d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=80a15a6d-6229-4720-8f89-95fa346d419e&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1f1345a2-d50a-4715-8469-b318f811a70d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 397
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5O5AUMV2TM5ETI4SLI52HCRSTNFEGK5DW&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5O5AUMV2TM5ETI4SLI52HCRSTNFEGK5DW HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=wAFWSgI4rKGtqFSiHetv
Request Chain 401
  • https://match.prod.bidr.io/cookie-sync/trl HTTP 303
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAIdlU7EwsoAADogEYxYGw&dongle=bzwx
Request Chain 402
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 403
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-b82eef33-16fc-4c8c-67d7-d64e2c6c3455$ip$149.56.153.188&dongle=4430
Request Chain 404
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YmFlGwAWPMpOGwAy&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 405
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8298961850055676383&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 406
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=ee91c4ed-dc53-4d14-abcb-71c8ab4b15ca&dongle=31ac
Request Chain 407
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2742146992366196957&dongle=d407
Request Chain 408
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=531e6261-651e-4700-a49f-e49486105ad2&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 413
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
Request Chain 414
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIncqFkwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIncqFkwYSBAgCEABCAEoA&google_gid=CAESEANxlnNlqyS8g56_l4Ml-Vc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ec09a8a2-4704-473f-a5f4-f18ce13b65cc
Request Chain 415
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
Request Chain 417
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2814204586404124893&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 418
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
Request Chain 420
  • https://match.adsrvr.org/track/cmf/openx?oxid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
Request Chain 423
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099 HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
Request Chain 424
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokYWZhZjk1Y2QtMzllZS00OGU4LWFhMjItM2U3YmZlZDBjNTI4EAAaDQidyoWTBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPLWEynElm2nTYnTiF-d42Y&google_cver=1
Request Chain 425
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
Request Chain 427
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2958319774479980765&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 428
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
Request Chain 430
  • https://match.adsrvr.org/track/cmf/openx?oxid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
Request Chain 438
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Drkt%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2935516401455679000V10&type=rkt&refUrl=&vid=05500456982935516401455679000V10&ovsid=970033154777882003
Request Chain 439
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dcon%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7882e5c194561222&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dcon%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500456982935516401455679000V10&ovsid=AAAGcTFWsJavVwMwmj7TAAAAAAA&expiration=1650636445&is_secure=true
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dmma%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500456982935516401455679000V10&ovsid=299c6261-651d-4600-8dda-ad435d1fd6f6
Request Chain 441
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500456982935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
Request Chain 442
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=71d66e19-1b20-45ab-b01a-e06433e4462c&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 444
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dzem%26refUrl%3D%26vid%3D05500456982935516401455679000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI5RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDKNJQGA2DKNRZHAZDSMZVGUYTMNBQGE2DKNJWG44TAMBQKYYTAJTWONUWIPJSHEZTKNJRGY2DAMJUGU2TMNZZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI5RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDKNJQGA2DKNRZHAZDSMZVGUYTMNBQGE2DKNJWG44TAMBQKYYTAJTWONUWIPJSHEZTKNJRGY2DAMJUGU2TMNZZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500456982935516401455679000V10&vsid=2935516401455679000V10
Request Chain 445
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2935516401455679000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2935516401455679000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=80a15a6d-6229-4720-8f89-95fa346d419e&cs=1
Request Chain 446
  • https://id.rlcdn.com/710489.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCJ3KhZMGEgUI6AcQAEIASgA
Request Chain 447
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Request Chain 448
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2935516401455679000V10 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
Request Chain 449
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
Request Chain 451
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
Request Chain 452
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
Request Chain 453
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 454
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2723265135857761152&expiration=1651759645
Request Chain 455
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YmFlGwAWPMpOGwAy
Request Chain 456
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bef5e2c-0469-8032-2d783d2c
Request Chain 461
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YmFlGwAWPMpOGwAy&gdpr=0&gdpr_consent=
Request Chain 462
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&gdpr=0&gdpr_consent=
Request Chain 463
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Request Chain 464
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 466
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Request Chain 467
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5f37edc2-c17c-11ec-b66f-79feb2a2c73e
Request Chain 468
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=461b852e-81df-495a-a6cd-a8aee7ab54d0&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=023E2F6B-2403-431A-8776-9CD4F5387396
Request Chain 470
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:vm900jVJ1NHxsV5&gdpr=0&gdpr_consent=
Request Chain 471
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664619934089
Request Chain 472
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650550045841 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 473
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7038364451691127419&uid=Q7038364451691127419&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7038364451691127419
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Aj4vayQDQxqHdpzU9Thzlg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 475
  • https://idsync.rlcdn.com/420486.gif?partner_uid=023E2F6B-2403-431A-8776-9CD4F5387396 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=afaf6261-651e-4600-b56e-8557845f8d6c
Request Chain 477
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDIzRTJGNkItMjQwMy00MzFBLTg3NzYtOUNENEY1Mzg3Mzk2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkebkZzO_GXXwW1aKKm0ac&google_cver=1
Request Chain 479
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
Request Chain 480
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8146466545210792157&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 481
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Request Chain 483
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=023E2F6B-2403-431A-8776-9CD4F5387396&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mce4HUJE2uXKKWt6nVZbo6DBH8aT7ng-~A&gdpr=0&gdpr_consent=
Request Chain 484
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=f205bcd1e4e1224&is_secure=true&networkId=17100&version=1&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTFWsJavaAMOqpgnAAAAAAA&expiration=1650636445&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 485
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX
Request Chain 486
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&gdpr=0&gdpr_consent=
Request Chain 487
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8298961850055676383&gdpr=0&gdpr_consent=
Request Chain 489
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b7589596-4aa2-4d21-be2f-603674503f61&expires=1&user_group=5&ssp=pubmatic&bsw_param=1f1345a2-d50a-4715-8469-b318f811a70d HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 490
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_EEAE3886_15846FEA&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 491
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr=&gdpr_consent=
Request Chain 492
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2723265135857761152
Request Chain 493
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A94D67BC54
Request Chain 496
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
Request Chain 497
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1f1345a2-d50a-4715-8469-b318f811a70d&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10595421814438346601&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=95e8d339-28de-45ae-89fa-cfd5a9bc743f&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214740604128008332925&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10595421814438346601&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 498
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2935516401455679000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2935516401455679000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=55d1baff-9d73-4e6a-9d45-efd47b5011f8&cs=1
Request Chain 500
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Request Chain 501
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2935516401455679000V10 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
Request Chain 502
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dcon%26refUrl%3D%26vid%3D05500458472935516401455679000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7b78934105261222&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dcon%26refUrl%3D%26vid%3D05500458472935516401455679000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500458472935516401455679000V10&ovsid=AAAGcNZjkwLG6wN-WkbSAAAAAAA&expiration=1650636445&is_secure=true
Request Chain 503
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dmma%26refUrl%3D%26vid%3D05500458472935516401455679000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500458472935516401455679000V10&ovsid=a7de6261-651e-4700-8e5f-a270844f9ad6
Request Chain 504
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500458472935516401455679000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500458472935516401455679000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500458472935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
Request Chain 505
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dzem%26refUrl%3D%26vid%3D05500458472935516401455679000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI5RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDKNJQGA2DKOBUG4ZDSMZVGUYTMNBQGE2DKNJWG44TAMBQKYYTAJTWONUWIPJSHEZTKNJRGY2DAMJUGU2TMNZZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI5RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYDKNJQGA2DKOBUG4ZDSMZVGUYTMNBQGE2DKNJWG44TAMBQKYYTAJTWONUWIPJSHEZTKNJRGY2DAMJUGU2TMNZZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500458472935516401455679000V10&vsid=2935516401455679000V10
Request Chain 507
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___ HTTP 302
  • https://dmx.districtm.io/s/10022/664619934089
Request Chain 508
  • https://p.rfihub.com/cm?pub=36496&in=1 HTTP 302
  • https://dmx.districtm.io/s/10056/970033154777882003
Request Chain 509
  • https://match.sharethrough.com/1PQ8qgv7/v1/ HTTP 302
  • https://dmx.districtm.io/s/10059/acb76ab0-e132-4b2f-8fd7-cc784a34419b
Request Chain 511
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=286vr5EAbQqFk6575TO4djZE1M2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=1f1345a2-d50a-4715-8469-b318f811a70d&google_hm=MWYxMzQ1YTItZDUwYS00NzE1LTg0NjktYjMxOGY4MTFhNzBk HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKQtm0mfm7OBXMu8WaUZxEM&google_cver=1&ssp=districtm&bsw_param=1f1345a2-d50a-4715-8469-b318f811a70d HTTP 302
  • https://dmx.districtm.io/s/10009/1f1345a2-d50a-4715-8469-b318f811a70d
Request Chain 512
  • https://us.creativecdn.com/cm-notify?pi=districtm HTTP 302
  • https://dmx.districtm.io/s/10027/8RnuZY7TXGpSriqslf2s?pi=districtm
Request Chain 513
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&rurl=//dmx.us-east-29.districtm.io/s/10007/ HTTP 302
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=43b8d7a2ff011222&is_secure=true&version=1&networkId=33921&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&rurl=%2F%2Fdmx.us-east-29.districtm.io%2Fs%2F10007%2F HTTP 302
  • https://dmx.us-east-29.districtm.io/s/10007/AAAGcTFWsJavaQNa6JRrAAAAAAA&expiration=1650636445&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&is_secure=true
Request Chain 514
  • https://sync.srv.stackadapt.com/sync?nid=132 HTTP 302
  • https://dmx.districtm.io/s/10026/uC7vMxb8TIxn19ZOLGw0VZU4mbw
Request Chain 515
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96 HTTP 302
  • https://dmx.districtm.io/s/10001/13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341
Request Chain 516
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent= HTTP 302
  • https://dmx.districtm.io/s/10057/y-KLAv8FJE2uGrlAmp4inR8.KwPZRGG0OcR7GlkZQ-~A
Request Chain 517
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==
Request Chain 518
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJmNTljYjM2OGM5YmYxYTBkM2VmMTEyODljOGM1YTRmMjBiMTY5Yg
Request Chain 520
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENgUP2VP57ZUSXQ481WEqgw&google_cver=1
Request Chain 521
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8lU678hqTFuKWTuoqLs2ng&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8lU678hqTFuKWTuoqLs2ng
Request Chain 522
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=&expires=30
Request Chain 523
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WYzSJC72xH2Xx8CfpGJh3cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4611340623556115414
Request Chain 524
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L292VL5G-12-AFRI
Request Chain 525
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
Request Chain 527
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
Request Chain 528
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
Request Chain 529
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8146466545210792157
Request Chain 530
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=9fHAIPX2xybu9c5zp6LbIvPyk3fu8pUg8_YUkFIa
Request Chain 531
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=531e6261-651e-4700-a49f-e49486105ad2
Request Chain 536
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 537
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=uC7vMxb8TIxn19ZOLGw0VZU4mbw&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3D10%26external_user_id%3D1f1345a2-d50a-4715-8469-b318f811a70d HTTP 302
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=1f1345a2-d50a-4715-8469-b318f811a70d HTTP 301
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
Request Chain 538
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650550045950.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fcms-xch-chicago.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=299c6261-651d-4600-8dda-ad435d1fd6f6
Request Chain 539
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Vs9T65NE2uGYLZnaHyGfep8WGAxMrvcz~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Vs9T65NE2uGYLZnaHyGfep8WGAxMrvcz%7EA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 540
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=271f064a9bf11221&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGcec8yOk9iwML--vrAAAAAAA&expiration=1650636446&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGcec8yOk9iwML--vrAAAAAAA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 541
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1653142046%26external_user_id%3D5169ee99-c653-4a21-a834-6b5fb8f9a4f6 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653142046&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Request Chain 545
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L292VL5G-12-AFRI HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L292VL5G-12-AFRI HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L292VL5G-12-AFRI&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 554
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=33c839b9-3596-4b17-9c40-2f22e5351973-tuct95aeaa0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 555
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=76FDC54144714F12816F67C0F1455CDB
Request Chain 558
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=92731aac-b216-447b-a1d9-45ec9c0bdc5b
Request Chain 561
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6676370c-cb38-417c-9a6d-3a5538d26582
Request Chain 562
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
Request Chain 564
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=023E2F6B-2403-431A-8776-9CD4F5387396&addseg=10,33,39

558 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request rundll32.exe_streamci_StreamingDeviceSetup-747.html
www.bleepingcomputer.com/startups/ 		48 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fab9effc5afa3bcb563e1d4581fcfac4d432951642be41070d036187408fcd7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
6ff6af66a9758c17-EWR
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 13:51:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Apr 2022 14:07:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Apr 2022 14:07:18 GMT
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1412140
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"624975547"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8Qe8OOEt%2BP9%2FIn4kW8lM4aq5F2Q2oyOI2%2FOkl1YlrgDdZCiL5i%2Brt7EqTXjlJc1PhrTg3d86sdZePvElUJzivL5GeIxCQGpGaC9ivMmPaeuFvvAuM9B%2FFufLkzGMq2AM%2B%2BvQ2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6ff6af6a0fd6541f-YYZ
expires
Tue, 10 May 2022 05:51:38 GMT
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b37f3d8aa5e1f298bf71477c945f576745020ce44f048ec67e19a93cd285372

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1425762
cf-polished
origSize=62676
last-modified
Tue, 27 Apr 2021 20:09:53 GMT
server
cloudflare
etag
W/"2761713618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iv8KCxdi0let80xiYsoQiWm6S6heZK%2FfCgQbA8N2Wj0RoujiF8vJyCveYpdNRf8zI6Z0Mb76%2FafRpp3mn%2F6MZh%2BSU53jWzMBaJY%2FX9LGz8eOp4DVFdhAHqMvMMlmJE%2F%2F3fSSiAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 10 May 2022 02:04:36 GMT
cache-control
max-age=3024000
cf-ray
6ff6af6a0fda541f-YYZ
cf-bgj
minify
startups.css
www.bleepstatic.com/css/redesign/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/startups.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f1a1b5d68ac28e8adcd19fcc648a0a3a9145fb2bc10f13a289212a7745c503

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1386824
cf-polished
origSize=18613
last-modified
Wed, 30 Jun 2021 15:51:16 GMT
server
cloudflare
etag
W/"1549110201"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy0tiWKRxDmtWkFLQ8Mfq2OZpLSF%2FGJxyZCIECO8sADaiTnfjfg38CB%2FAwtPiwtWS4VIr1zEd6dELAEcrTSsrECEDA43KDNlqHd6Us6z1D6PlQpCQ8nMbFlVlQDdDO3K7xB6VC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Tue, 10 May 2022 12:53:34 GMT
cache-control
max-age=3024000
cf-ray
6ff6af6a0fdd541f-YYZ
cf-bgj
minify
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1202
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
cloudflare
etag
W/"1177690299"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QOszvfjWNekXQs%2FCDamVmm0DRcE0SDKB6ucDzY8B%2Fn%2B3sNrjY3W89bEJwFCBiWYw3deQkDlgLXHw2rwFZIm%2F7jaZJ1DUeZygDu7DXi9nbVUxhyb4RkUsLO4xNls%2ByNCMByVesY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6ff6af6a0fe0541f-YYZ
expires
Fri, 08 Apr 2022 11:24:10 GMT
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1202
last-modified
Fri, 20 May 2016 01:26:30 GMT
server
cloudflare
etag
W/"2177127834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bn2tQci%2FrJrS%2B6RPsIglC7DLl6k1zykwWKAm86ue4RxS9uIOGZFiArFKGmVvIbQD1kaMuWO4X7PnavfE4abEVAlfqV0g8aLszQZoDNCG1k7ADUEKMPiWQ502Ts03vMVeyPjqYa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6ff6af6a0fe2541f-YYZ
expires
Fri, 08 Apr 2022 18:29:01 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=kjwd8A==, md5=KtQsmezne0blpCqFIHo3UA==
date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186
x-guploader-uploadid
ADPycdtNm4hGO8Avlxf88Hz92-cMsI9VCTjWdL35vo-OibxMkmnQBLpqajZsUPICM5dwq6b85GrTvHmsX19Ou3NW8x3HnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/css
last-modified
Tue, 11 May 2021 20:31:48 GMT
server
cloudflare
etag
W/"2ad42c99ece77b46e5a42a85207a3750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2v3ikeH6sorXiRONWjt%2B%2BUxEcYFSmEth%2Bp%2BMCTQoh7aRIx5mE1bbkOxDDeeSJBIrgaEPoadC%2Br3d%2Fl8Wdc%2FLyZGR01RH1rrKFpOEu7fk5Su%2F7EWzUoJaPktkmVqN5ZqMtm0fXIdybornmgA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620765108454625
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
1752
cf-ray
6ff6af69e8914bbe-YUL
expires
Thu, 21 Apr 2022 14:20:15 GMT
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2084062fff698fe4865f688cafdd7898038b0293b89ac6a5506ee3310652922

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=ZJnYuQ==, md5=Ao6xZMb5FN6JSXyNa3b5Lw==
date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254864
x-guploader-uploadid
ADPycdsul0Diz7c1s0s7vNDhDAa_BA4tsA5_xHwwAW5k5SwXKXHguxlymt2Q6c574JAL0xQ83gl70PGbUUoMR6wJyoa5qQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 18 Apr 2022 15:16:09 GMT
server
cloudflare
etag
W/"028eb164c6f914de89497c8d6b76f92f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CluPcU8hr%2FDm3zLKNIFXIUkNMm06dUz6Sx1aNNq2qgMvAZf%2B6f49m3awLQv6xKy1W9UhqqJRtr%2BrrplFgrDsLEHCbLZDxystr0BG35MuzoAcTRYwDwNbz5rNUYfFJl%2FwtCRACFh5vXpBGJk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1650294969449683
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
120893
cf-ray
6ff6af6a8a0d4bbe-YUL
expires
Mon, 18 Apr 2022 15:20:34 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
945355cd198fab488c6d39e2f2c200f4588cde1f98f6781ee942b15a324c811b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38678
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Apr 2022 14:07:18 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
100978
cf-polished
origFmt=png, origSize=1882
content-disposition
inline; filename="logo.webp"
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOUfGm4jEVXh2zDy0NLbdrO336QwY3gvLFRwuzbLZ%2BHAqXSIuXTJQ8ACyolP5LnpHWe1msDn68%2BKRgjQCNFD6%2F1eL%2FXvUw7uQq3u%2F6EQd9F3sCxz9gv4TNf7%2B%2BDCabIJHWuJKfU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 20 May 2022 10:04:20 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6a8922541f-YYZ
cf-bgj
imgq:85,h2pri
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 00:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 22 Apr 2022 00:19:48 GMT

Redirect headers

date
Thu, 21 Apr 2022 13:53:57 GMT
x-content-type-options
nosniff
server
sffe
age
801
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Thu, 21 Apr 2022 14:23:57 GMT
no.gif
www.bleepstatic.com/startups/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/startups/no.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b3f3123253e205e7b5f0ff6ee82b2f7dcb4df129786ca936afd62790ba4395

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
134113
cf-polished
origFmt=gif, origSize=4843
content-disposition
inline; filename="no.webp"
content-length
3496
last-modified
Fri, 07 Jul 2006 18:09:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPCPd1Cz%2FL7z%2FKHZf8rxkF7loGUKCLCTwi1%2FcxHvn4Hu2A93q%2FII0Bcm7ZGx0LrkIej07Sg76zgMUy21INusx5NBp9TNWNRsbss9QkOmVFe9Yj%2B9MS7hXiZJsb6ZH6WxGoqQxGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 20 May 2022 00:52:05 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6a8926541f-YYZ
cf-bgj
imgq:85,h2pri
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162289
cf-polished
origFmt=png, origSize=475
content-disposition
inline; filename="twitter.webp"
content-length
282
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qONUm6b9LXqQ96EYitOH8dzAYL5WSkDvxhsFxrm7lI5UTjJMW22LXn8uBUQ%2BadGfEdLqncqLTalBa9%2FbUths52yGQ8bdfd4ov%2B2HPCztAIyCSyAg6v7ELRxUrY1qzPFV4BeV5WU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 17:02:29 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6a8929541f-YYZ
cf-bgj
imgq:85,h2pri
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1412140
cf-polished
origSize=75484
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"984724076"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd%2FUYVRYJdMeZkmH1wtOu5ukynE6tE1ojOau6%2Bz0LClcBILqRS00QU68uWDz%2FBnxLbAKQk1HDgBCBRuNAadfFoIRn1CN8R7MIZjtvvCdIzuFYqDZnnl49s0LTj6%2FnuKCfHhRryA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Tue, 10 May 2022 05:51:38 GMT
cache-control
max-age=3024000
cf-ray
6ff6af6a892d541f-YYZ
cf-bgj
minify
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2669228
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxM9yEwI5PVAyzEn3gdQaaa7gD94rrLtLmwHdkXdx5%2FEu%2Bvb3X%2BcVAAtBiL4tbYtHT%2BY6h9YD%2Fuk3N2fhBXh9ie2ymlWj3HaLNUNNPRYBRlVvInAM1wElaeUsHn8o6noX8yFWTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6ff6af6a58c2541f-YYZ
expires
Mon, 25 Apr 2022 16:40:10 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2669228
cf-polished
origSize=3600
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwspszYsTNusAiYWYgs%2BCM7v%2BgyeqaPVWYjuYhWRAHt0sUaiyd0fglWIwtnt%2B2uE5gpPTBaZ533VP5jRat3mQHzEto4aH7h6YIUG5R9xnpCEgbnDz71UeEAt2bcuwyh73%2FFx6OI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
expires
Mon, 25 Apr 2022 16:40:10 GMT
cache-control
max-age=3024000
cf-ray
6ff6af6a8932541f-YYZ
cf-bgj
minify
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2731011
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA%2BEzbFW6r4F9AIOGjTelW%2FRSXUgm0mEZUirxOWqiHMQfDiaD2kfJ2QTz2TeQpx1Oj2pfEIzVyhN08TTir7ulfXPf0f4sc97zdDGbig6BkiJCjVcMLti85sOcbb1u6Lv6NjsPKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
6ff6af6a78f0541f-YYZ
expires
Sun, 24 Apr 2022 23:30:26 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
x-check-cacheable
YES
cache-control
public, max-age=600
date
Thu, 21 Apr 2022 14:07:18 GMT
x-host
s9.addthis.com
content-length
116325
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6ff6af6ac8fe4bbf-YUL
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-75.phl50.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:13:20 GMT
via
1.1 8a0d00c8697029a8a8411a2a06403ade.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
3238
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-length
4240
x-amz-cf-id
Oq4Hx8sbSZpH7OFHM1ZqchlO9wfziWdDvqbXoKINnKuIuNDBsnK-aQ==
expires
Thu, 21 Apr 2022 14:13:20 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-100.ewr52.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
d84ec9d15167e9ac8c3f44d75eed6313caecaba9723720fd5ae4d75197333893
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:17:18 GMT
content-encoding
br
etag
W/"905502920a6170b7dafb3297df47453c"
last-modified
Thu, 21 Apr 2022 13:17:18 UTC
server
nginx/1.20.0
age
3000
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bdfe34c94134f86b07ebb7714d12d094.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
ltrtPGwsPFEJxlmgptbkXUCjTRpUj3RQ9E70A488BPzlHN8xfED7ug==
x-xss-protection
0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
163044
cf-polished
origFmt=png, origSize=187
content-disposition
inline; filename="login_bg.webp"
content-length
126
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6u60zJuuM8JOX53hRdwmKReG4i5QaH4SG9rIsf0NdMB2OiR7ma1lTaXKMD3QaSgGBQUERHeeMcEs42Q3ui0G1M%2BBtQZRLEPiDQu2Kk7ryoesdySvQTiIpFHbmkixKHq7CdiE7E0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 16:49:53 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6a993a541f-YYZ
cf-bgj
imgq:85,h2pri
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15620
cf-polished
origFmt=png, origSize=83
content-disposition
inline; filename="nav_bg.webp"
content-length
72
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F94KNWhKj8tTbdA6Y%2BvsMRkIJVkLEFfx1ded0jxdKNBAHXH9Otvh6fvptbWtgxz57DKF4iagA3PsYwFZWTsQpWaM9yvgAG9W%2BqC8GYvKF0Qq1nY4%2B%2F6q%2BEvzge4Gr1JefZg9SVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 21 May 2022 09:46:57 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6a993f541f-YYZ
cf-bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:23:56 GMT
x-content-type-options
nosniff
age
164602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 16:23:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:28:42 GMT
x-content-type-options
nosniff
age
563916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Apr 2023 01:28:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:09:49 GMT
x-content-type-options
nosniff
age
395849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Apr 2023 00:09:49 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
161999
cf-polished
origFmt=png, origSize=72
content-disposition
inline; filename="h4-bg.webp"
content-length
38
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ8boPD%2BoZeDrmkeiIiKCEo3Yb48uAGAI8UAOeJSMtZ2Oypuf%2Fd1P90MnbWX3lDN12hApZENPefMeZRsOkGtImqdyushi6hwhypZbdlZvUHTVtQyHtM6NAgb8ZG6oaqw94ClryE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 17:07:18 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9e7541f-YYZ
cf-bgj
imgq:85,h2pri
home-icon-hover.png
www.bleepstatic.com/images/site/ 		144 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/home-icon-hover.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30a201f946c32e7b8e67ee6aaa311dca801a3e1de758eb7799f49a5d25fd878

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
901355
cf-polished
origFmt=png, origSize=1115
content-disposition
inline; filename="home-icon-hover.webp"
content-length
144
last-modified
Fri, 29 May 2015 07:09:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPpGcqFv9K87DDHI4W1hDXCWHOwezzr6%2FoSB%2BT6EKoZPPkLfpy03xnDLjTUTXC5Nuxi%2FMR98k2cN1IAaFy9TnJPXGbV93nJRW6AZF52QURwZGmOmxWcdta1%2F8PuNrUkAwYuDaFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 11 May 2022 03:44:43 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9eb541f-YYZ
cf-bgj
imgq:85,h2pri
newest-icon-hover.png
www.bleepstatic.com/images/site/ 		416 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/newest-icon-hover.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6cb386a633ec3c80cec7e9b1f0287ea19a5c5a2edc16f60f266fac10dc0c68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1401983
cf-polished
origFmt=png, origSize=1524
content-disposition
inline; filename="newest-icon-hover.webp"
content-length
416
last-modified
Fri, 29 May 2015 07:09:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZA7oj16lq9PgUSsC9HbED%2BovB3vgnWeSD798khUQNOfHnK3iXD2j8rmuXvpWWWjv8oocm5JEqSKZoZALHjuIlmdXzaRyMO%2FilS24jkOKWS6IKmDr8Df7PkSSSUW4AU%2FuTCyzSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 05 May 2022 08:40:55 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9ee541f-YYZ
cf-bgj
imgq:85,h2pri
rootkit-img.png
www.bleepstatic.com/images/site/ 		80 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/rootkit-img.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03604fbd11500c1152efe9e69a85d3c20ef3dcc7e247e955cd5981491e94e68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1401983
cf-polished
origFmt=png, origSize=979
content-disposition
inline; filename="rootkit-img.webp"
content-length
80
last-modified
Fri, 29 May 2015 07:10:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owK4VhyMmG%2BuYS3Go6GjqTxLj0IQU8e8Q6kJni1o1Wa5ZW3NikBAMHFsJlFn1u16yHmBNFtPn69vlmsCvlhS9meK52X3tBXl1qD4Cxl%2FLWgKiI43dHXcsC3GZ9z4YgTr6GY8Wns%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 05 May 2022 08:40:55 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9f1541f-YYZ
cf-bgj
imgq:85,h2pri
sdf-img.png
www.bleepstatic.com/images/site/ 		122 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/sdf-img.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2b3eaca36b79224c174e7371325ab20afb8b7217668f871ad44c9b15650600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1401983
cf-polished
origFmt=png, origSize=1106
content-disposition
inline; filename="sdf-img.webp"
content-length
122
last-modified
Fri, 29 May 2015 07:11:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVZ9Pes21rejlFcyyl9m3fM8jlWtzeQkH2ur4HLmLD%2FpiZCgrj0dOLnGIyvkbEtafuMC2q0PBF9e4geAv8WbT%2BCyAEpAN1XusEXl1U8vnB9DRGbF4AvJAZCkvZrUVxoyB3QsdLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 05 May 2022 08:40:55 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9f3541f-YYZ
cf-bgj
imgq:85,h2pri
use-img.png
www.bleepstatic.com/images/site/ 		190 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/use-img.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9242b51504d02464c157615b69ea52761b704e1d4b6e925f436eb6c993beafdf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92788
cf-polished
origFmt=png, origSize=1203
content-disposition
inline; filename="use-img.webp"
content-length
190
last-modified
Fri, 29 May 2015 07:12:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8hVEoengMsxV7wPulx1L1TbKN0C2eKmWOCx7I7UcZIktqblIUBUlbPcyI5JIJhaqfZQZAJ87QOKEeOg%2FqYT2yNv9wYwiaqVIOCjrbAbcxmaTg%2BaxxXOyX%2Bj%2FulQzybN%2Bjqp4Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 20 May 2022 12:20:50 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9f4541f-YYZ
cf-bgj
imgq:85,h2pri
startup-img.png
www.bleepstatic.com/images/site/ 		170 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/startup-img.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb9febd56b4f60e5d0d28f7b7f1454e1ba1c04ce86eef1b041639f29760e2eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1401983
cf-polished
origFmt=png, origSize=1198
content-disposition
inline; filename="startup-img.webp"
content-length
170
last-modified
Fri, 29 May 2015 07:11:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAIMVeUlpjlI0EdsPombt%2B733Zp4ohF18dxchPozj5%2FwnG0reg10rU84Jwhy3buwjt%2BYBGLd%2B3QZdqOr8AS4EQazOAOOuN%2BPrDlFBMme5254BWzYBRnLZHXwrE5uvCRGpcDGHdg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 05 May 2022 08:40:55 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ad9fa541f-YYZ
cf-bgj
imgq:85,h2pri
rss-icon.png
www.bleepstatic.com/images/site/ 		318 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/rss-icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e97afe0a1ab27b50b281408d045d61de9d343ccfb901e928e04bf19fb815a2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160702
cf-polished
origFmt=png, origSize=1404
content-disposition
inline; filename="rss-icon.webp"
content-length
318
last-modified
Fri, 29 May 2015 07:10:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMoidLntJGhUPriyRny1Stpz2VZFHAUFuo49Py%2F3jyWbweIatk7GKWu5k5ORKKc0k3ppGntoSJp%2B9oQDn2or75IGf8rPP%2B4cyWnUpZuLEW1yOmnNIVRES%2BCMVR%2FdcmlH8%2BY9kXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 19 May 2022 17:28:56 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6ae9ff541f-YYZ
cf-bgj
imgq:85,h2pri
news_footer_icon.png
www.bleepstatic.com/images/site/ 		110 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=04.27.21.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1425759
cf-polished
origFmt=png, origSize=186
content-disposition
inline; filename="news_footer_icon.webp"
content-length
110
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fkpw2vc01jS%2FhV9g1TnbJ1f6LAAUglGZay46lFkA%2FHnyhFyReNa%2BuebI133l%2FZehtpjup9WRqZetcLPop6qAzZ26%2FREWLK5p2dWb4UPmlw38YfGZH%2BlmCbkVsur8qXm5ocKqzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 05 May 2022 02:04:38 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6ff6af6aea01541f-YYZ
cf-bgj
imgq:85,h2pri
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 04:56:13 GMT
x-content-type-options
nosniff
age
119465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 04:56:13 GMT
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2679652
cf-polished
origSize=26776
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe3QJJo%2FXfgy43quURTWUSgDIw8BiFfn%2BZm4%2Bi%2FDVuF3Lq658NsCpaJUkz8qsBY4UQKj63DQDtjm2HSms0xjDtN7FGLct%2BSwoTtqFs2HRPYaRkSruqQC2RRdM54%2BZMJzLsRrP0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Mon, 25 Apr 2022 13:46:26 GMT
cache-control
max-age=3024000
cf-ray
6ff6af6b1a77541f-YYZ
cf-bgj
minify
init
d.pub.network/v2/ 		63 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=535&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
923e7acda6875850b044a8af10ce19dc774c27f76e922b028be3664963c504b6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 10:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 10:52:44 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
last-modified
Sun, 10 Apr 2022 10:23:26 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 21 May 2022 14:07:18 GMT
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
192
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2ByQ8m2KB4xyrKS%2Fvz9ax63LX4X1SLnH28ILn8frgYUDzTb3W%2B2kdpu%2B2Yqlx3C2HhTRZzH7mX%2Br%2Bsj7fletlFQSUN1Uq7rds5C517774x%2FXNFIpwdeRLQkAM0E%2F3bbTvgM%2FZDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ff6af6bec9da214-YYZ
content-length
65452
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5002
date
Thu, 21 Apr 2022 12:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 21 Apr 2022 14:43:56 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-65.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 09:19:58 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
18410
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
3C7tOX3Y4VIOmHTZDIzYrGghV28Dbh3ETxTeqs2cOyOeMVKVMv3U7Q==
pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
a.pub.network/core/pubfig/ 		325 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78da514c9f16a47d8e2374012619445409c56fd4da464e9cbd7b581cbf809b08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=eaAmeQ==, md5=uqkd784+dh9bFq38ORsvMA==
date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254903
x-guploader-uploadid
ADPycdtJZyXK61L90NfH4FFxAGSf9qZbsIWZW4dCl2iXeExHh76c_YZVCYm6UGIc2jQSVBFLySVGsJnW5RZcdjoz1r3l8w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
access-control-allow-origin
*
last-modified
Thu, 14 Apr 2022 20:41:55 GMT
server
cloudflare
etag
W/"baa91defce3e761f5b16adfc391b2f30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyTP7%2FyYqbXuZezR2sDICUAIEdugDIESV%2FBrsVRh98NYLKBkPhtIQBoTJAqlU7RaAL0%2BEDjy9Hh3AmRXneouo6%2BeezJEOwAxUmhyc74myu97gf3le8Wg%2BIZUIkEeoxniSd7M8MMiVUNALkE%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
x-goog-generation
1649968915458077
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
332978
cf-ray
6ff6af6bec434bbe-YUL
expires
Mon, 18 Apr 2022 16:18:55 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&charset=UTF-8&ch=14&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=98371591
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
ea9f8ace5bf9d8980e268983ce92dd179865a18de388e621bd90d8879edab9b8

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
x-amz-cf-pop
PHL50-C1
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://www.bleepingcomputer.com
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
RLsUa-fRVXVL63CRp68ZZZJlVCaWDw1MJqRN0kJV6WBjFiM38ud_CA==
expires
0
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:21:22 GMT
content-encoding
gzip
age
2756
x-guploader-uploadid
ADPycdvyt4N0MIBGIQhdkaiwBB2nyPEPtqtl4aDFW07QaW2ymQOEiQ-MYhiUO5sKPcSMessZJieDRNTpp_PC2kv2Ds9Qid-n4DND
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation
1649178504809914
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
3690
accept-ranges
bytes
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d0abc81595a9a4520f68591476f2f3e0d621c9e69557396b2c420ea49ae32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28521
x-xss-protection
0
server
sffe
etag
"1192 / 828 of 1000 / last-modified: 1650539476"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Apr 2022 14:07:18 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
205 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8702e282eaafc20ed9259cdb705c0f3ff011dce6ee39bf48a32603c7287fb66b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray
6ff6af6ce95d714b-YUL
date
Thu, 21 Apr 2022 14:07:18 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 21 Apr 2022 13:42:32 GMT
server
cloudflare
age
1457
etag
W/"d8510c21a5b714bca7d604cfb9a771e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipvsZSKbZxkGq9hUPC0kpHoBjB0slDckzREfU6yA9P2ShfFJQ%2BIMcy6DROWmEjHfMn0NpVoKp%2FcecepRtUGVp3P4m4sSYiR5NJKmrPNL3Uneqk%2Fq5n8QJ6L9tCXIfhXPCER0Fxk8Q%2Bz80A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br

Redirect headers

date
Thu, 21 Apr 2022 14:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A458J%2BztFBjlSCLN9lDCnQ1MFoavBuM%2FlwLu4P4F%2BLkMtspM2%2BtfNt119s6EfNujMueCriV9uYfXEdtNxTXG0I15OsjCnW7fob7Ejt2bxv878bNm6%2B1Q6NR5smY2F1u9gkxYjPMgwv1e%2Fn%2F0fP2kyshPjfSrlYpAdCKu0w%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
6ff6af6c9b064bbf-YUL
expires
Thu, 21 Apr 2022 15:07:18 GMT
ats.js
ats.rlcdn.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.31.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-31-96.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 04:53:15 GMT
content-encoding
br
age
33244
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
vary
Accept-Encoding
x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
EWR53-C2
content-type
application/x-javascript
x-amz-cf-id
SLpxEUxqpA3_11utFrPeqvzm1w_HHZfVP6uIWJ_yu2s6GONX9dwPCA==
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		0
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Apr 2022 13:16:35 GMT
Server
Apache
ETag
"da27be-0-5dd29eb5521a8"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=840
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Thu, 21 Apr 2022 14:21:18 GMT
prebid-analytics-5.20.4.1.js
a.pub.network/core/ 		501 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aef37c7abe75530fac92a34f337cd7f558956e9800f5b0e05094fb83e963be6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=nVgvkg==, md5=5nTDrv99g3t6RfM7pUYl1g==
date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82101
x-guploader-uploadid
ADPycdu5UPDrqXAT5K9NQJ6jqwDlfTgNgzIaB_vnZc_anpfqtRVBKaU2CZrxDgeQ01aipV2oCgZjsdpmDyGFERg0Mo4oqA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
content-type
text/html
last-modified
Thu, 07 Apr 2022 15:31:56 GMT
server
cloudflare
etag
W/"e674c3aeff7d837b7a45f33ba54625d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azwGu%2BUhKLn0NOB2HC7gF5pxj4ZEiqTR0b38blJ9%2BbBczJjP3%2FD8khj1imAQB9OG9xWP1vh5GqRCxiDTbQ%2Bc9uaPGTF9EyU9q1%2FjRAjD4JWPYi9aUY5hXyKkSaLzc9YeP6xn10dXb%2Fpmc8k%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
x-goog-generation
1649345516571407
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
512965
cf-ray
6ff6af6c7d744bbe-YUL
expires
Thu, 20 Apr 2023 15:18:57 GMT
collect
www.google-analytics.com/j/ 		1 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1433585263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&ul=en-us&de=UTF-8&dt=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=406577303&gjid=1932565884&cid=1680307641.1650550038&tid=UA-91740-1&_gid=111597908.1650550038&_r=1&gtm=2ou4i1&z=1600470691
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650550038489&ns_c=UTF-8&cv=3.5&c8=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&c...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650550038489&ns_c=UTF-8&cv=3.5&c8=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650550038489&ns_c=UTF-8&cv=3.5&c8=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Server
13.224.207.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-65.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
via
1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
lNWb3F9xzBB39WGVjYowSUEi6g0ErV1UAFQUfdQOH2DNqUBOwd7uTg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=1&ns__t=1650550038489&ns_c=UTF-8&cv=3.5&c8=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&c9=
date
Thu, 21 Apr 2022 14:07:18 GMT
via
1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
3zRVEw1uJLgR3GJoBOnFYh1pfz-1WvWPrzJQW7k5jFn-qUJOG9eXBw==
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		30 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-49.phl50.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 05:33:19 GMT
via
1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront), 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
age
30839
x-amzn-requestid
4e37e4e3-efe3-441e-bc96-1ad73f082717
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6260ec9f-695d36ae3fb36b6f3a339863;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD89-P2, PHL50-C1
x-amz-apigw-id
Q6no4HhMDoEF-mA=
content-length
30
x-amz-cf-id
HiQ5CclgzoF-Nt7EvuivBNTEIVibz8kwBOGPgEQqF6t37jszQPuTzQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl_2022041401.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
sffe /
Resource Hash
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 12:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125916
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 08:34:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 21 Apr 2023 12:04:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		194 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bleepingcomputer.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
4d312294a06982e0377c120ec4264047c63fcb56b327468835938bcc8f144ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118
x-xss-protection
0
expires
Thu, 21 Apr 2022 14:07:18 GMT
px.gif
ad-delivery.net/ 		43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
918888
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLluKV8itZu5DtYNCq63jxiSIOTMvWttX3IAjQB4sfA3G0h8Gi9Q7tSQH%2B%2BtoWoxs6EiTGyEIeJFim15anU3iuRBW7cuKE9znjpI4%2BZpxctKstNAkmKCeTXGOKgNbM65KHtMHHK1APniB6qFfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6ff6af6d6a847144-YUL
expires
Sun, 10 Apr 2022 22:56:41 GMT
px.gif
ad-delivery.net/ 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.295231288244147
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Thu, 21 Apr 2022 14:07:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
918888
x-guploader-uploadid
ADPycdupfa7KCtOe0TVtQ1XEXjEqBcYS55h5xltmciWkwyT05QVbX3hl2G6BY1wwXXVxP-9l4WeFTPgHVnUrgCoq0nDtipi3Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOtLKFhfMLKkd73ANLdo%2BUX0Xx5svrHzAwRumeN%2Bjye%2Bybtgvi1Aufzq8Xi%2BPFO7%2FenwEzUAGg%2B9Sw3sbrjELeL%2B6%2BWOn2vgBWoXLaxxtovmLCiyxRoO6Q9lVJhcLlh0edklAfTAgnWexb68gA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6ff6af6d6a867144-YUL
expires
Sun, 10 Apr 2022 22:56:41 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3BDAE1FAB05E52F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19297
accept-ranges
bytes
content-length
948
x-amz-id-2
JQEtOEyiFCqCP1YLI1OIPGBGUg/WHgpDv22+z5rvn/G8szLTqEelRVwbxuu0H6mk2GphOf1hSec=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
etag
-1659864586--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=59, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
678
300lo.json
m.addthis.com/live/red_lojson/ 		102 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6261651684db3be8&bkl=0&bl=1&pdt=541&sid=6261651684db3be8&pub=ra-561517d2c7f964d6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bleepingcomputer.com&fp=startups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=rundll32.exe%20streamci%2CStreamingDeviceSetup%2Cvirus%20removal%2Cmalware%20removal%2Ccomputer%20help%2Ctechnical%20support&colc=1650550038636&jsl=1&uvs=6261651680eab468000&skipb=1&callback=addthis.cbs.jsonp__466409751404004650
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c2af249728ffbcd06c207a408992a7ca357f1b494b4d3acca87043ac85a73c42

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:18 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length
102
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 639F 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9FB3 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 21 Apr 2022 14:07:18 GMT
etag
W/"5ed917ff-11adc"
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=mE2VrVRrI&w=5733492711227392&o=5714937848528896&cv=2.0.6-2-g96db28a&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Apr 2022 14:07:18 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 21 Apr 2022 14:07:18 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3efe120550343e2c05d76eea530b414e504815daf9c455efe64297bdb35e24bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:18 GMT
via
1.1 google
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=31536000;includeSubDomains;preload;
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 21 Apr 2022 14:07:18 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/ 		281 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Thu, 21 Apr 2022 14:07:18 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.152 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-152.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
last-modified
Thu, 21 Apr 2022 14:00:00 GMT
server
nginx/1.15.8
date
Thu, 21 Apr 2022 14:07:18 GMT
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
info.json
www.reddit.com/api/ 		144 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&jsonp=_ate.cbs.rcb_6mh50
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
9673fddf73f09cc8f1f8953960273c8a19635f0aa4f24afef747827f907e4a34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ratelimit-used
1
via
1.1 varnish
x-content-type-options
nosniff
x-ratelimit-remaining
299
content-length
144
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
date
Thu, 21 Apr 2022 14:07:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-reddit-backend
29D23357A3A84814757D4F8DBA593F2626A933BD026BA2E380C2C4C583AA0E90
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
162
accept-ranges
bytes
expires
-1
info.json
www.reddit.com/api/ 		144 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&jsonp=_ate.cbs.rcb_8maj0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
662c56b35f59aecda894fb9b23f424ac14d862d9a956ff9b50a6efa15246033b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ratelimit-used
2
via
1.1 varnish
x-content-type-options
nosniff
x-ratelimit-remaining
298
content-length
144
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
server
snooserv
x-frame-options
SAMEORIGIN
date
Thu, 21 Apr 2022 14:07:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-reddit-backend
29D23357A3A84814757D4F8DBA593F2626A933BD026BA2E380C2C4C583AA0E90
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store
x-ratelimit-reset
162
accept-ranges
bytes
expires
-1
rum
www.bleepingcomputer.com/cdn-cgi/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
application/json

Response headers

date
Thu, 21 Apr 2022 14:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6ff6af6ed87c8c17-EWR
vary
Origin
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-14.phl50.r.cloudfront.net
Software
Server /
Resource Hash
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
7yz_RBbUaUL.c9AHi_yCDNj.QPtoJsmz
content-encoding
gzip
etag
ae8d955adf98458335c127f4461070c2
age
62132
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0VNCYY8F1699JYXJTFAA
date
Wed, 20 Apr 2022 20:52:01 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
sRU75MZ-Yh-BHSi7K4Sl_t8a1uYK-vXboaSax5FuQe6rb8smZAebeQ==
op.js
tagan.adlightning.com/freestar/ 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/op.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ccb3b364eb66088dd696526313acbfcc7c763a8e870e66699b5a190ab2bf890

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
sZAQUoAQSjFMjfH1k.uR03yjJuSBEYQq
content-encoding
gzip
etag
"d3b1f731ea9ce296dfc33d6334e033fe"
age
3503
x-cache
Hit from cloudfront
content-length
24127
x-amz-meta-git_commit
5a99e50
last-modified
Wed, 20 Apr 2022 17:52:53 GMT
server
AmazonS3
date
Thu, 21 Apr 2022 13:08:57 GMT
content-type
application/javascript
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-amz-cf-id
msokMd9cDCr2nahXdgzItr9K8ozU2nmlxW4SUJoUmqkM_2lzf-Z2TA==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 28 Apr 2022 14:07:19 GMT
load.js
s.ntv.io/serve/ 		394 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.25.0.9384edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.163 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
x-amz-request-id
PAQBPN3AJH773GGC
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/lApjz4kaH8jGqSSaD6oLGRG9Yo1GVXzWMelX0Xog7d6sav1GdUjR78QDWbBnOBXpl8/p4F7hmM=
Last-Modified
Tue, 12 Apr 2022 15:30:17 GMT
Server
AmazonS3
ETag
"aa068ae425ad39385b7557af7408b5ba"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
auction
tlx.3lift.com/header/ 		19 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.4&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.248.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-248-204.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/ 		117 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dPGcAuqZ0r6Ok4aKlId8sQ
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4b77109942571a6fafd1403871c3fa463c959cabe27495a627e28715ff4e99a9

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
v1
btlr.sharethrough.com/universal/ 		0
0
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
arj
freestar-d.openx.net/w/1.0/ 		175 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c8e91bfa-0512-4912-a97c-7c9a437834c6&nocache=1650550038999&scsm=www.freestar.com%3A601&pubcid=29c5d5f2-5d2e-417f-af8d-7660a36c970d&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90&divids=bleepingcomputer_970x90_728x90_320x50_sticky&aucs=%252F15184186%252C1006593%252Fbleepingcomputer_970x90_728x90_320x50_sticky%252Fbleepingcomputer_970x90_728x90_320x50_sticky&auid=540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
ba626050004d9b1c9e773d17664162297b25bf0ce8165489f4e177efc8722b28

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1acfaf8603fb7a475b59f93b7b21e58f96555ec4fadb6ac48122afb5dfb0299

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		139 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c530e52c52e852c798563490f22a97f051bf4e2d23830f2294dd3f3fa69ec535
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c104a3b4-6a10-4ac1-90d2-7683e8735fab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
c.deployads.com/openrtb2/ 		467 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.20.4&host=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.134.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-134-45.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
6a443dd3afe8a151520725e3d41ec3b6298e69c7db2f6e72ee8a8ac25b481d75

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
467
expires
Thu, 01 Jan 1970 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		758 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,412,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&tg_i.fs_ad_product=stickyFooter&tg_i.dfp_ad_unit_code=15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tg_i.pbadslot=15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky&tk_flint=pbjs_lite_v5.20.4&x_source.tid=c8e91bfa-0512-4912-a97c-7c9a437834c6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6048189835752986
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4ec4aa749d768f1f39c73ced794ab439144b6764d31d097c3b7a4299c6a84bd5

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
758
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.4&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22callback_id%22%3A%222067e8b0e9cf584%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&bust=1650550039006&pr=&scrd=1&dnt=false&description=This%20entry%20has%20information%20about%20the%20startup%20entry%20named%20Ccdecode%20that%20points%20to%20the%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20file.%20This%20program%20does%20not%20need%20to%20automatically%20start.%20Please%20visit%20this%20result%20for%20more%20detailed%20information%20about%20this%20program.&title=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=29c5d5f2-5d2e-417f-af8d-7660a36c970d&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.57.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-57-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ff6af702e91efe4-EWR
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
74ba418906fb0290f2464121a1910bb9bd06b559924f9f8ce8f10cf63f07971a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c785220e-14c0-4bf8-9140-e6827755e41d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f9576f225d518dbb375e43aa59b0334d23fb4abee4d8bf1f56f45ed165bc1059

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
translator
hbopenbid.pubmatic.com/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 21 Apr 2022 14:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
21f41b3a7be6b51a9cb0f6c6fa4242b9bee2bf7edbb6721bae0c19be800fe2cd

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
af8d27e343e40d60295bda2bea1fe791caad23373e829cc8a4bd046a5df79a30

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2234504ffd10f8caf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html%22%2C%22name%22%3A%22bleepingcomputer-com%22%2C%22domain%22%3A%22bleepingcomputer.com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.4%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2235f3ac90a8df65%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.229.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-229-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f9c94ec86466e6648663996ac8a80269ca8306f84a4d4fdef92829bf26238e4

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.188], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3861
x-ak-client-geo
19
expires
Thu, 21 Apr 2022 14:07:19 GMT
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 23:47:42 GMT
content-encoding
gzip
age
656378
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
LNpy5tgy6L7UI3fvKBYCujCeMPFyI70KXCpZ8J6qBgQVj-qtHmNOMA==
bl-39123b0-2cf3ec29.js
tagan.adlightning.com/freestar/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-39123b0-2cf3ec29.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:08:16 GMT
content-encoding
gzip
age
71944
x-cache
Hit from cloudfront
content-length
15983
x-amz-meta-git_commit
39123b0
last-modified
Wed, 20 Apr 2022 17:52:00 GMT
server
AmazonS3
etag
"3b8ff07a947ae1c9ae1df76532af4ffe"
x-amz-version-id
kyo7b6lKvcmVJT50m9PfrisKj8wBbq4L
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
m5wwjR1dM2JcXsW2dqeRkwJoeZtLmGwjD7F8NeZEgyjCDqHD7gvJkQ==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/webp
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-14.phl50.r.cloudfront.net
Software
Server /
Resource Hash
649fc78f0d874b4e2e7cde4d0ee7255fe6c6a8ed2e909566752e4ac82d7abd03

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 09:00:15 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
Server
age
18423
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
PHL50-C1
content-length
1449
x-amz-cf-id
ewtnmbI2H5a6EDeY6E1WL75f9lwbIL2b7gduAzG1dDYZLCIcCuns3w==
bid
c.amazon-adsystem.com/e/dtb/ 		192 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&pid=ANG2QdDn4YwX9&cb=0&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-14.phl50.r.cloudfront.net
Software
Server /
Resource Hash
2a3c6e99591820af61cc1982b87d337448abdab0b6cdb9a631fb7591e0ecae4a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
V1BPVVZXD7NFZHE3A0E8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
192
x-amz-cf-id
8qbMRVuUve7Zg6BEipzEC_pfzTBbmClb57RbT7fT9VFDjF9cuLx2CQ==
bid
c.amazon-adsystem.com/e/dtb/ 		192 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&pid=ANG2QdDn4YwX9&cb=1&ws=1600x1200&v=7.75.0&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_Right%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_Right_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right_2%22%7D%5D&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-14.phl50.r.cloudfront.net
Software
Server /
Resource Hash
0d23a033adadf4aee3d9ae65d0057ec452e3ea117ac5a38cf59fdc6cda3f5d9a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
7ZK12F2EMPPJMCFAER2Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
192
x-amz-cf-id
wuYsYLY2dx0AbR7v-oIubI2EvS-0rrzWYsFQiJ-nOSpzWAUJ_2juHw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-14.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 00:02:54 GMT
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
50666
x-cache
Hit from cloudfront
content-length
6482
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Z_mhQM48PZSEmOs309pLKb2d3RgfiN5pSHzLcXn_a7e_T7BtdOem-w==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:3200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:09:12 GMT
content-encoding
gzip
age
3488
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
2jxi0GkkttYZollGvc-B_AJ97O6tFZbGuxg9N1uZ0qX4YqGXh7GUUg==
t
jadserve.postrelease.com/ 		288 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&ntv_mvi
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.231.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-231-202.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
86ce1cf8469e7cf238c75b3b7832cd4584de46b4aea240603feda0a225cb1495

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
233
expires
Mon, 1 Jan 1990 12:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-125.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 21 Apr 2022 14:22:19 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
date
Thu, 21 Apr 2022 13:27:04 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
342655777
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
date
Thu, 21 Apr 2022 14:07:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		80 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f10d248f17984d660f3d5a1e7e689a55efbee629e981b4c9135c8a3546e4de71
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
62afc549-f0b6-4d51-a5f6-ed49a5e89e14
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
229da481237c3f5ba1725ee32a9a922ce856aa6f984b3daebb59804066b20c68
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e42fa973-e749-43a5-a136-a9275dc44294
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
freestar-d.openx.net/w/1.0/ 		175 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4747e16f-d623-43c2-931b-c60862e4cf1d%2C4e5afa6d-9be0-463e-80df-ea6b29668d37%2Cb5eaa371-bfcb-43b0-9222-60e8752f32ce%2C5ccc6187-4dae-4637-87d6-aa0b8af94e16&nocache=1650550039366&scsm=www.freestar.com%3A601&pubcid=29c5d5f2-5d2e-417f-af8d-7660a36c970d&schain=1.0%2C1!freestar.com%2C412%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%7C300x250%7C300x250&divids=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_Right%2Cbleepingcomputer_300x250_Right_2&aucs=%252F15184186%252C1006593%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%252Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2C%252F15184186%252C1006593%252Fbleepingcomputer_728x90_320x50_InContent_1%252Fbleepingcomputer_728x90_320x50_InContent_1%2C%252F15184186%252C1006593%252Fbleepingcomputer_300x250_Right%252Fbleepingcomputer_300x250_Right%2C%252F15184186%252C1006593%252Fbleepingcomputer_300x250_Right_2%252Fbleepingcomputer_300x250_Right_2&auid=540959250%2C540959250%2C540959250%2C540959250
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
cd277a6937c38f23af7aa5f1c232033c09449b23d61d19763feb5bc602e50460

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6a5ac5baff77accdc598b43da984d5e65565a879ac2219be8fe45efe7de19609

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194700601d06e7&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
55a7626f874414b0e260282c292c41851e7d27866eeb475f3fb80a34feea0504

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a969d1301787836013037fa80ed00db&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5dd0d040336167f3822644a30f393f189ba700daa94c45b686fba65d074cbd4e

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707c7680952&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6171e8a0e81e8bb3771a11b1b4d7979416349923fbe3ce4d3ff6a1861361fadf

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707caca0954&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
0be157fb756710ee2821e8bfa7d244e32d15d4a9e118fb86281e1e846e4dbe70

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941201747444131946df53d00575&pos=8a9694120174744413194707caca0954&cmd=bid&req=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&secure=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
4e43a62612491ba51206736491f25e6b7748f1ecd5f2752633eee39a9ccb2ace

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
content-length
62
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.104.187 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-104-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Thu, 21 Apr 2022 14:07:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
prebid
prebid.media.net/rtb/ 		72 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e874096415fcd29e9262036c53ffac1db14357df9644e040d390ad0b3375efdb

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
auction
c.deployads.com/openrtb2/ 		510 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_5.20.4&host=www.bleepingcomputer.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.134.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-134-45.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
36167853f2f5adcd9d5afde410b6fd0cf980e1c754c9d63d229083668d6aea91

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
510
expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=5.20.4&p=%5B%7B%22placement_id%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22callback_id%22%3A%22875d1cde4c8d049%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%2C%5B970%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22callback_id%22%3A%2288f98692747ef1b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_300x250_Right%22%2C%22callback_id%22%3A%22899d81a47237747%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right%2Fbleepingcomputer_300x250_Right%22%7D%2C%7B%22placement_id%22%3A%22bleepingcomputer_300x250_Right_2%22%2C%22callback_id%22%3A%2290150e7ae212fd8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222701628685080797398%22%2C%22gpid%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right_2%2Fbleepingcomputer_300x250_Right_2%22%7D%5D&page_url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&bust=1650550039372&pr=&scrd=1&dnt=false&description=This%20entry%20has%20information%20about%20the%20startup%20entry%20named%20Ccdecode%20that%20points%20to%20the%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20file.%20This%20program%20does%20not%20need%20to%20automatically%20start.%20Please%20visit%20this%20result%20for%20more%20detailed%20information%20about%20this%20program.&title=Ccdecode%20-%20rundll32.exe%20streamci%2C%20StreamingDeviceSetup%20-%20Program%20Information&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=29c5d5f2-5d2e-417f-af8d-7660a36c970d&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.57.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-57-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bleepingcomputer.com
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ff6af722859efe4-EWR
access-control-allow-headers
origin, content-type
cygnus
htlb.casalemedia.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=393562&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2296c07c1b5f025b3%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html%22%2C%22name%22%3A%22bleepingcomputer-com%22%2C%22domain%22%3A%22bleepingcomputer.com%22%2C%22cat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22sectioncat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22pagecat%22%3A%5B%22IAB19-9%22%2C%22IAB19-10%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%7B%22id%22%3A%22601%22%7D%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.4%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2297efa021a9c0caf%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%7D%2C%7B%22id%22%3A%2210082449f4f9116%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%7D%2C%7B%22id%22%3A%221017bba4ade84e0b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right%22%7D%7D%2C%7B%22id%22%3A%221025580c758fcdc5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right_2%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2C1006593%2Fbleepingcomputer_300x250_Right_2%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22412%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.229.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-229-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4914c163af57311f0841ffa3add690d448bd405aff0a220e0ce9bc95601b9854

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.188], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3911
x-ak-client-geo
19
expires
Thu, 21 Apr 2022 14:07:19 GMT
auction
tlx.3lift.com/header/ 		19 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.4&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.248.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-248-204.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
accept-ch
sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/ 		25 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2e3fe4c249324917cc16292093a7e2a9dc509bde2a06db65eebe80fca4496ce

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2%3B2%3B15%3B15&alt_size_ids=55%2C57%3B%3B%3B&rp_schain=1.0,1!freestar.com,412,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&tg_i.name=bleepingcomputer-com&tg_i.domain=bleepingcomputer.com&tg_i.cat=IAB19-9%2CIAB19-10&tg_i.sectioncat=IAB19-9%2CIAB19-10&tg_i.pagecat=IAB19-9%2CIAB19-10&tg_i.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&tg_i.fs_ad_product=banner&tg_i.dfp_ad_unit_code=15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%3B15184186%2C1006593%2Fbleepingcomputer_300x250_Right%3B15184186%2C1006593%2Fbleepingcomputer_300x250_Right_2&tg_i.pbadslot=15184186%2C1006593%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%3B15184186%2C1006593%2Fbleepingcomputer_728x90_320x50_InContent_1%2Fbleepingcomputer_728x90_320x50_InContent_1%3B15184186%2C1006593%2Fbleepingcomputer_300x250_Right%2Fbleepingcomputer_300x250_Right%3B15184186%2C1006593%2Fbleepingcomputer_300x250_Right_2%2Fbleepingcomputer_300x250_Right_2&tk_flint=pbjs_lite_v5.20.4&x_source.tid=4747e16f-d623-43c2-931b-c60862e4cf1d%3B4e5afa6d-9be0-463e-80df-ea6b29668d37%3Bb5eaa371-bfcb-43b0-9222-60e8752f32ce%3B5ccc6187-4dae-4637-87d6-aa0b8af94e16&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.007311270256457281
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
47e9b42965bea31f491a411286d3910e224e791879ad2e352deb0d2a4b945c96

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
474
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pixel;r=117354749;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html;uht=2;fpan=1;fpa=P0-599194699-1650550039385;pbc=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=117354749;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html;uht=2;fpan=1;fpa=P0-599194699-1650550039385;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=bleepingcomputer.com;je=0;sr=1600x1200x24;dst=0;et=1650550039385;tzo=0;ogl=site_name.BleepingComputer%2Clocale.en_us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
882.json
id5-sync.com/g/v2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
46ab0fb3834133bf41894c1846e122be3adf07e2b687ac36c7518e6df87f9788
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Vary
Origin
P3P
CP="CAO PSA OUR"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
a.pub.network/core/pubfig/ 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daffdd6f62e491d3b2ab8012fb6c886e904863487f503e76a4fc6281594d533b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=g723/Q==, md5=cMEEZ9k/uijR78lkvnZ7nw==
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254903
x-guploader-uploadid
ADPycdv0X9K3VYkt44bSGVosNlYtt1i6tW_eATyH7_fHRwZqm1BEN97MHeyydP0bH8x1IHid5Vmfz9mMQDbGS8CTmd83Gg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
access-control-allow-origin
*
last-modified
Thu, 14 Apr 2022 20:41:58 GMT
server
cloudflare
etag
W/"70c10467d93fba28d1efc964be767b9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQuRlDcQFjNY%2BTGkOj4OlsOEB3AaYgiZlINKgjmLN3VHkYy%2BoL2tzZuVaVBtnuJ66UDB2XUp9rY7Xs980XfAtPOVpubHdMGE8AoawkE4AcKlGymXSarh0J%2BgwnkPwY5f73BTU0OJfy7%2BhuU%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
x-goog-generation
1649968918804884
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
186084
cf-ray
6ff6af72bf144bbe-YUL
expires
Mon, 18 Apr 2022 16:18:56 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1205523081691976&correlator=1670242361345280&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_970x90_728x90_320x50_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&adks=1087171916&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dc300b1%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_970x90_728x90_320x50_sticky%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fspbg%3Dfreestar%26freestar_path%3D%252Fstartups%252Frundll32.exe_streamci_StreamingDeviceSetup-747.html%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dmedianet_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D1233dc8e26a2dcf6%26hb_bidder%3Dmedianet&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie_enabled=1&abxe=1&dt=1650550039532&lmt=1650550039&dlt=1650550037999&idt=708&biw=1600&bih=1200&adxs=436&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1680307641.1650550038&ga_sid=1650550040&ga_hid=1433585263&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
b20c7535189a3ce02189713627dec04c4b66acfc4344261846d53096d6525800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8569
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
347d9f68b113bb97ee7813cd4f63ff4a0d1d8c65d1012c8df83fbef34b7131bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10713
x-xss-protection
0
container.html
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DE2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Fri, 21 Apr 2023 14:07:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 3CA5
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
338 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
966f2d91f30369d087b2a7149623cf40a173d02985dac8d613619016e6ab81b4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
338
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q7AV9DTYNK129QW7HNV2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FC4NK00PVZJMTSQKAWKG
c
c.pub.network/ 		36 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:19 GMT
pr
s.amazon-adsystem.com/v3/ Frame 9DD6 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3d7d78eccbc68077488d31e659986f80428c6affdd7c1b4c56e31d72b0d6861f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3048
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
MZDR412XNGP1TMYMGCT4
https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
match.prod.bidr.io/cookie-sync/ Frame 9DD6 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.7.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-7-173.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame 9DD6
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=76FDC54144714F12816F67C0F1455CDB&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=76FDC54144714F12816F67C0F1455CDB&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CMSZP64M0ME03FP6HQA0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 21 Apr 2022 14:07:19 GMT
x-content-type-options
nosniff
server
nginx
location
https://s.amazon-adsystem.com/ecm3?id=76FDC54144714F12816F67C0F1455CDB&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 20 Apr 2022 14:07:19 GMT
ecm3
s.amazon-adsystem.com/ Frame 9DD6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPLXIFDFOU3HJE2HES2HORYUM...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=wAFWSgI4rKGtqFSiHetv
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=wAFWSgI4rKGtqFSiHetv
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2976KDBPKK57SBJP144E
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
P3p
CP="We do not support P3P header."
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=wAFWSgI4rKGtqFSiHetv
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 4E8D
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7d9eccc6d0701223&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcYxJqjLrHAN-4FBiAAAAAAA&expiration=1650636439&is_secure=true
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcYxJqjLrHAN-4FBiAAAAAAA&expiration=1650636439&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
M1R84P1JZ86N2QBD2WPF

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGcYxJqjLrHAN-4FBiAAAAAAA&expiration=1650636439&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 66BE
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOMyb-I4qy8rNxwR_-xwYD85pTlxMS_-7kjjiCtQ
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOMyb-I4qy8rNxwR_-xwYD85pTlxMS_-7kjjiCtQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
NN8TQB3YG3YRWGGHMXCM

Redirect headers

Date
Thu, 21 Apr 2022 14:07:26 GMT
Location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOMyb-I4qy8rNxwR_-xwYD85pTlxMS_-7kjjiCtQ
P3P
CP="CAO PSA OUR"
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
/
match.sharethrough.com/jwumXNuB/v1/ Frame F495 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-186-180.compute-1.amazonaws.com
Software
/
Resource Hash
83926932e047df927ee7c1344c513f5380b905bd5e63e8a983bf0d97c99c8aa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Thu, 21 Apr 2022 14:07:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3276 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.29.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-14.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165738
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:19 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 23 Apr 2022 12:09:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame B992 		886 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.41.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-110.compute-1.amazonaws.com
Software
/
Resource Hash
268a7b2b5b0e56b977e9e58ee2e509bcae33ef831868eec0bf5ff9aa5a4c16bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
usync.html
eus.rubiconproject.com/ Frame 3FEB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Apr 2022 14:07:19 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 303C 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
2b7b308833a82afa605416609024d6210e58ecf639a9a2661ba9fe7c2f735149
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-cx986
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame A453
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8298961850055676383&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8298961850055676383&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
0NK2MADCHXSFP5QXAPXF

Redirect headers

AN-X-Request-Uuid
d8b7aa6f-1766-4b34-9575-f156f8e8ce94
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=8298961850055676383&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame A042
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b22015fa939c2be51580dd933017dbb0d01f86e00ed3477e100d990495fdd23a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ewr1
ecm3
s.amazon-adsystem.com/ Frame 8F81
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1011297303317820384187
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1011297303317820384187
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-Beeswax_cnv_n-inmobi_n-sharethrough_pm-db5_n-simpli.fi_ym_rbd_ppt_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
TJ8E1F6ZXGN1P6QFQAJF

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 21 Apr 2022 14:07:19 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1011297303317820384187
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E5B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 00:34:28 GMT
expires
Fri, 21 Apr 2023 00:34:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E48F 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7443c80b3861cc93da1121323aaf9b18f63f4a997a3edfa2e9fd25106e9af9e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DKdy+LgnJ7bQ6A2fTwfQvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-DKdy+LgnJ7bQ6A2fTwfQvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Thu, 21 Apr 2022 14:07:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 5E5B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
395379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 00:17:40 GMT
rtset
bh.contextweb.com/bh/ Frame 303C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=NU94eDFIVEZNMTI5bGFFdUZmTTRmQQ&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=NU94eDFIVEZNMTI5bGFFdUZmTTRmQQ&gdpr=0&gdpr_consent=&google_tc=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOwpgT8GJX71xQ0q37Ytels&google_cver=1
49 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOwpgT8GJX71xQ0q37Ytels&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-cx986
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOwpgT8GJX71xQ0q37Ytels&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 303C
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=7e3c5a034f7a1223&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGcTFWsJat2gMhRw9lAAAAAAA&expiration=1650636439&nuid=&is_secure=true
49 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGcTFWsJat2gMhRw9lAAAAAAA&expiration=1650636439&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-cx986
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGcTFWsJat2gMhRw9lAAAAAAA&expiration=1650636439&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 303C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr_in_effect=&gdpr_consent=
49 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr_in_effect=&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-588fbd8cf7-cx986
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr_in_effect=&gdpr_consent=
date
Thu, 21 Apr 2022 14:07:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ecm3
s.amazon-adsystem.com/ Frame 303C 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=qLrMiP7PILrj&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PES70D5A26RAJNGMPQYC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3276 		60 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fab032945c02fb9d789ea99cad49b63fd31054df7293c0920ef07d7829c27d8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:19 GMT
cache-control
private
expires
Wed, 20 Jul 2022 06:21:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
60
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame A042 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=e6035e59639ec77fc6ef41ae&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QYQXQE6GC51V8ZGDFJ0N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame A042 		45 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=e6035e59639ec77fc6ef41ae&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:20 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:20 GMT
merge
ce.lijit.com/ Frame A042
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=27&uid=e6035e59639ec77fc6ef41ae&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=66&3pid=664619934089
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=66&3pid=664619934089
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://ce.lijit.com/merge?pid=66&3pid=664619934089
merge
ce.lijit.com/ Frame A042
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=08e421e7-ae6f-40aa-912c-21b9b0b66530&gdpr=0&gdpr_consent=
43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=08e421e7-ae6f-40aa-912c-21b9b0b66530&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=08e421e7-ae6f-40aa-912c-21b9b0b66530&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
223
merge
ce.lijit.com/ Frame A042
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=8RnuZY7TXGpSriqslf2s&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=8RnuZY7TXGpSriqslf2s&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=8RnuZY7TXGpSriqslf2s&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT, Thu, 21 Apr 2022 14:07:20 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame A042
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=L292VL5G-12-AFRI&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=L292VL5G-12-AFRI&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ewr1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=L292VL5G-12-AFRI&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
ecm3
s.amazon-adsystem.com/ Frame B992 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g4e439215b90113f3e54
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4BV6SV71G1E3QNGXSF21
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ib.adnxs.com/&https://ads.yieldmo.com/v000/ Frame B992
Redirect Chain
  • https://ib.adnxs.com/getuid?&https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=8298961850055676383&pn_id=an
0
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=8298961850055676383&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ea47c0a7-fe26-47fe-80a8-630bc7150010
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e36cc4e6-d307-4431-a12b-98bd49f4d114
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
&https://ads.yieldmo.com/v000/sync?userid=8298961850055676383&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidswitch
match.prod.bidr.io/cookie-sync/ Frame B992
Redirect Chain
  • https://x.bidswitch.net/sync?&ssp=yieldmo
  • https://x.bidswitch.net/ul_cb/sync?&ssp=yieldmo
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=&_bee_ppp=1
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=&_bee_ppp=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
34.232.7.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-7-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=&_bee_ppp=1
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sync
ads.yieldmo.com/v000/ Frame B992
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?&ttd_pid=yieldmo
  • https://match.adsrvr.org/track/cmb/generic?&ttd_pid=yieldmo
  • https://ads.yieldmo.com/v000/sync?tdid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.208.57.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-57-183.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
181
sync
ads.yieldmo.com/ Frame B992
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?&nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=uC7vMxb8TIxn19ZOLGw0VZU4mbw
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.208.57.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-57-183.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Date
Thu, 21 Apr 2022 14:07:20 GMT
Connection
keep-alive
Content-Length
100
Content-Type
text/html; charset=utf-8
sync
sync-pp.ads.yieldmo.com/ Frame B992
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?&pid=561118&ev=1&rurl=https://sync-pp.ads.yieldmo.com/sync?userid=%%VGUID%%&pn_id=pp
  • https://sync-pp.ads.yieldmo.com/sync?userid=qLrMiP7PILrj&ev=1&pn_id=pp&pid=561118
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pp.ads.yieldmo.com/sync?userid=qLrMiP7PILrj&ev=1&pn_id=pp&pid=561118
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.84.41.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-41-110.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
location
https://sync-pp.ads.yieldmo.com/sync?userid=qLrMiP7PILrj&ev=1&pn_id=pp&pid=561118
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-588fbd8cf7-cx986
expires
-1
usync.js
eus.rubiconproject.com/ Frame 3FEB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1562bf13c9030fbda35dd0005e927a150531cdff4ad9558aba3092408cfe539b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63453
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Fri, 22 Apr 2022 07:44:52 GMT
ecm3
s.amazon-adsystem.com/ Frame F495 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=acb76ab0-e132-4b2f-8fd7-cc784a34419b
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:19 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
D4EFNXAGPKEQW2TRJDEC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F495
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-186-180.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:20 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ea6af72c-2f78-4c17-85b8-3aadc788f26e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F495
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-186-180.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:20 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame F495
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-186-180.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:20 GMT
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:20 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c25ed92a-a3f7-4350-a92a-0b323643f070
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&source_user_id=8298961850055676383
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F495
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
68 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-186-180.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:20 GMT
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
sodar
pagead2.googlesyndication.com/pagead/ Frame E48F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041401&jk=1205523081691976&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5E5B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mNbv3Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 4B08 		728 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=A0FE65C3-B086-4EBC-948F-63314685AFBC&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5e2fa0db2b47dfd4756431e7574be49e40544778046fcde5a691939b86b5a35d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 14:07:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		215 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1205523081691976&correlator=1670242361345280&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041401&ptt=17&impl=fifs&iu_parts=15184186%3A1006593%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_Right%2Cbleepingcomputer_300x250_Right_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%2C300x250%2C300x250&ifi=2&adks=2050935381%2C3947301333%2C1177222269%2C2979879440&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D53e4d1%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_728x90_970x90_970x250_320x50_ATF%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fstartups%252Frundll32.exe_streamci_StreamingDeviceSetup-747.html%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dappnexus_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.17%26hb_adid%3D136d605fd14900cb%26hb_bidder%3Dappnexus%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D36bbd9%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_728x90_320x50_InContent_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fstartups%252Frundll32.exe_streamci_StreamingDeviceSetup-747.html%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dappnexus_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D13744b41d4a09033%26hb_bidder%3Dappnexus%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D5cc9b1%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_300x250_Right%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fstartups%252Frundll32.exe_streamci_StreamingDeviceSetup-747.html%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Dappnexus_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D138c0e828a4b3036%26hb_bidder%3Dappnexus%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D5cc9b1%26floors_hour%3D14%26floors_user%3D0%26fs_placementName%3Dbleepingcomputer_300x250_Right_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%26fsbid%3Dtimeout%26fspbg%3Dfreestar%26freestar_path%3D%252Fstartups%252Frundll32.exe_streamci_StreamingDeviceSetup-747.html%26freestar_domain%3Dbleepingcomputer.com%26custom_bidder_size%3Ddistrictm_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.16%26hb_adid%3D1356bf8c44e64f62%26hb_bidder%3Ddistrictm&eri=1&cust_params=user-agent%3DChrome&sc=1&cookie_enabled=1&abxe=1&dt=1650550040245&lmt=1650550040&dlt=1650550037999&idt=708&biw=1600&bih=1200&adxs=436%2C268%2C1082%2C1082&adys=271%2C1535%2C751%2C1286&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=1170x280%7C834x1357%7C306x250%7C306x255&msz=1170x250%7C834x90%7C306x250%7C306x250&fws=4%2C4%2C4%2C516&ohw=1170%2C834%2C306%2C306&ga_vid=1680307641.1650550038&ga_sid=1650550040&ga_hid=1433585263&ga_fc=true&btvi=0%7C1%7C0%7C2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
836310c23109fa3a43f188bf6567e791a53a5441c655c95fe1a4a8e526f35d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58595
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cl_partner.html
ads.pubmatic.com/AdServer/js/ Frame 3617 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DA0FE65C3-B086-4EBC-948F-63314685AFBC%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
Requested by
Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=A0FE65C3-B086-4EBC-948F-63314685AFBC&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.29.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-14.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=99833
content-encoding
gzip
content-length
953
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:20 GMT
etag
"fa18f0-6b8-53a413358bd01"
expires
Fri, 22 Apr 2022 17:51:13 GMT
last-modified
Wed, 17 Aug 2016 09:36:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 1C35 		43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=A0FE65C3-B086-4EBC-948F-63314685AFBC&ex=pubmatic.com
Requested by
Host: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156011&s=165626&sc=1&pr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=A0FE65C3-B086-4EBC-948F-63314685AFBC&rs=3&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
FTBPGYXCYTMFANYYN5NE
i.js
mathid.mathtag.com/d/ Frame 3617 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022041401&jk=1205523081691976&bg=!urmluf3NAAZvJBiFTyQ7ACkAdvg8WiW5fU0Q5saNLKgp_azGCZnvUJob-5H3jNhUCFzhcX9PMDX6pQIAAABtUgAAAAJoAQcKAHbrG81qUjaWAzVbO8R8oM0AEYFVq2xKkarmhv5pnxpgcacg43vvS3MfDB9coMXjfd4SLXiq5Iq7UMgAfCQK1u-axm_l7q-MPCQMqI1TzgxTSA9FJgqvSgndD2HoMkLyKw8b707ywbmlE5E0MXS4tAeH9FwdiAozmQKoMCyUUrCDkk98DLQ78ZcB_3LsNUQEqd_fRZCFp_vOyfHhX3rj81BBqn7kK_GIpsWzmT_boMKMRsZ_FhL3LQwCs1EY5H3d7MRygI0gYKxEJ-bIIciUwqqknC1zwQMYC3Tqvc-Lvcgn1F3BAN8-LJMIaxXixZS3I5YKeH0NFhtWOOEpRUXlJNGYh0Ml5YWyMTwHU61qFK3D59Xe7pfVYPbpad2Fr_vekLqNcUHw_iLSKDAjME6WueqSEcwbfxqR5Ci8pCqHDE6Vx6TZigJyMvhzDAskPLU3LO2B87G4Ollh3XfI70k1VHIEDjdGvgU5rcc-gk3FCn6XQEycyaJ7OPSRic_DlOJMjbjo-or6tHrgryQydG_uj4j7700yMr8MYXLNhmcAOrJA51Ur2BHaVmOe6Wg53AgqxkuuP9I7eW25ByQbtRwiLPkAz-BlN3ttUZ5rplLvKpKslEu2IYmmS6N2lQs0rnXdr5_5tvbp0P3W4b2jqGMFewp23suw1zvjMBSz8engKQcomqBqxdAXmesvjhTnoYJNHg5fpZ97Ccl9lagzuUG6GJST6eliHL74XfBdqWKkmMveyi3kTmU34yl5ZJAVtaEVAN8A3dMbjAMkHtAe9uvXOxsuc0W9syBUcrF8e03kBFUPUkXeecAuloXJiYYNXQXBSmKEb69_4NDvXgwv3x4Gl8P8vJDRBDKMA7KvFhr6gctzZKTDk88CItiEJt4GZsJReYuy2eolqe1EJdrbo0VRXgVIkznpN_mVhXxwWy1FK4zoqG5F7eZ5Y6o24DYl9cAm-ZDP2bvPSHq0n41LKQkY8rNQl_p1PzSy2Sa7xq83AjtIO5U-PIv4G8sIw17KikWQaletaHIXIJyXFWmTyDRKSm6bIcW8eoJ8ffUT_oCN-6nWwNE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E030 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Fri, 21 Apr 2023 14:07:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bl-39123b0-2cf3ec29.js
tagan.adlightning.com/freestar/ Frame E030 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-39123b0-2cf3ec29.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:08:16 GMT
content-encoding
gzip
age
71945
x-cache
Hit from cloudfront
content-length
15983
x-amz-meta-git_commit
39123b0
last-modified
Wed, 20 Apr 2022 17:52:00 GMT
server
AmazonS3
etag
"3b8ff07a947ae1c9ae1df76532af4ffe"
x-amz-version-id
kyo7b6lKvcmVJT50m9PfrisKj8wBbq4L
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
2c4Ey1FBPPF772ADh16k8AKDk2uC3_ZweProsuIJJZYvtk-7L70lRw==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame E030 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 23:47:42 GMT
content-encoding
gzip
age
656379
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
XrUzdLiYUUqJfKzsu6GCBiLicUEUthjdYq0vcaCSSVd_iQyh-1fU-g==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5ABF 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYtdrKxgEwAQ&v=APEucNU2reyPplIw1q5g_LCxlfCO4_HpMWHND6crwU5SV0tJbZ1UzI0h0tf4nr0pyYrWF0glMmoom0R65J7W9eIR5rJM9FxjkQ
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:21 GMT
expires
Thu, 21 Apr 2022 14:07:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CD59 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBa8XKPAplBNeuBv-9WXHuNGapSQTTLLhtnfmuMxigAGQIjJYUIE4TVOWkfiBWDBSoohdqzB3iFQWKNo7jE6AS6QKWtsFt0vkeQzrM37tBBoDw5XRqxqqNNvdxsg4fmusFMb1MKSL136w0E6EaB6SQTT3kBQ&dbm_d=AKAmf-DO7e06KFLdBlxla-2SFxGpRKkmnDrpvCY-I_z6DQrAQrCtwQY1_yY1ELPKu6PR13vgP7tn8gGtyHqKCBe-m8MR7fCubOV97LqpyB0JoYQwg2u8b5H0hgrJpsBix9eUnlkAVMxe5tpcDc5fv_JaYVpujgY3nKjn9XuM5ZdhSL6YyMNqJl_a-X0f-JtDDNp3pORyGX_x2K8xgFG0Pap3p0UTn5uZP5YIWrZR8i5XsZvS_7rbfrCQ77PGg6nd7HVx4sjJdyy6ITA2swhaby72UXeyINAjdul9yUmAVhDzyndnQ-omc8HvIUwak3TuVDHzmokJX0HUMZN-fMmGh0Bi6GhMPvmTgOiqV2P5FBJHrJLXLj8MLxpvKFxEG3Vqr3SMmYYp_lPHfrnBwO-wlk6aitl0Vt33wx3lhfYs8yma2DsukgOOofbAxvo-nxbf39dWjNqnzqhTg0LakYJPTg34Fny9icd0ahDvYPeRsUhyNlWd1pLDvmyaYepfkJnay0jGn_jTv9vxGyAZgjbarrX9hSUjDdMHcxTMiyA_TlAPeaLYaOqKlm4QOtFxOQ_6T6DcvV3A3ail1-LVEYNZQUmwqHTcganl7HBEgRqvkvXOfbu2OmEAAaR9pdYMCipHkbY1rHIv58HYEydeSVtZzgutWBiiR7fqT5IsoQNzq3zLpQ-akM5tze3XFz6qHJunYJ61UIMlAm5dM_W591gJqYvtcUs7iysEET_L58ruD3qo4i2Nnb7qHIoHhqBwVdrcvww7Mjtk9ZfqPiP9jSmcs01bTRyKtFP_VwLM8iWd8ChCO7Du16vvce-aQxCem1H3hL1lYbyU9vBUrPybe2yi9WsEcOAgLiQWD-F-AA5g6-7J694MVEyZCNP89GUvhQJl46eb2qpLmmYT1rT1iFL1fCLGA69DBDJcWjx60LlqUSwskQBx4ROoa8b7mc-EcI8ytDn4pmZBZdmNRUUYkEVC4qlfXqYnnVLg2cDX2ekHm3kpyqoknUEB1M9Uf3RzYwToZlUCdiJTTXkXHE4KSxt6LdOrwnMEPgKUhYCcDDrMM3PgdUsPD2Ckc9EmzJcDEp8rQ9MmSXJmtnKUwFvqbNxIyjiClfwOgUu2j8238t0jfDsQ42vMkINywMsimT9WjG12qQpmUX-rrP3NM-GefYtb9tqGBT1PvCYrxhqCV9XMnKBmIS507sRj-8lioaqR-Th_4URAwgPkQMj-rs0Y6RAFY7rDh-Z4AIB-ufkWWcAPJst63PGCjtw3sdxY4qWdgBmB9DAzIXgUImmcJ_Oo371nXK4_LD4065JT8dWBplTAoXVVi-HkkDUeWCqdE596pFuS7v-mldCHQUBek9anTeGGVo0CytWWJ0Y_ss9bRzm4EirphivjildGKKLDniSM8dT9jbcdzqYg2ZdgXAj8KQitxWwlKi6SxCCrKCQfidF65jQeF9NLXT5m6upgv3hZS8w-FhNF4NCopeB1DqvCwcCiyw5AHTukZnhwBj_NpO340Vxr2pyVeMnpSsrd8gijUOU99NOcNkWCPLBngE8jnH5LCBnZU75B4AdRU9M9XgrNxYrHSzDnuPyV63EGKMJvpfUlUwP8ooYVpIajH1lN5631W6_7M_5VxG3EzmVFw7_WsCD9RseLlYfgh0W9UGz2dsrSIeUmTtbO7PixgHBCGdTiykG8J13SBbocHOXntjXi4LWzsMKQwiK3JH6qG2tcGcM3gxf8eHz3Q0ZC-DdEtmXF9Osb_SZpp7hwKed1g0thLWPYuxWrZCCmGaHI9JF3RRGyt7rVo4-CsKPTZYGmHPKbE6Kv8EYNLRwxaeWvvt0kkmjeCTDpIOAdSvGiUIcXKI5OoMpA6DSRroqp6lVEpgOwMdG6BazCwT9c37fHjByOZZYctTrT1ucACWBgLMyvvCrvuxUW1MsHSTNypApFD42tALj6Czq2nTgo3alxuNhcf-ScdBjxgN27GWZ6qh2wRzM-tvCttJ9OwDBtZkaGcx9sb_HymYY5KiuePkqNxVhPgIQrHwODUHlF-GJQxBWMWhzYQIblur4Z2S0RDP9hc5BvM4YO11Eb7upf_esGko-j6RbqlOl6-qihFZ_eFu0QAZ0R1md2mmv4vLYwy-rjqHMlDObwYX7BvvCILcy7RRCPjdBd6bRWrwzavjELjKrXHhGMGg43YOI8v6o8csRCHCcmyiK50bqYpwKlVG7P5AR3dOfSjJ2rzEMw_jHRxqIlu-GOjrrMPpmrMf-_gpX2ZMVIoWROgkjq0BsaltncRp54Z-ID2Y6BlNn-Ox2Nqxp7UBbvL7i9iEfoBHO7rR31zyzMo214w1KG9EGHBZuySKxuZl0tJ4yPE_wY3GIlzrVrs-n4U_PF8SmRASNfuNOkb7yR6e9mzsJs3_9q2exOjMc4HiBXpBH2eM7mWsl04x21Ljro1_gDOc7D5WwSbMNbNvEtmf-ChM-xr88BZSu0GIkViwq1y4HbRCEoRWKQZ1ojsPqgPgvlbGlUbz-u3xWOZRUKxa_osmjM2iTI0ZHT3crZDxuk8BTYiP5QBboPax3MC6F8OfyRjK8n-BcReHy3DNiYpyOjvumBI0FXSalcWBFIj4IbRoUu2zyOb6kHSI1uYrrfoN7g6nIy8ynqtWusxfwPTEeWRx6xz_9IHeVQqnAXir_nvS4ggDhmS-sKbzhkY3zJDWEGEEkvE3_jdqcwHtIV8yOejBijHWMW3TYHORNV2HwYNVkbNt7fUYRqXPBsURhwTqiDfGj-g377PXeVD1sNXliq06KyKp5q158-yAFFK9S50oOWGHquzelIlcsP9mKYmaN6sD-fCJPYCOkTnOx1LHpBCG3zJxI_dBV89MsaaCiA6pN_E8W68fIq6e8b0iBTvwq60QX_oJCpf3rJURfcgzFjwFy-M5XlkP94ro3DkHUSJYQx8WvsKNYbr7rfy8ogEYYbPQKNQa8T_WkGeFjJjTuFoR1wb34zok3DZu46XLEl_crB_V-rP4R3-KW8m3TzHgl3CV55T9K142VI0fPzCPA_Q_4d0nbFNRk3f61PHUms1y2Z9m9qHy6wb60VGv-S7NehAGEo32c5VNCj6RdjiMJmi4gUdN-DQwjwdTpVaqON9gNX7V0dEZpHNmQLTAnY5oD7YyRQwkG6_JbKdwRRaMaUcN9u2mm6kgkPkbxxghNWEAASYvvdD4puRiLTnWIC21TmvtGBQweo5ISxrTTxEt8Zgp263Gw0ew-l-Y0018yFMqGX-vVJkGm-1b13aqs9Ba66TgPt30h26IGsdz0-lZtNjbCSLhKFQhiCWutrF2Qq-sY19j67-A0fPU-Yc27e1zmfngDPodZWTEQ_o25TaeuULjkTNtMATXz4AQ9-hYSwI9-KRVJWeYU&cid=CAASJ-Ro9p3OqXxmnOamTASwl4MRLKDH8PZK1KZuWeqfAhQdhKipOlfWIQ&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
160796bff376e80711994b4cc84713d78049425aa26323e08defd3ae6d377d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33102
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CD59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD59 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CD59 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:06:13 GMT
l
www.google.com/ads/measurement/ Frame CD59 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgWBeW-0rasliM8vl_NhLNI9tZxQlfzUksHboNdjK1tw7InVcvtJLXvPJMZ9ZYzEcGs-rmEi_hhPRMt6Lx-qwWkZTfJg
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD59 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bb2_QjbGKWhRqgxTSaQL_FciUI_YCzHUb64EQNq_hwhBxEi2sr8LiO4KB9q87O18PUHibAdRlc2PlCJb-NEHWJl63lHkUvOLDrYCQF1yP-cTiYv7w
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
rum
dsum-sec.casalemedia.com/ Frame 5ABF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYtdrKxgEwAQ&v=APEucNU2reyPplIw1q5g_LCxlfCO4_HpMWHND6crwU5SV0tJbZ1UzI0h0tf4nr0pyYrWF0glMmoom0R65J7W9eIR5rJM9FxjkQ
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:21 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 21 Apr 2022 14:07:21 GMT
rum
dsum-sec.casalemedia.com/ Frame 5ABF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmFlGfV39O7YkU9AHCXGRQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYtdrKxgEwAQ&v=APEucNU2reyPplIw1q5g_LCxlfCO4_HpMWHND6crwU5SV0tJbZ1UzI0h0tf4nr0pyYrWF0glMmoom0R65J7W9eIR5rJM9FxjkQ
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK4glnwDV2nk1iopqJc8zzI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5ABF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKco65gxobzSSnm4YSVMPVU&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKco65gxobzSSnm4YSVMPVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYtdrKxgEwAQ&v=APEucNU2reyPplIw1q5g_LCxlfCO4_HpMWHND6crwU5SV0tJbZ1UzI0h0tf4nr0pyYrWF0glMmoom0R65J7W9eIR5rJM9FxjkQ
Protocol
HTTP/1.1
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:21 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c27338ec-701f-4471-9d8a-779cf8138b7d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKco65gxobzSSnm4YSVMPVU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5ABF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5ODk2MTg1MDA1NTY3NjM4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5ODk2MTg1MDA1NTY3NjM4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBELzjgAIYtdrKxgEwAQ&v=APEucNU2reyPplIw1q5g_LCxlfCO4_HpMWHND6crwU5SV0tJbZ1UzI0h0tf4nr0pyYrWF0glMmoom0R65J7W9eIR5rJM9FxjkQ
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:21 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
52e7c747-1711-493e-99aa-7e6c28e4c298
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI5ODk2MTg1MDA1NTY3NjM4Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CD59 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Origin
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 06:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 06:50:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame CD59 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBa8XKPAplBNeuBv-9WXHuNGapSQTTLLhtnfmuMxigAGQIjJYUIE4TVOWkfiBWDBSoohdqzB3iFQWKNo7jE6AS6QKWtsFt0vkeQzrM37tBBoDw5XRqxqqNNvdxsg4fmusFMb1MKSL136w0E6EaB6SQTT3kBQ&dbm_d=AKAmf-DO7e06KFLdBlxla-2SFxGpRKkmnDrpvCY-I_z6DQrAQrCtwQY1_yY1ELPKu6PR13vgP7tn8gGtyHqKCBe-m8MR7fCubOV97LqpyB0JoYQwg2u8b5H0hgrJpsBix9eUnlkAVMxe5tpcDc5fv_JaYVpujgY3nKjn9XuM5ZdhSL6YyMNqJl_a-X0f-JtDDNp3pORyGX_x2K8xgFG0Pap3p0UTn5uZP5YIWrZR8i5XsZvS_7rbfrCQ77PGg6nd7HVx4sjJdyy6ITA2swhaby72UXeyINAjdul9yUmAVhDzyndnQ-omc8HvIUwak3TuVDHzmokJX0HUMZN-fMmGh0Bi6GhMPvmTgOiqV2P5FBJHrJLXLj8MLxpvKFxEG3Vqr3SMmYYp_lPHfrnBwO-wlk6aitl0Vt33wx3lhfYs8yma2DsukgOOofbAxvo-nxbf39dWjNqnzqhTg0LakYJPTg34Fny9icd0ahDvYPeRsUhyNlWd1pLDvmyaYepfkJnay0jGn_jTv9vxGyAZgjbarrX9hSUjDdMHcxTMiyA_TlAPeaLYaOqKlm4QOtFxOQ_6T6DcvV3A3ail1-LVEYNZQUmwqHTcganl7HBEgRqvkvXOfbu2OmEAAaR9pdYMCipHkbY1rHIv58HYEydeSVtZzgutWBiiR7fqT5IsoQNzq3zLpQ-akM5tze3XFz6qHJunYJ61UIMlAm5dM_W591gJqYvtcUs7iysEET_L58ruD3qo4i2Nnb7qHIoHhqBwVdrcvww7Mjtk9ZfqPiP9jSmcs01bTRyKtFP_VwLM8iWd8ChCO7Du16vvce-aQxCem1H3hL1lYbyU9vBUrPybe2yi9WsEcOAgLiQWD-F-AA5g6-7J694MVEyZCNP89GUvhQJl46eb2qpLmmYT1rT1iFL1fCLGA69DBDJcWjx60LlqUSwskQBx4ROoa8b7mc-EcI8ytDn4pmZBZdmNRUUYkEVC4qlfXqYnnVLg2cDX2ekHm3kpyqoknUEB1M9Uf3RzYwToZlUCdiJTTXkXHE4KSxt6LdOrwnMEPgKUhYCcDDrMM3PgdUsPD2Ckc9EmzJcDEp8rQ9MmSXJmtnKUwFvqbNxIyjiClfwOgUu2j8238t0jfDsQ42vMkINywMsimT9WjG12qQpmUX-rrP3NM-GefYtb9tqGBT1PvCYrxhqCV9XMnKBmIS507sRj-8lioaqR-Th_4URAwgPkQMj-rs0Y6RAFY7rDh-Z4AIB-ufkWWcAPJst63PGCjtw3sdxY4qWdgBmB9DAzIXgUImmcJ_Oo371nXK4_LD4065JT8dWBplTAoXVVi-HkkDUeWCqdE596pFuS7v-mldCHQUBek9anTeGGVo0CytWWJ0Y_ss9bRzm4EirphivjildGKKLDniSM8dT9jbcdzqYg2ZdgXAj8KQitxWwlKi6SxCCrKCQfidF65jQeF9NLXT5m6upgv3hZS8w-FhNF4NCopeB1DqvCwcCiyw5AHTukZnhwBj_NpO340Vxr2pyVeMnpSsrd8gijUOU99NOcNkWCPLBngE8jnH5LCBnZU75B4AdRU9M9XgrNxYrHSzDnuPyV63EGKMJvpfUlUwP8ooYVpIajH1lN5631W6_7M_5VxG3EzmVFw7_WsCD9RseLlYfgh0W9UGz2dsrSIeUmTtbO7PixgHBCGdTiykG8J13SBbocHOXntjXi4LWzsMKQwiK3JH6qG2tcGcM3gxf8eHz3Q0ZC-DdEtmXF9Osb_SZpp7hwKed1g0thLWPYuxWrZCCmGaHI9JF3RRGyt7rVo4-CsKPTZYGmHPKbE6Kv8EYNLRwxaeWvvt0kkmjeCTDpIOAdSvGiUIcXKI5OoMpA6DSRroqp6lVEpgOwMdG6BazCwT9c37fHjByOZZYctTrT1ucACWBgLMyvvCrvuxUW1MsHSTNypApFD42tALj6Czq2nTgo3alxuNhcf-ScdBjxgN27GWZ6qh2wRzM-tvCttJ9OwDBtZkaGcx9sb_HymYY5KiuePkqNxVhPgIQrHwODUHlF-GJQxBWMWhzYQIblur4Z2S0RDP9hc5BvM4YO11Eb7upf_esGko-j6RbqlOl6-qihFZ_eFu0QAZ0R1md2mmv4vLYwy-rjqHMlDObwYX7BvvCILcy7RRCPjdBd6bRWrwzavjELjKrXHhGMGg43YOI8v6o8csRCHCcmyiK50bqYpwKlVG7P5AR3dOfSjJ2rzEMw_jHRxqIlu-GOjrrMPpmrMf-_gpX2ZMVIoWROgkjq0BsaltncRp54Z-ID2Y6BlNn-Ox2Nqxp7UBbvL7i9iEfoBHO7rR31zyzMo214w1KG9EGHBZuySKxuZl0tJ4yPE_wY3GIlzrVrs-n4U_PF8SmRASNfuNOkb7yR6e9mzsJs3_9q2exOjMc4HiBXpBH2eM7mWsl04x21Ljro1_gDOc7D5WwSbMNbNvEtmf-ChM-xr88BZSu0GIkViwq1y4HbRCEoRWKQZ1ojsPqgPgvlbGlUbz-u3xWOZRUKxa_osmjM2iTI0ZHT3crZDxuk8BTYiP5QBboPax3MC6F8OfyRjK8n-BcReHy3DNiYpyOjvumBI0FXSalcWBFIj4IbRoUu2zyOb6kHSI1uYrrfoN7g6nIy8ynqtWusxfwPTEeWRx6xz_9IHeVQqnAXir_nvS4ggDhmS-sKbzhkY3zJDWEGEEkvE3_jdqcwHtIV8yOejBijHWMW3TYHORNV2HwYNVkbNt7fUYRqXPBsURhwTqiDfGj-g377PXeVD1sNXliq06KyKp5q158-yAFFK9S50oOWGHquzelIlcsP9mKYmaN6sD-fCJPYCOkTnOx1LHpBCG3zJxI_dBV89MsaaCiA6pN_E8W68fIq6e8b0iBTvwq60QX_oJCpf3rJURfcgzFjwFy-M5XlkP94ro3DkHUSJYQx8WvsKNYbr7rfy8ogEYYbPQKNQa8T_WkGeFjJjTuFoR1wb34zok3DZu46XLEl_crB_V-rP4R3-KW8m3TzHgl3CV55T9K142VI0fPzCPA_Q_4d0nbFNRk3f61PHUms1y2Z9m9qHy6wb60VGv-S7NehAGEo32c5VNCj6RdjiMJmi4gUdN-DQwjwdTpVaqON9gNX7V0dEZpHNmQLTAnY5oD7YyRQwkG6_JbKdwRRaMaUcN9u2mm6kgkPkbxxghNWEAASYvvdD4puRiLTnWIC21TmvtGBQweo5ISxrTTxEt8Zgp263Gw0ew-l-Y0018yFMqGX-vVJkGm-1b13aqs9Ba66TgPt30h26IGsdz0-lZtNjbCSLhKFQhiCWutrF2Qq-sY19j67-A0fPU-Yc27e1zmfngDPodZWTEQ_o25TaeuULjkTNtMATXz4AQ9-hYSwI9-KRVJWeYU&cid=CAASJ-Ro9p3OqXxmnOamTASwl4MRLKDH8PZK1KZuWeqfAhQdhKipOlfWIQ&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:02:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame CD59 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBa8XKPAplBNeuBv-9WXHuNGapSQTTLLhtnfmuMxigAGQIjJYUIE4TVOWkfiBWDBSoohdqzB3iFQWKNo7jE6AS6QKWtsFt0vkeQzrM37tBBoDw5XRqxqqNNvdxsg4fmusFMb1MKSL136w0E6EaB6SQTT3kBQ&dbm_d=AKAmf-DO7e06KFLdBlxla-2SFxGpRKkmnDrpvCY-I_z6DQrAQrCtwQY1_yY1ELPKu6PR13vgP7tn8gGtyHqKCBe-m8MR7fCubOV97LqpyB0JoYQwg2u8b5H0hgrJpsBix9eUnlkAVMxe5tpcDc5fv_JaYVpujgY3nKjn9XuM5ZdhSL6YyMNqJl_a-X0f-JtDDNp3pORyGX_x2K8xgFG0Pap3p0UTn5uZP5YIWrZR8i5XsZvS_7rbfrCQ77PGg6nd7HVx4sjJdyy6ITA2swhaby72UXeyINAjdul9yUmAVhDzyndnQ-omc8HvIUwak3TuVDHzmokJX0HUMZN-fMmGh0Bi6GhMPvmTgOiqV2P5FBJHrJLXLj8MLxpvKFxEG3Vqr3SMmYYp_lPHfrnBwO-wlk6aitl0Vt33wx3lhfYs8yma2DsukgOOofbAxvo-nxbf39dWjNqnzqhTg0LakYJPTg34Fny9icd0ahDvYPeRsUhyNlWd1pLDvmyaYepfkJnay0jGn_jTv9vxGyAZgjbarrX9hSUjDdMHcxTMiyA_TlAPeaLYaOqKlm4QOtFxOQ_6T6DcvV3A3ail1-LVEYNZQUmwqHTcganl7HBEgRqvkvXOfbu2OmEAAaR9pdYMCipHkbY1rHIv58HYEydeSVtZzgutWBiiR7fqT5IsoQNzq3zLpQ-akM5tze3XFz6qHJunYJ61UIMlAm5dM_W591gJqYvtcUs7iysEET_L58ruD3qo4i2Nnb7qHIoHhqBwVdrcvww7Mjtk9ZfqPiP9jSmcs01bTRyKtFP_VwLM8iWd8ChCO7Du16vvce-aQxCem1H3hL1lYbyU9vBUrPybe2yi9WsEcOAgLiQWD-F-AA5g6-7J694MVEyZCNP89GUvhQJl46eb2qpLmmYT1rT1iFL1fCLGA69DBDJcWjx60LlqUSwskQBx4ROoa8b7mc-EcI8ytDn4pmZBZdmNRUUYkEVC4qlfXqYnnVLg2cDX2ekHm3kpyqoknUEB1M9Uf3RzYwToZlUCdiJTTXkXHE4KSxt6LdOrwnMEPgKUhYCcDDrMM3PgdUsPD2Ckc9EmzJcDEp8rQ9MmSXJmtnKUwFvqbNxIyjiClfwOgUu2j8238t0jfDsQ42vMkINywMsimT9WjG12qQpmUX-rrP3NM-GefYtb9tqGBT1PvCYrxhqCV9XMnKBmIS507sRj-8lioaqR-Th_4URAwgPkQMj-rs0Y6RAFY7rDh-Z4AIB-ufkWWcAPJst63PGCjtw3sdxY4qWdgBmB9DAzIXgUImmcJ_Oo371nXK4_LD4065JT8dWBplTAoXVVi-HkkDUeWCqdE596pFuS7v-mldCHQUBek9anTeGGVo0CytWWJ0Y_ss9bRzm4EirphivjildGKKLDniSM8dT9jbcdzqYg2ZdgXAj8KQitxWwlKi6SxCCrKCQfidF65jQeF9NLXT5m6upgv3hZS8w-FhNF4NCopeB1DqvCwcCiyw5AHTukZnhwBj_NpO340Vxr2pyVeMnpSsrd8gijUOU99NOcNkWCPLBngE8jnH5LCBnZU75B4AdRU9M9XgrNxYrHSzDnuPyV63EGKMJvpfUlUwP8ooYVpIajH1lN5631W6_7M_5VxG3EzmVFw7_WsCD9RseLlYfgh0W9UGz2dsrSIeUmTtbO7PixgHBCGdTiykG8J13SBbocHOXntjXi4LWzsMKQwiK3JH6qG2tcGcM3gxf8eHz3Q0ZC-DdEtmXF9Osb_SZpp7hwKed1g0thLWPYuxWrZCCmGaHI9JF3RRGyt7rVo4-CsKPTZYGmHPKbE6Kv8EYNLRwxaeWvvt0kkmjeCTDpIOAdSvGiUIcXKI5OoMpA6DSRroqp6lVEpgOwMdG6BazCwT9c37fHjByOZZYctTrT1ucACWBgLMyvvCrvuxUW1MsHSTNypApFD42tALj6Czq2nTgo3alxuNhcf-ScdBjxgN27GWZ6qh2wRzM-tvCttJ9OwDBtZkaGcx9sb_HymYY5KiuePkqNxVhPgIQrHwODUHlF-GJQxBWMWhzYQIblur4Z2S0RDP9hc5BvM4YO11Eb7upf_esGko-j6RbqlOl6-qihFZ_eFu0QAZ0R1md2mmv4vLYwy-rjqHMlDObwYX7BvvCILcy7RRCPjdBd6bRWrwzavjELjKrXHhGMGg43YOI8v6o8csRCHCcmyiK50bqYpwKlVG7P5AR3dOfSjJ2rzEMw_jHRxqIlu-GOjrrMPpmrMf-_gpX2ZMVIoWROgkjq0BsaltncRp54Z-ID2Y6BlNn-Ox2Nqxp7UBbvL7i9iEfoBHO7rR31zyzMo214w1KG9EGHBZuySKxuZl0tJ4yPE_wY3GIlzrVrs-n4U_PF8SmRASNfuNOkb7yR6e9mzsJs3_9q2exOjMc4HiBXpBH2eM7mWsl04x21Ljro1_gDOc7D5WwSbMNbNvEtmf-ChM-xr88BZSu0GIkViwq1y4HbRCEoRWKQZ1ojsPqgPgvlbGlUbz-u3xWOZRUKxa_osmjM2iTI0ZHT3crZDxuk8BTYiP5QBboPax3MC6F8OfyRjK8n-BcReHy3DNiYpyOjvumBI0FXSalcWBFIj4IbRoUu2zyOb6kHSI1uYrrfoN7g6nIy8ynqtWusxfwPTEeWRx6xz_9IHeVQqnAXir_nvS4ggDhmS-sKbzhkY3zJDWEGEEkvE3_jdqcwHtIV8yOejBijHWMW3TYHORNV2HwYNVkbNt7fUYRqXPBsURhwTqiDfGj-g377PXeVD1sNXliq06KyKp5q158-yAFFK9S50oOWGHquzelIlcsP9mKYmaN6sD-fCJPYCOkTnOx1LHpBCG3zJxI_dBV89MsaaCiA6pN_E8W68fIq6e8b0iBTvwq60QX_oJCpf3rJURfcgzFjwFy-M5XlkP94ro3DkHUSJYQx8WvsKNYbr7rfy8ogEYYbPQKNQa8T_WkGeFjJjTuFoR1wb34zok3DZu46XLEl_crB_V-rP4R3-KW8m3TzHgl3CV55T9K142VI0fPzCPA_Q_4d0nbFNRk3f61PHUms1y2Z9m9qHy6wb60VGv-S7NehAGEo32c5VNCj6RdjiMJmi4gUdN-DQwjwdTpVaqON9gNX7V0dEZpHNmQLTAnY5oD7YyRQwkG6_JbKdwRRaMaUcN9u2mm6kgkPkbxxghNWEAASYvvdD4puRiLTnWIC21TmvtGBQweo5ISxrTTxEt8Zgp263Gw0ew-l-Y0018yFMqGX-vVJkGm-1b13aqs9Ba66TgPt30h26IGsdz0-lZtNjbCSLhKFQhiCWutrF2Qq-sY19j67-A0fPU-Yc27e1zmfngDPodZWTEQ_o25TaeuULjkTNtMATXz4AQ9-hYSwI9-KRVJWeYU&cid=CAASJ-Ro9p3OqXxmnOamTASwl4MRLKDH8PZK1KZuWeqfAhQdhKipOlfWIQ&rfl=2%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:59:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CD59 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 09:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 09:07:05 GMT
truncated
/ Frame CD59 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bed9c7bf5dd43601db274be799bf05929aa7d058aa410464739bd3dbbc2a240

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BAF8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 00:34:44 GMT
expires
Fri, 21 Apr 2023 00:34:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F8CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Fri, 21 Apr 2023 14:07:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Fri, 21 Apr 2023 14:07:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Fri, 21 Apr 2023 14:07:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 41A3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:19 GMT
expires
Fri, 21 Apr 2023 14:07:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
moatad.js
z.moatads.com/essencedigitalna20153870852878/ Frame CD59 		331 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/essencedigitalna20153870852878/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
427d49bcf21334abdb425ace6cd1660bd96db64ae3be25be152045a730377206

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 16:12:19 GMT
server
AmazonS3
x-amz-request-id
KHXXHAHXYWGVETGJ
etag
"ceb3ee99f99d40ba879b2b5fb2dac2cd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19373
accept-ranges
bytes
content-length
112621
x-amz-id-2
WUErktumvrAVA++oCuj7qBxj3YBf/lFbTEAiUCEbbJw/nddOQxTNPypGPwNfwvVKleOZdlrYXzw=
index.html
s0.2mdn.net/3771812/1845205225853235/ Frame 3272 		182 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/3771812/1845205225853235/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c479391701d51b6cc1b06c886ad082d5961a5eb90229e96bc0c5d176dfc3882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
36122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
28211
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 04:05:19 GMT
expires
Fri, 22 Apr 2022 04:05:19 GMT
last-modified
Tue, 15 Mar 2022 16:59:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CD59 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsur-hwmxWKob_rL_8tVZ8MFTgKvZUGofVcFwhDBBn2vnVFWJodVkLPvVKzF0LXoGqWzVpWQ0fZSX_VipNyMYmhlRjG7r0fgfO5yjsmGM2M_Ru2a2vvG5IR0nSVKg_d3e57--Y8u8zkxfDkk8epoBseFnOa8CNzbKLLJ9_0NrpP14WoL67GAy7E2_xHZGORav0UKBGCYYcNuElx4bR0HZ-Fmr3kqcY83Swap3YGi3B26y4fvCbpknAQVJW-Ek8hy4xyVfPInooDO64J9s2T2t7y0u9rVdMDua9d7tPwXizu8JHfRn32V0ESQq7ppWD2LN9Sww7w4T99xKxsKm9MyLH8dD052igXq08_ZpN3LYvJ-_KYVIC_qhHwDO9nn8ZIkn55i0pFC1ujCa0bS9Eg4MWZS4DOvTkbkkOisVpoW8ySH0v0WMemtAjuQV7FT2Nn1VTK8ZsnNDVqCRED-gsm_Hu9JMV2I5bWdvkVynk0mHFvQHWRnDX0SOsReqXO98aayWa0wnE8ubNx1AXnKu1llzKyAKYTg7rK1weI1o-c8ES2lJmOLcBDQQFZ1TP_tR48XnwpgPMpA44V7B8huXC1vtGAji-JxDKDaj0hUOq1-iGeEPQei-2i1Fla7CSjsTUje4pgnEYJY_8IlRS_dGvEbQEK1B2V9wg-_ex5EkHu1VWXqaNRU9fpRYDtCLMH7OBSac5CUhVYflHjzF_iL0ySEJaXvD7R_z8Npy3t66uCVTZAqGXxMPiScT6MpKRXnOSN38U1ztxnO1kfi6gCKCRlG10zsKukAb1WSqjQvtSs3RgeVxgOsa-b97_Dv3ghn5zV60vQ1TDaG76hsVivy5ddXARmVEVMs0Gn1-ZwRUSAJxATleDv_-VdiNJgXvEWZDwke2KvVTCaMW-DV-2XgrXTE-ZfUl0MPIgx3GxTLooGo0FXoedkohFdla-0uMSDcLihWxqDYESpM8GBcOq33l9gGITrWi2ApCaFHNPZU-_LGqmLk1HUz1ft-7GkoxmokxJf6ZP_6elnX3TTwOCKVLoIWXE7APBGCTWSh3A_h_dC57gGpNAx0uYDdXLqNUgoeoffMprDT5UEHsJ4zvueC9oplJV95EMdpGwythaFCz26VwCpsbUcvlZQQFOlIBZ3ssMqREGKK9-2oqpiLqaiHYqq7Sw9LkrKfpHlhpY-9U--ImktCJVkg&sai=AMfl-YTh2ey8C6yrJQnRvENt007GB0TvoNHmXh-FTnEEAOWjzZ7I4Yv3bIpFGMGooM2ibdbIXgR0llxWxr3LUSNlhV81kQxwOG0nFPkCsQgGh7bJ9eN__-YA-KGRQ58Sax5Mty0ZIxppuPBUnFzjti0CfgjN5v7eHNMJsYiNu3lv7Xwdg-C5ECwavRjKRXgsvr6_qV2BLR6JqmgirEPGLjWIMyqMlekmxe4&sig=Cg0ArKJSzHkq7dnD9HylEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=363&cbvp=1&cstd=360&cisv=r20220413.67001&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 21 Apr 2022 14:07:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
beacon
tag.researchnow.com/t/ Frame CD59 		42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.researchnow.com/t/beacon?pr=286885&adn=3&ca=27391841&si=6022511&pl=332299257&cr=168090932&ord=203690996
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-85.iad89.r.cloudfront.net
Software
Apache/2.4.52 () / PHP/7.2.34
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 13:45:30 GMT
via
1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
server
Apache/2.4.52 ()
age
1311
x-powered-by
PHP/7.2.34
x-cache
Hit from cloudfront
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-pop
IAD89-P1
content-type
image/gif
content-length
42
x-amz-cf-id
EB1iHSFgpLgJ2vw5OqbixJkzZpbGWWshhudL6awa-tkJcjxn7LGe6w==
expires
0
bl-39123b0-2cf3ec29.js
tagan.adlightning.com/freestar/ Frame F8CE 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-39123b0-2cf3ec29.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:08:16 GMT
content-encoding
gzip
age
71946
x-cache
Hit from cloudfront
content-length
15983
x-amz-meta-git_commit
39123b0
last-modified
Wed, 20 Apr 2022 17:52:00 GMT
server
AmazonS3
etag
"3b8ff07a947ae1c9ae1df76532af4ffe"
x-amz-version-id
kyo7b6lKvcmVJT50m9PfrisKj8wBbq4L
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
3LtMATMzYkR_4YkngOjSZZrmmQhgFtsMS3-K7fpcUvzqSO9ajaZU9g==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame F8CE 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 23:47:42 GMT
content-encoding
gzip
age
656380
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
hz9GgztqHXivhY5MIbbEAmCSHagTt8NXphbEJkzUedajfFyVoQIabA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8CE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DySOyeRiT9UG6ER9_mPPHKSLs-8T9QMIBJJAg0G0hZsNFoqzzZ9PjUdtdb8HaiVKKXpSHL4cUUjh5k2e-2sLL30D_tVKsH6qbI-xduSE5GBNo7S2g
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F8CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8CE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F8CE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:06:13 GMT
l
www.google.com/ads/measurement/ Frame F8CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSu8S1VqQipJSXxQdf3DAkovkfgNi8O9zGMxBxCHvRXdVQiSmPnkBLy1B9t97pdeawUyQuf4GMQ_fujjiPzpPtZKIwZNg
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
bl-39123b0-2cf3ec29.js
tagan.adlightning.com/freestar/ Frame 28F1 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-39123b0-2cf3ec29.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:08:16 GMT
content-encoding
gzip
age
71946
x-cache
Hit from cloudfront
content-length
15983
x-amz-meta-git_commit
39123b0
last-modified
Wed, 20 Apr 2022 17:52:00 GMT
server
AmazonS3
etag
"3b8ff07a947ae1c9ae1df76532af4ffe"
x-amz-version-id
kyo7b6lKvcmVJT50m9PfrisKj8wBbq4L
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
PcxrgDuCQaGNAkouPQqdZFRrHArqIVFUkDQLr2CSS9o_BzyA_FjdEw==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 28F1 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 23:47:42 GMT
content-encoding
gzip
age
656380
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
i3rOeNA0UaMx9qg9LdKTAT7GtW8dx1_96lnIiHySGF62ktR99q34SQ==
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 28F1 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:56:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 28F1 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:49:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 28F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 28F1 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 28F1 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:06:13 GMT
l
www.google.com/ads/measurement/ Frame 28F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8EbuinnIXpi706Wl0qF2QgcFcfP6BY3K_t8Y8Vwera3NODeTpck4jlw7zFd9sFDv5aGgQMNx5wVVzPhI6dnEpve59Gw
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
3bde1d5944145a46a8b91d920db5ec4d.js
www.gstatic.com/mysidia/ Frame 28F1 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12194
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 13:40:32 GMT
bl-39123b0-2cf3ec29.js
tagan.adlightning.com/freestar/ Frame 8F44 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-39123b0-2cf3ec29.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:08:16 GMT
content-encoding
gzip
age
71946
x-cache
Hit from cloudfront
content-length
15983
x-amz-meta-git_commit
39123b0
last-modified
Wed, 20 Apr 2022 17:52:00 GMT
server
AmazonS3
etag
"3b8ff07a947ae1c9ae1df76532af4ffe"
x-amz-version-id
kyo7b6lKvcmVJT50m9PfrisKj8wBbq4L
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ZOvHC4HPhr6tyjq6HylQMUqopaXwikeb70XRGSg4ZHtmoNA3SB1JTA==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 8F44 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 23:47:42 GMT
content-encoding
gzip
age
656380
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ZEBEVmD3oM3uwtfWfvixafx201CA-SWoWvgp5A50HGXJFpcXXcQmww==
css
fonts.googleapis.com/ Frame 8F44 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 13:27:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Apr 2022 14:07:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Apr 2022 14:07:21 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8F44 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:56:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:56:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 8F44 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:49:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:49:57 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8F44 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F44 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 8F44 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:06:13 GMT
l
www.google.com/ads/measurement/ Frame 8F44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_sYyyQlZezVWZ0JnfTJTMsK86jM80F6UrLMcy6bDuGx-IqEr_gf-W0q6i6wWlxz_bH9mSk6sC8TAcz8ySEFHOjkBKTw
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
3bde1d5944145a46a8b91d920db5ec4d.js
www.gstatic.com/mysidia/ Frame 8F44 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12194
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 05:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 13:40:32 GMT
bl-39123b0-2cf3ec29.js
tagan.adlightning.com/freestar/ Frame 41A3 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/bl-39123b0-2cf3ec29.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 18:08:16 GMT
content-encoding
gzip
age
71946
x-cache
Hit from cloudfront
content-length
15983
x-amz-meta-git_commit
39123b0
last-modified
Wed, 20 Apr 2022 17:52:00 GMT
server
AmazonS3
etag
"3b8ff07a947ae1c9ae1df76532af4ffe"
x-amz-version-id
kyo7b6lKvcmVJT50m9PfrisKj8wBbq4L
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
jMYKPav4GJGvSWAdTYLrZUD7_HIom7Xc4e2nKJzAYNPFoHwU3c9EZg==
b-5a99e50-0ef925e1.js
tagan.adlightning.com/freestar/ Frame 41A3 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-67.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 23:47:42 GMT
content-encoding
gzip
age
656380
x-cache
Hit from cloudfront
content-length
30111
x-amz-meta-git_commit
5a99e50
last-modified
Thu, 21 Oct 2021 14:42:46 GMT
server
AmazonS3
etag
"a5b54d0501be5fa645a46923bf1f6dfe"
x-amz-version-id
tynjFfgXKbXevSX.rzKqYE2SnqrB7ELk
via
1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
bzFxayyZqctzUjJ_uKHQZu6lG4U0O9YSBxNM-3m8QWAuNma-fb0a5g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41A3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AM2Aqpj5u4rucP8TnzlrV9vZQEqlzoG0qiv4HC8n_UykL7dfz6_nh4NfX0IbteV3DaWyT6UVQ_Amgn-NqmtxDU4dHNYUs2Yu4pXKdZ1xj5DigzoyM
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 41A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 41A3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36950
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1650454428054601"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 41A3 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:06:13 GMT
l
www.google.com/ads/measurement/ Frame 41A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaUGLeLguIF1s23pPyMp3TvY0HgTQxUtnZeiS5msrLtFXqJWP27ZlQMjhc3VhZ0ms4c0FqQhsTmGiwsq5GX7BeI_rFIw
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame BAF8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
395381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 00:17:40 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 28F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx76xGGVhYs6LJILdnwTRwrCgDsrNg5xppNvr9pYOsJAfEAEg2tfFOWDJhv-H8KPsEqABkLqJ_wPIAQbgAgCoAwHIA8sEqgTBAk_QhS8OpWtBacsml1CzZVIzmP1btYklRjZUVfX62aZ7P9o4VrGvQh0XucankIHKw6oX7NNNuu0krlicGJ1VjrRk9ePbeXnfCtaHl1UP1RJiVmxwM4ptuALrhit_DiaMdiyDRs3qU9CpXllBgA0AzC80pDHUi7H5kCQ0Si4IkvLYup8KnmLe3jrXGxvj7IRy15OfUMgqzeTzFC3N_LNiu99M0HFeMzXlx0nMBFK5o3MF9Kea5tma9ekAzV1VGAw8Spdi2nVgr6LNIMLTfFLjyCKvmRFNmfcGITxU5M51eQrFpjwDLuK7KvXnlJqtVdhd69gnrY0Dqcx8N1D3S8k_lBMBtFcSBSN2q99g5fxtNCFHaM_cFoptIfBX5XkSCfRmwVKUv3_uG5pki9PC-02FwWm43c-OGkHTCzKiEkucrBlZhsAEhfmf7ZsD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB9jFdqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL7FDdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzYwNTI1NzM2MDg1MzE4NRi6yBc&sigh=uF3GDAxHQBU&uach_m=[UACH]&template_id=492
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3539 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
67570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:21:12 GMT
etag
48472445140208031
expires
Thu, 21 Apr 2022 19:21:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/17017949649486199244/ Frame 28F1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17017949649486199244/downsize_200k_v1?w=195&h=102
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab064d3a8ee80e5c8bdf36910e1dabf618c7c3ed80a75c78c3a62560a170272c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:22 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3174
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 16:42:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Apr 2023 14:07:22 GMT
truncated
/ Frame 28F1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
securepubads.g.doubleclick.net/pagead/ Frame 8F44 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpzo8GGVhYpeMJILdnwTRwrCgDqvxtb1p06GC2tIP7_20q5UOEAEg2tfFOWDJhv-H8KPsEqABh9-dgAPIAQbgAgCoAwHIA8sEqgTJAk_QqDuceds7vK6zaVwtc9CzEWOEOzX35-GqCbotvdt4kU9exVW_5KstPplgmHygrfNUL1vVeybllJxqre8-D-5BRVgMZfNqkjwPlEbqVKBRvzqjJzIsXU_cp77KZiee4iDqvVBzqL1p8EQaXyNApGisrU-poEQ2JcIcNbC2V0yy_2x9doe32Gr4S3yosCgdpYG_aYTE-m2K4SHKH1CNGIRbxlbYbzadW1mWlVWMYFl72RozbquD4e9TiBsKHS_RSucP3dHSV7hmwlp1VcvwzpYbz_2J5D8ah9HrxjIAVm9-owvJ2MkxNIZK8J-aNPr018rTPV5kUf0RbHZM6b7qCMWU7-WCC73qTyyjko30g2grI7W91Vhl9Lg5b0oga94K8MlgFhgPREie_sosHzXUMKZpRsCxs6EJ2cXM8K2yXMaOXP1WK8OYlHzAwASq9K6o8QPgBAGSBQQIBBgBkgUECAUYBKAGN4AH4aDif6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ-_GdIIBwiAYRABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzYwNTI1NzM2MDg1MzE4NRi6yBc&sigh=blCnEdvebA4&uach_m=[UACH]&template_id=492
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 205B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
67570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:21:12 GMT
etag
48472445140208031
expires
Thu, 21 Apr 2022 19:21:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/14166106586650974545/ Frame 8F44 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14166106586650974545/downsize_200k_v1?w=400&h=209
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f21bb4d8e3b92cac0edee015d363a3e95765b4adac91be960d2e9fdd933efc62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 22:09:34 GMT
x-content-type-options
nosniff
age
575868
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26016
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 21:59:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Apr 2023 22:09:34 GMT
truncated
/ Frame 8F44 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel
googleads.g.doubleclick.net/xbbe/ Frame 06D9 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi33IvIATAB&v=APEucNXTYt6J1GEL5Wrh9reZrgg48j1Ul0oiWf7DwbL-HslknVVxNswQTU46rzDbg8Ea17YoCXkM4CPAYWJ60K4a0FEblPEpgA
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F8CE 		77 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvKK1eBUqsAfWwo3wYjU0DHIU7aDnHdPEYmey8tyiwL6Hsm6OYWj6Xct7_ujmClivthDMbyYd7l8Ggfo9P6TyPtuBvNeERC0UE_8FzEog09D8AEzo3z-aHl31ssGbpyIA4hfQrpxr8rzLBk8FooPxff6lEPg&dbm_d=AKAmf-BcWokhv-qK1AvyBE_EfKz94rRxI87iFdfiM-UmPOmlflnJkWOqIcWIhQFotIvusJJjfUCWLcts8HXn-CcuvBm-9jmYpP-AIFxtCB4PcH9UzGSrZH4VkZc4iUfbfsAayV5aTCT_thtEk5AGvBl6Ash9MuoQfvuGEt6ebxH3IjIQB0u_5-462fk8nWlT8wNBf_glV7Oz0ryfQoURbIp5hyUHtVr3ORrRgVp1cZN2AxJaRN_PwWj7SakjOBJjLpTS043hAO5wktFJy5sZswFG4Pp6fi2uEik8264vAy-JsjG1UIMMr8cwC4YzcV_bjViZrOpa1LAhyrKTcBNrEawwW1Rtz6kpCWxcQ_lqGNxgziFNwxrYS5QrAotltiZ4XtPpD8oZfQ8Y8u-HKzpmhLb3wkHfNOc0dagQhAv3jvsjCFYSh_4cfmZjfnpA6nIl5ueK3dTQ7RfCgoH0hlHQ8GLPl8XtKS1Vt5kMW0WCPH36r7c12lLpcItTIa6z-so1g-jvdvB7g9k8rgIIHvGPGwwd7l5w5uyQWxq2BCFEnFbuvao-6k_kGIs5Udy4_s1En9m9pgUJ2dP3pH6FuIDID0DpteSzbjTlIrH0xwVKTx7MJWxO2edhd-Xj70tfm6Ic2cOXxDgQ8OHf7UlLUOdn36UnUSMatszi7WODqXt0LZVoRU7nGa5HH0t8uCbdYKNgETuxFGwYaSRCxva5dxFZMHwHC-TWpKO9gV8MG7bTOgdKi9gSC4aNBT5QrdqYoduB2W6WlVKcLIZhvPXjOxf30Q_eZ-PMc-vbvK3-9l0uCOU1h3-RJroXDV5xP_lN472n3IZ3UtBAyoXt8A3xmhu1Bi2yCRzlN-sQXKtMxHjPMGvHmoAsQSgTluWXSwiMeoASQGAHpOXBmerrjlPNTmFUCbDabZka6G49YJAJHXGpzQUA-CrLNJIfmlLejZVWvjq52HgW3HWAAXhmVDkjncCI6V0GyiR50rAAIfJ9vh3GQ7aYWLA7CzZbvcH7vWhKfDXHSJ8qq7Ic1aufI-MDeTwkK1KiFOYCL4DO6xzbK9lhY6f5Y_3qJb317XLPBcgykse41qDcbfa_NuyoUwJcb4hYa5jf4_BJ34UKg-EnbwVY3XW8aLRA5JvvQ2FJlRhvEt0lyw_PsnFo-xx6ei4bF8R6tXlZSuDVpNDkVz5IOGI6YfxAF1VfW9-dWOyV_4t3PiT8RGK3vTGaYQlkC6CwTtML2zsT7e6AyqNGbbF6iEZf4K2eLKBJ3nBrfaS8jEQpXJ1KYdW0t3WJk7Uc6Mph2IZLYecGMfT-jsIhHUePzk-0V7CdoJvNwGbozzPYvgnKQujh2hYb1swI_iNgAq9lrZCNchZMJKnKRVzomZcUTQfnwz1oVq2UcccNVGCgva80G1vKgoYt6Ypd4imF6fvVGw0oivA0u1cujj60TYhsogfCeiKhhthEXK5jY_FHOjOB9ztmgql1hMimMQHq25vzQEokPmqAgMaWsSN-zxA8Kmol_hL1NcOzC1CS3tk5McvgHq7h_xA557QqzBe8T2k03x4scUqRg4bgqVCO5qCavqQE0CDytwQJy-akfyFffTSO1RbRuTuqovfiMLrQk1ORG9PCfjYGSa8dHwBiBpMPkNmpc_64chRSEPpj2ced-E1CHBKdnAEcyllsjM-rFydwpwqz_lO4nCIJNu0FRcfHnav9P92WhG87mTnlAWTTJwAcfecOCqXZOeFYK7IO-bLhw5q_dKNZWc8O38OojQ93cQNnqtX9YevInjkiNjd0Zxo3n-QdUFevkQAxP-6A20mqWImWkLEw2_nf76oo6iE_4SMsCsMCGWQ-zmBGvNDwXiTa5X_yeblNo9WYCCM3EDzT4nX5vuNugI8hYsWT6_8oGxlkDgL4g0Li4gdVpSdBuS6GdMe2d27IgobNU_IID_6r6Pc9rRJYZ22wZE2whkVFitsRI3QbqMJYLjaixtxwdR9FkTfs_gSqI_xHyPhv_Wp-oM4ZboFV91RwEhltTt3HvxcgXUecFPDchQz3dYx8slw832YzXjTYCLZak9OuhCSK9CHebNi_g5sTM90Mi3wAR51IkqHxArrYfqQSLwiDMAwoBsjqzRV5hyP-R5fZq-8X34r0tt38WNiXM8iauZOlXO5SOQ7vyYK0G5_czYSiQy5KtOH5QcoMPRT4brj8_NjSwpPugzZekg3d-I1JprW44seBTIUaWseXO8I7IfnR91ZELpSlbJE4Vil3Y0hz1ucYQmRmYeniHl1Nm_qDH9Uw8kXQux9BN7iNWtDO3NyrDrSMpgnm7RTjkROhapOc-CmbbM0hSZ3MDMLR1CNJv5pYXBxs6xpbzj8l1SXaORVfXx4COQOpadGJZ2ooHob5Lp3Mpa_oTxvuxJNj7fJ0FEqWH7fI2kJhuXX725TtwLVKbs2uhAlwKF8JHMa69gIBJi-CwGkUNJT5OtJtVs2VB6df9JuG0TgIg5zxmfZWeGuwTldGXyQ2qKwNbcBJjGzIdYVULZzWaDtjPp4DImLoYRIHVvhQG0VZa59JNiPzcC2s18neUXX-7zjiTSwAJHsTlGShdSjlp2febXWyKu-MosGktWgXA9T5EX40qRKS3xg5FP8T4Tdt-QhAsOzesArw44RLl2W073mXImgu9IGi9aQABcVoQ29y5d9Oq7TceZsx3cNHSTAwh_6rp-rzmRF0OitgA6kwq_Snj4N2mBIng0zjC--Y-RrtcfDsz6W1sbCBcB1QxMb8L5zhDyVKwv9NAxPYwsA3LvlnFTX0wyeHYsx_nY-qpS7RUgwcI52_lU89ENQMdbOWoaaYICPka5V9AlCvvhqRa_UAmeZxnqKaN8sYojch5jWLoWHD3jGWXGRuz5ixhcqjX-HZijQCkd5jFiBUnV8WY-YcB9seIxHG77avgMSoJKyHHpT6KDvV9VZSaiPHEzUG0fWs7gueJOavJaz7u6Q_AP5tO10K9wbvP77q4DT88aJxzIwwebj4QFWFNzQVXlo1OitdRQr_7yUQuCdNpQZBRolIp8Z4BOJFneNC3uol1LnIGoALqtXhjq3442ZiDvKusTbIJrYT3xCtrUp-cZdkQUOpZK4lZiXbaFUop1va-QjJgbmYQVXkj7aKqMh_85HBjuC4VEAix42uxZVUOcrUerr-FbiX7pI1b_wvLIEtKwufg-q3x8zEEOKQ-iL18vb1RmO7mnK6W5cgCGsxDPzCPkH1WjDP6Y3Lxw&cid=CAASJeRo0ANJlUvg8MZa5qmg0mlMU1s3qZ5sgrsy4XrImbupaE7EQ2Y&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28d6b51ff8cb860d3dba5930fc0cd37648ec0e3830e98baf41b26fca216b5c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8FAA 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhjC3pfHATAB&v=APEucNWYhAAbE7KFTvlWPOSeO2HROMQyTxPlNX08o5Lgu0WDpPrRFnUHP8fOaU-lUCXsUZ2lrfyrOkR0UnPWg7tmZ0z3IOyJjQ
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 41A3 		60 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfHBKz77MOnNwnO1SP1YKC8oDPmcWclCxNrCVVZU4xH61M8DsqOXEDcRo9MiAhYuStGnlQFay1OtqQzNbkeN6SqqLPWWDJEowMK6Gwk4BYiZzQxiCjx8oO5GgI5bf-ORfWJ3d2i3MtjGNsfljzOL2sVVC2jg&dbm_d=AKAmf-AxZEhww20di6USXUdk4UT0SVjDJUd09t6GlAwJCX6-wQVoOu8NmqIbQUZTkbfyiWMQuc1HGuRciFG1cXmciQvTqqgOv8ru1dKCqXqfUjKTWt_kGUZZhdQrzsFVnYYtPPDQJE-Z1Gzrwp1cYoffXXZ8qmxrPNAlYDd1prrpvF8IIGv_nFU1m5YfHicI8L3T2oKdPaf2W752wG27NoIM0zrU2bDT9vGC1zvOwCaNE_gxW023fxrBzwbJAkQv7iob3tQNIskMt9O-60IlDrVOLKQVzUhKC7T7MrI3bhxwuVN1x3wlBY0dk_NFqjZBzuDZf00cH0RLMPJqj5MV1Pi0IcJkS_3a8nFtb1lNuPhvZjMoXr7ouw-GdVNW7w91tSfrlXY_Iu4oahru8_eYlp61rerR3QxWrE6vJLBG_M_n4F11DX4wL9g1LB5s_Oc-5hhFivCu7a1mU9hpzaKYyU7RO5NGOp9m8z0_v_LQg8Gcza2JrRyOzplW0oOYSm2AGa4pG4MQEKm18roSc6uTzO8oMtfG_dabJCgcakJkS2J20RsSmFsz0edzgLahPuOj4jfw1k5bXBproRNkwdNu0yOBkp_cA9cWP5D6Dbvi3Mq_PbYrgoRGeqHWEP9tX7u4ja-2rArpHcUyVf7bs_7Ed9q2LKPDVJKNEzatkFJVd4FHL0HIi-byhlUMePgLN0iGiRv-x1tuHHa8fJCot-OyJoBOqQEAYCEhNtm7Sp_-sbhKbLLzMtrZloBMhMPW2ocf7m2lq3NEPow84w4VmOMwSbGeCuv11MiYTqMlnVFuvwkU80zShyFx5lj9ypJiYlobNLnvTRhW6NchhanHPRDSE8durJn8Ri8lGCOnAtFaxXYJ2IQtmO2lAju5nKU5Xbl1nYU3S2oeqME8-2g2ZN30A1tL4fp_a2EDe9lM9-uoP69Vjeg_LZYdv0T9VjMaMNp90x78VdXW77rEBiY4HFJ6XA46yKQspe6QY_o_ESkGB6AQuMqoOIKo7xisPkzM-da5h9NPger3u2yeAuh3we27QXEyn1LcknDU09Q3Wl7lb11-DK6Bu38SNM1jShhekcEl6qY7vMa45AYpAXEG_p8E0JBvoWftXYMESLxJPfPHKTxUXQ5WKF9fCz-Qthyru4-AKB9uDGUVcxqaIxjiCT-IsAtafvnl-K39C_yzfg1Z78vK2XWmGUqThwKySvzX5LHy9cd1toprUMDYg1_SA9XOAYgnmtpvJzWlPcs0FtA74bOko9aRRuvrxIQvVYRyLGUs76rb_jGpK8xDXp6MCaXd7Tuhf3IrGPQQRo8Bzzztd3LbC_NkxxSV8IT04c30jVYEOwAYrhvtz7niQX370N-acnrTqKXBz108hFH5Z09xzXJ2XdMNW3M2LAmF6R0VwNJojSF_03IvMzx_O_paPbJlm6vx0Qp_edXJC7Vd3tCAgThciFYeqJ3NqQjuidWg0x42l1UnLzaE3GjIFutLtac7N35nnyAAwLcFjNIso5syL-gmDPybHV7G3Xd8ncGMfXP6vqYpTuS34jm9RRHYttaibLj5x5axlvi-CrYsh01TBRNlGX_wk0s6omZeegAVCOK0NTilMlEkd_jJMIx06rPMMva01j3JkVY5zo0_VNkCoWMIA4TlesWCmFHnixC3mb3PZ0-SxQBHhAQv1ajmx3n_0-2t-MnN_sV3NYaC558nTl3tN10nncTIJ5cqYSau3Dz2SL5SLDUtiCzBZPiBrNxnvmuZhevadt1RfAFCYhSXjjt_lDeyKNIqB5YEzc2lvewRExZAgxJrHmyBDCy-SiPpY_y5aXF1tvy25uC1qNNTVub9KAavabta9YjG1QTF_iJX3K5g8Y-xmANjoVwr7P4T6OPs6Gk4UBVry3hUmvZClYeFHMhP7TFs5TV0YWQPobtgpARMel21cyuMA3zE_O80vAkm4wU0tj4zG1X8MV_50_tGzhg8gjRRp5nBlPSRKqB37tRSwWBKrAacVKSn99OG1FfDSCnCVHJEQQ9IqpNH078AKhbl0gPZfCRRJ4uHzuoBO-SEIQKqo9xYHp2_KSzTjWCwdJMJxhlZ7bGxri-hFZgbXG-tIDyCwyrjb3xk-hmLi_fzg5x0vueOHM2cZcqc0jpyCNmI4Q-MQf4ySEdrZZbbdf3FTXOFHeFOrZqUDF_4zcSgIsJLg5bMkV7E9_AeMtUOvhran7XIfnvJFiRMEgiffSrrW9914P_ps17cuoHwGT998F9arGShovVCagL7y-BK93fWmuVKnapSBtn8z8PKm5oaeyxsosInSUDAZLiDYNox3Sn88Y6AsK3lHC9zbZPdycl0thwalYT1GukwAss5mIy-klW2yFy14BrEN4Jw0TMrTIahNeCGR8RJ5NBLI__4pNddcnA5CGO_eqKf6uB-ph8XGGIfVdBPpOrXck-nxByd-6q5f_7oMm3w_MQtHvZrAY1rPGBvXccnSc3sv3DlHG8Byh3sVgl2ly0ce1A5LIYbNc4gOYuy0j5_uGXRPK2eYKkyWg2S_2O8chJrCPjbK9UVQXdA-vsyrAAR6KkoGVl6gi4JRKj-XP878qrdjisdNkzbQGlbtSOwObd88DtGNlBmU64fgKtVTWRNlFoSK-iQJ1zPwYjx4zcqOy1lDvTApRQCuhz-2lv3-rdRs2rtYGhawSAu_3HQjyr6tEveTWqdhxbs723MbkBfbnP0NUN9Vn5Z0h5Tb7ry3TjTZkMzw1-ZxgCP70nWHz4GdJVwrq_8iMH9aMmD1xkkDlo1wW0HZNeoopAHN4xxC7Gpp05S95ZDHs7_RRRp1gHd_wzqu3wMXRyOQ03UTPdlEd_OwFyBHn8cu8DEsyTTHyREmZ6F8r4Y_TfEwl0OR9hSC0tF8oS32LEGxBcUkGJFPiCJHqj5j4ehYDZXqGItAa0RX0vPzZnYjobziolGWQc7iIeX_rSnaBI7TEHsu-t5sdF_ciOelhvua4Z57B5mWSYOCk8hloq5rBz0NZ1ZRzVDq0gpcN85VeigBQ3hgoIpxKWtUN2eHp-RYjw4lMLxL82beyr1luCTjjsCD8OVpBfQEF97kwIlLAnCtafPpPGtKUiTUPdop5llyaZuReFIVxxpNtzRIrnZj1G_OKBfH9_FQ6pDj_yLyqWFpB1XWxVr81kt8xyr_YWPjDsoqtKBHGeDkzFulipk3WhnL3U07Y5HNt4viAjkCS4DyTae&cid=CAASJeRo85KTRwfhr00-W4iB1iISM_nA9FOTPOKRbgd5Qsaww999OGk&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33b7557539dde2e59bc01caefb3cb2f0431d36ab928d1476c960f7490587e946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30347
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
n.js
geo.moatads.com/ Frame E030 		84 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=ESSENCEDIGITALNA1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&m=0&ar=bee2df476bf-clean&iw=5a06169&q=2&cb=0&ym=0&cu=1650550043086&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=27391841%3A6022511%3A332299257%3A168090932&zGSRC=1&zMoatG=ct&zMoatAUCID=-&zMoatJS=-&zMoatDR=-&zMoatGSR=1&ph=&pj=standard&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2F&id=0&ii=3&bo=bleepingcomputer.com&bd=bleepingcomputer.com&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&gw=essencedigitalna20153870852878&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A514&jk=-1&jm=-1&fs=198121&na=1722171817&cs=0&ord=1650550043086&jv=42895019&callback=DOMlessLLDcallback_90749796
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.9.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-9-6.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
d41bf77714b5d59e9db02f99695d702074040894e85c177c0c57b294e7acc936

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"a5164eb007a08ca59f9190864e2533c57f2c0cc9"
content-length
84
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame E030 		203 B
378 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.bleepingcomputer.com%2F&pcode=essencedigitalna20153870852878&ord=1650550043086&jv=1597624914&callback=BrandSafetyNadoscallback_90749796
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.125.127 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-140-125-127.us-east-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
d782b2b665472878496bd801875f3a2a839169ed172adf3daba54c0d7bd74add

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"e4a7ecf80e3ed57bb15093724d6fb833ad9b7f09"
content-length
203
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=ESSENCEDIGITALNA1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&m=0&ar=bee2df476bf-clean&iw=5a06169&q=3&cb=0&ym=0&cu=1650550043086&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=27391841%3A6022511%3A332299257%3A168090932&zGSRC=1&zMoatG=ct&zMoatAUCID=-&zMoatJS=-&zMoatDR=-&zMoatGSR=1&ph=&pj=standard&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2F&id=0&ii=3&bo=bleepingcomputer.com&bd=bleepingcomputer.com&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&gw=essencedigitalna20153870852878&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A514&jk=-1&jm=-1&fs=198121&na=359257094&cs=0
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:23 GMT
lottie_svg.min.js
s0.2mdn.net/3771812/1845205225853235/ Frame 3272 		210 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/3771812/1845205225853235/lottie_svg.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/3771812/1845205225853235/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b316cf2c7664979b7cf66a6f2d3a64d34874b29b10849af62a1f208c31ff12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/3771812/1845205225853235/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 04:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55320
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 16:59:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 04:05:19 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
activeview
pagead2.googlesyndication.com/pcs/ Frame CD59 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv06Z16A0bM4dWWyPbOp25Gwni-YsU8cVnav1plcWAJbb6gavMKdP1MNFivSDLbuBii3_5Q9CgLnZugDj7nRx7Kq4ssiDeWCMnVIQ&sai=AMfl-YTLrU-jb3Bp64B5R7pxL_fLQHtDfBkk2nMBEZMX_Srv1tZrMgW2ozO0ygLaPZ1kF5QsUyGJObffDd170ntP3MAbJVEcfg8s7hSqGnbmiBZ52IDlAvSH0PN4o8Zss2I&sig=Cg0ArKJSzK0WotyLAFrWEAE&cid=CAASJ-Ro9p3OqXxmnOamTASwl4MRLKDH8PZK1KZuWeqfAhQdhKipOlfWIQ&id=lidar2&mcvt=1824&p=1110,315,1200,1043&mtos=1824,1824,1824,1824,1824&tos=1824,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1087171916&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650550041176&rpt=208&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8F44 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c55983d1aa644753804bd8018de6f070555281032f3ddb7e14cdb6370c11b1f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 06D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi33IvIATAB&v=APEucNXTYt6J1GEL5Wrh9reZrgg48j1Ul0oiWf7DwbL-HslknVVxNswQTU46rzDbg8Ea17YoCXkM4CPAYWJ60K4a0FEblPEpgA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06D9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDYwNjM5NjEtM2RkZS0yMDJjLWUwYmItZTQzMTBkYTk2YTkw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDYwNjM5NjEtM2RkZS0yMDJjLWUwYmItZTQzMTBkYTk2YTkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi33IvIATAB&v=APEucNXTYt6J1GEL5Wrh9reZrgg48j1Ul0oiWf7DwbL-HslknVVxNswQTU46rzDbg8Ea17YoCXkM4CPAYWJ60K4a0FEblPEpgA
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Apr 2022 14:07:23 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDYwNjM5NjEtM2RkZS0yMDJjLWUwYmItZTQzMTBkYTk2YTkw
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 06D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENUynPoSw9OjJAAy48ELQYc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENUynPoSw9OjJAAy48ELQYc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi33IvIATAB&v=APEucNXTYt6J1GEL5Wrh9reZrgg48j1Ul0oiWf7DwbL-HslknVVxNswQTU46rzDbg8Ea17YoCXkM4CPAYWJ60K4a0FEblPEpgA
Protocol
H2
Server
23.195.109.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-109-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 21 Apr 2022 14:07:23 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENUynPoSw9OjJAAy48ELQYc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06D9
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzExMDViYzktZmQ3MS00ZjE0LWI4YmEtMmI4YzMwZDgwYjdl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzExMDViYzktZmQ3MS00ZjE0LWI4YmEtMmI4YzMwZDgwYjdl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhi33IvIATAB&v=APEucNXTYt6J1GEL5Wrh9reZrgg48j1Ul0oiWf7DwbL-HslknVVxNswQTU46rzDbg8Ea17YoCXkM4CPAYWJ60K4a0FEblPEpgA
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
akka-http/10.2.7
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NzExMDViYzktZmQ3MS00ZjE0LWI4YmEtMmI4YzMwZDgwYjdl
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Thu, 21 Apr 2022 14:07:23 GMT
sync
partners.tremorhub.com/ Frame 8FAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESELqErexBl3ZBAPulTiPBH00&google_cver=1
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESELqErexBl3ZBAPulTiPBH00&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhjC3pfHATAB&v=APEucNWYhAAbE7KFTvlWPOSeO2HROMQyTxPlNX08o5Lgu0WDpPrRFnUHP8fOaU-lUCXsUZ2lrfyrOkR0UnPWg7tmZ0z3IOyJjQ
Protocol
H2
Server
2600:1f18:612b:4264:29b9:1155:5103:2a66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESELqErexBl3ZBAPulTiPBH00&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 8FAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECNBR2CscTosOXMRBG0nSug&google_cver=1
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECNBR2CscTosOXMRBG0nSug&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhjC3pfHATAB&v=APEucNWYhAAbE7KFTvlWPOSeO2HROMQyTxPlNX08o5Lgu0WDpPrRFnUHP8fOaU-lUCXsUZ2lrfyrOkR0UnPWg7tmZ0z3IOyJjQ
Protocol
H2
Server
69.12.8.74 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
250
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECNBR2CscTosOXMRBG0nSug&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8FAA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWRjODY5YTQtYzE3Yy0xMWVjLWEzMmMtMTQ0ZThiNWYwNDAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWRjODY5YTQtYzE3Yy0xMWVjLWEzMmMtMTQ0ZThiNWYwNDAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNa7wgEQmMSGAhjC3pfHATAB&v=APEucNWYhAAbE7KFTvlWPOSeO2HROMQyTxPlNX08o5Lgu0WDpPrRFnUHP8fOaU-lUCXsUZ2lrfyrOkR0UnPWg7tmZ0z3IOyJjQ
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Apr 2022 14:07:23 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NWRjODY5YTQtYzE3Yy0xMWVjLWEzMmMtMTQ0ZThiNWYwNDAz
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
309
content-length
0
truncated
/ Frame 28F1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41440ca212b3b1798cf6f4dba9c9012e030848511f997b6cc0b7e7c2e0e20843

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8F44 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:09:49 GMT
x-content-type-options
nosniff
age
395854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Apr 2023 00:09:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8F44 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 16:23:56 GMT
x-content-type-options
nosniff
age
164607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 16:23:56 GMT
pixel
cm.g.doubleclick.net/ Frame 3539
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELwduY_NeY-MNzkPHm7Yckg&google_cver=1&google_push=AYg5qPLwaW1DIWhtbQ-GRxr9pkdf2gE5Es374wglI1VvyBlEqWI__qdlHMXkSpXGIvSboSkF796h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLwaW1DIWhtbQ-GRxr9pkdf2gE5Es374wglI1VvyBlEqWI__qdlHMXkSpXGIvSboSkF796h71_kKHwqm4AGWeMIZbhjkWlb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLwaW1DIWhtbQ-GRxr9pkdf2gE5Es374wglI1VvyBlEqWI__qdlHMXkSpXGIvSboSkF796h71_kKHwqm4AGWeMIZbhjkWlb
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Apr 2022 14:07:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7F829B5184AC4DCD8A3C31229B41213F Ref B: YTO01EDGE0807 Ref C: 2022-04-21T14:07:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPLwaW1DIWhtbQ-GRxr9pkdf2gE5Es374wglI1VvyBlEqWI__qdlHMXkSpXGIvSboSkF796h71_kKHwqm4AGWeMIZbhjkWlb
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdKqEFthiIXRexL9DDBA==
pixel
cm.g.doubleclick.net/ Frame 3539
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEPx3ppmiMo2yzvYB9q0EuPc&google_cver=1&google_push=AYg5qPLfrS7Tlk_EYn4359cz2790eG2eOcb5su21NjjQcn5u6QzAvS5cpxaPA6Qlp2VJnlg-Rvu8_sppOudY...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLfrS7Tlk_EYn4359cz2790eG2eOcb5su21NjjQcn5u6QzAvS5cpxaPA6Qlp2VJnlg-Rvu8_sppOudY_Yl_KKoTGSaiYyTT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLfrS7Tlk_EYn4359cz2790eG2eOcb5su21NjjQcn5u6QzAvS5cpxaPA6Qlp2VJnlg-Rvu8_sppOudY_Yl_KKoTGSaiYyTT
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:23 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLfrS7Tlk_EYn4359cz2790eG2eOcb5su21NjjQcn5u6QzAvS5cpxaPA6Qlp2VJnlg-Rvu8_sppOudY_Yl_KKoTGSaiYyTT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
194
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3539
Redirect Chain
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEMdKq3tx3XYtVXeGNhN47OQ&google_cver=1&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8...
  • https://c.us1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_push=%GOOGLE_PUSH%&cty=br&google_gid=CAESEMdKq3tx3XYtVXeGNhN47OQ&google_cver=1&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8gdShfxt1u55lFUPaB6Ix6SjN-56FPwnsiaYDOokbJgoK_3tTm0&google_hm=MDQwMzAwMDFfN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8gdShfxt1u55lFUPaB6Ix6SjN-56FPwnsiaYDOokbJgoK_3tTm0&google_hm=MDQwMzAwMDFfNjI2MTY1MWI1ZTRmZg%3D%3D
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Apr 2022 14:07:23 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic_brazil&google_push=AYg5qPKep8t1_wAhWWU7scXL-YcUEwQ1VC5egqFbziLwe7Ls8gdShfxt1u55lFUPaB6Ix6SjN-56FPwnsiaYDOokbJgoK_3tTm0&google_hm=MDQwMzAwMDFfNjI2MTY1MWI1ZTRmZg%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 3539
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLxzcZHkguFpB-ZTLS1-sfmoZMhaScIJvcRez6B0054P6zBIUX_5-a_k8IVqToYl-AID1F-TX6ghS...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLxzcZHkguFpB-ZTLS1-sfmoZMhaScIJvcRez6B0054P6zBIUX_5-a_k8IVqToYl-AID1F-TX6ghSxI25GHYehda0H4C9Fr&google_hm=fb4985c7-87a3-4bfb-91...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLxzcZHkguFpB-ZTLS1-sfmoZMhaScIJvcRez6B0054P6zBIUX_5-a_k8IVqToYl-AID1F-TX6ghSxI25GHYehda0H4C9Fr&google_hm=fb4985c7-87a3-4bfb-91be-d9ed158d0390
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-64
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPLxzcZHkguFpB-ZTLS1-sfmoZMhaScIJvcRez6B0054P6zBIUX_5-a_k8IVqToYl-AID1F-TX6ghSxI25GHYehda0H4C9Fr&google_hm=fb4985c7-87a3-4bfb-91be-d9ed158d0390
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3539
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEJpebRvJWGznM7Og_vzH3c&google_cver=1&google_push=AYg5qPIEkW84fJap75b0f_715C8KNTHN6Eap3ZYjyZWm6OfWdER6PLQObWzagQuYw_aExBw0-qCwRqLP-849Egji9jfn852wCmuY
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIEkW84fJap75b0f_715C8KNTH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIEkW84fJap75b0f_715C8KNTHN6Eap3ZYjyZWm6OfWdER6PLQObWzagQuYw_aExBw0-qCwRqLP-849Egji9jfn852wCmuY&gdpr=&gdpr_consent=
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIEkW84fJap75b0f_715C8KNTHN6Eap3ZYjyZWm6OfWdER6PLQObWzagQuYw_aExBw0-qCwRqLP-849Egji9jfn852wCmuY&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:23 GMT
pixel
cm.g.doubleclick.net/ Frame 3539
Redirect Chain
  • https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEEvtNvRhEV4DRMMExGVlRBg&google_cver=1&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZx...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.torchad.com%2Fsync%3Fexchange%3D309%26google_gid%3DCAESEEvtNvRhEV4DRMMExGVlRBg%26google_cver%3D1%26google_push%3DAYg5qPLzDRDedWTmBCVhZfn8...
  • https://rtb2-useast.torchad.com/sync?adkuid=A3529571638518424481&exchange=309&google_gid=CAESEEvtNvRhEV4DRMMExGVlRBg&google_cver=1&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-a...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
  • https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6z...
0
0
dot.gif
s0.2mdn.net/ Frame 3539 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEOI_KhCG93dZroNcuEqkEiw&google_cver=1&google_push=AYg5qPK-LVRlWDyfRi5shA1GIGUXEuyyA7w91T_7LsKTWlAxLUSpFGa1Qmh_kM-QIRqz529o-qVDmC1dBwFbxGVjV8wzVW7x2pyI
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 14:07:23 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3539 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IM0IwkmRaC3zp14iaaqEpg44CetMc9_irIFUpGyyJBbX9v375mDSrHkR8ingi3HOt8Ny_RgQ
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame F8CE 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Origin
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 13:39:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame F8CE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:02:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame F8CE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:59:11 GMT
i.match
s.tribalfusion.com/z/ Frame 205B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESED6kVvlJaloA7Pa4Nb4KD-o&google_cver=1&google_push=AYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6kVvlJaloA7Pa4Nb4KD-o&google_cver=1&google_push=AYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6kVvlJaloA7Pa4Nb4KD-o&google_cver=1&google_push=AYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ff6af8ccb684bb9-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1595
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ff6af8c1a9d4bb9-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED6kVvlJaloA7Pa4Nb4KD-o&google_cver=1&google_push=AYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKA93cfwoodBS2sVZT5X3DDLvCaT3wHtuewyJRnDBclsf8lddPlw4xf4_-YggHqkCRi7gmxNfQO9ai-W_bhQa346cF8-tA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 205B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeK8oemYWKbXJZ6k0ZCRPc&google_push=AYg5qPK2IV4WzytjNSufQ29UFI2iAS5xhzdjCVltu6XVi1KIHCOvUWr-cH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeK8oemYWKbXJZ6k0ZCRPc&google_push=AYg5qPK2IV4WzytjNSufQ29UFI2iAS5xhzdjCVltu6XVi1KIHCOvUWr-cHBplOpUU09yMzcjd8gERynMYrHB4nBvW-Pjm5vFww
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1650550044.536665,VS0,VE14
x-served-by
cache-yul12832-YUL
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEeK8oemYWKbXJZ6k0ZCRPc&google_push=AYg5qPK2IV4WzytjNSufQ29UFI2iAS5xhzdjCVltu6XVi1KIHCOvUWr-cHBplOpUU09yMzcjd8gERynMYrHB4nBvW-Pjm5vFww
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 205B
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESEPx3ppmiMo2yzvYB9q0EuPc&google_cver=1&google_push=AYg5qPLqsYOrXWnu_kCtKvKqNOGYoh5x2Cb4NsUqStzacEfvSDKm54r4umG7xYmzrU1B0QK1E6nnto3b972h...
  • https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLqsYOrXWnu_kCtKvKqNOGYoh5x2Cb4NsUqStzacEfvSDKm54r4umG7xYmzrU1B0QK1E6nnto3b972h29yDerNM5cg-UuE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLqsYOrXWnu_kCtKvKqNOGYoh5x2Cb4NsUqStzacEfvSDKm54r4umG7xYmzrU1B0QK1E6nnto3b972h29yDerNM5cg-UuE
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:23 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=extendtv&google_push=AYg5qPLqsYOrXWnu_kCtKvKqNOGYoh5x2Cb4NsUqStzacEfvSDKm54r4umG7xYmzrU1B0QK1E6nnto3b972h29yDerNM5cg-UuE
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
193
Expires
Tue, 29 May 1984 15:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 205B
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEONLWSmme0CyPvAagjlmryU&google_cver=1&google_push=AYg5qPIxcXCUrP2F_kmbUJ5LDLOw28qDNEiIdfO1qkeVV-fTyeVDhx68Ya2HES_CnbkaJs1wQsXZQqnbn3m5SO3Yen...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPIxcXCUrP2F_kmbUJ5LDLOw28qDNEiIdfO1qkeVV-fTyeVDhx68Ya2HES_CnbkaJs1wQsXZQqnbn3m5SO3Yengz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPIxcXCUrP2F_kmbUJ5LDLOw28qDNEiIdfO1qkeVV-fTyeVDhx68Ya2HES_CnbkaJs1wQsXZQqnbn3m5SO3YengzpeM7Mdc
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPIxcXCUrP2F_kmbUJ5LDLOw28qDNEiIdfO1qkeVV-fTyeVDhx68Ya2HES_CnbkaJs1wQsXZQqnbn3m5SO3YengzpeM7Mdc
Date
Thu, 21 Apr 2022 14:07:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 205B
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEEJpebRvJWGznM7Og_vzH3c&google_cver=1&google_push=AYg5qPLrMNk_cbhL2gj8JjO_XvBdX5H2k9F-rGUdUM8Ar6lqpp_ZIOXED8JUtmNmYQjenPLOg3wHHQZg30Cg5nMNDnQheRROwOU
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLrMNk_cbhL2gj8JjO_XvBdX5H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLrMNk_cbhL2gj8JjO_XvBdX5H2k9F-rGUdUM8Ar6lqpp_ZIOXED8JUtmNmYQjenPLOg3wHHQZg30Cg5nMNDnQheRROwOU&gdpr=&gdpr_consent=
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&mn_hm=MjkzNTUxNjQwMTQ1NTY3OTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLrMNk_cbhL2gj8JjO_XvBdX5H2k9F-rGUdUM8Ar6lqpp_ZIOXED8JUtmNmYQjenPLOg3wHHQZg30Cg5nMNDnQheRROwOU&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:23 GMT
pixel
cm.g.doubleclick.net/ Frame 205B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBd8lf926hZfg2yjuEFxJVI&google_cver=1&google_push=AYg5qPJ73PtP4cIwee10yLsCc6ipnH-2h2MWO6ROjhECoKp4sTZAACic1YaX9IDfDaPgRxyFTv...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RRm1Edlk5RTJ1RXAuMTdfc3dzbXlseWcuTi4wZEhGdn5B&google_push=AYg5qPJ73PtP4cIwee10yLsCc6ipnH-2h2MWO6ROjhECoKp4sTZAACic1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RRm1Edlk5RTJ1RXAuMTdfc3dzbXlseWcuTi4wZEhGdn5B&google_push=AYg5qPJ73PtP4cIwee10yLsCc6ipnH-2h2MWO6ROjhECoKp4sTZAACic1YaX9IDfDaPgRxyFTvfEZeDVEfn6ZzQrmBrZs3tLoSM
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RRm1Edlk5RTJ1RXAuMTdfc3dzbXlseWcuTi4wZEhGdn5B&google_push=AYg5qPJ73PtP4cIwee10yLsCc6ipnH-2h2MWO6ROjhECoKp4sTZAACic1YaX9IDfDaPgRxyFTvfEZeDVEfn6ZzQrmBrZs3tLoSM
date
Thu, 21 Apr 2022 14:07:23 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 205B
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEMGcsXm4tjkLWlMfT3SgwZE&google_cver=1&google_push=AYg5qPL9wGcqbSZRaM4ziCEGvEKdIq2fTkVpck3pPoKX1xzxRcrw7W83qCWXz-8zja8x6u3jfFCpUHeH5hg-DFCiI...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWNiNzZhYjAtZTEzMi00YjJmLThmZDctY2M3ODRhMzQ0MTli&google_push=AYg5qPL9wGcqbSZRaM4ziCEGvEKdIq2fTkVpck3pPoKX1xzxRcrw7W83qCWXz-8z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWNiNzZhYjAtZTEzMi00YjJmLThmZDctY2M3ODRhMzQ0MTli&google_push=AYg5qPL9wGcqbSZRaM4ziCEGvEKdIq2fTkVpck3pPoKX1xzxRcrw7W83qCWXz-8zja8x6u3jfFCpUHeH5hg-DFCiIgaT0qQ7zS_C
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWNiNzZhYjAtZTEzMi00YjJmLThmZDctY2M3ODRhMzQ0MTli&google_push=AYg5qPL9wGcqbSZRaM4ziCEGvEKdIq2fTkVpck3pPoKX1xzxRcrw7W83qCWXz-8zja8x6u3jfFCpUHeH5hg-DFCiIgaT0qQ7zS_C
date
Thu, 21 Apr 2022 14:07:23 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 205B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMpo-JK2x-Bl6TkSHvioJk4OEYGfX-zL124b8LnVpLwTlnMGX5AbTlU9RLHit0V7onb4PXln0
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 41A3 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 13:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 13:59:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 41A3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 May 2022 14:02:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 41A3 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzLZgd1yMv4mkdXzRJICrzgJxSMEaPkitNmyEZiI7mIRrJI7f_9FkTYenZXLWPA4blNTShJWG-RLIbS5RGtZTtvYdHvZNuEYFwkwqAwNgqlGEXJTrTuJB6VVKYU3tJiHEngc4eKifmiR6_89ute8-o5nbMmSPhx1LUB85LQRPx-x8qC8j96nIbiCSsWu4OBhrzyLIi4XiqM7FzrgRoHqpNz_cU4LwJmC4tIfDuIMKvgHHgM_ATJUhODW4AdVo6EU52pdVMqJ702HFi6NMfam8mg0VFDN67dx5L-8FKao_pE2_X2bg-sHT_7v8_cipR_U8CUQF0xuW2hPrfXNg9QeYh4HQE5IcK0zvZG2qE3oNU5bT8WHu2rGO6jpoysUWMWBea3H-lKZo2es-vELIM1hc2WzZhkP7PkCgMWuZi_V37E48T0fPvBQzSMC3mkXATDO3cqW5HkHOZ4Dz6bC3lvz6e7OfJMk5eKr0TYcMBwuOjNg0KUkQwfTehte0AUGhn4_X2PQixQNr_O-J0-IBLOI22KTq3G_2ZbZBRdt0CsHGB2JiyLeQmfiCrWV0nAek9j2F1Dd11OK2ZPPL5OXZevkko7A3y_E_awSaEDpX_xX9BJBRgCUhd-JAKrRDopcnj6azAQY59I-OY7FPNtZxgzYDZZr1bvNf1GVMyJa4dcWUuD2l03ERIJMiu_XrCxt_BblO54Rb9yY_-zqK49iDBfn_Z6odCGpHzsFAKT2rZpr5zpNdmzQ38k1Kedg54UjOo1Me-wGLoGX1WqbMyVOppOoM61GEIPdRJRNco3r9wNSUQjf9iMJhPhCcsfqMH8PyJ2jjG9R3V54U0V7UjFrjOhcf8X-GIwn5Ouw8oVW1aHNHy1UnRxd6uEb7N8e2lQIUZme8CH0vCqtLjql4I_IcFFqXKPijGneOtvp4UMh-A7q0p3wEkB3HGz2pwe0ZootzYaDvBwiKnsB4RIDsGwSeq-GPV5KwDKFVGtVdRqdTg-8ev10zn0VMIhmOVeAXBLJotHscc1qWYBjBReI2bBPlFgq9Fj1bjGaQmVhgo567fCl3QpwiOmyoo2ZGLZD-w5H9WNrJBimbwDjoD5D8AfWvgfbqL5x9UVGTxZECm-AJOhZKgE6T3C_PKzZ-_VdaOOBthMQviZUOGbqOAVLZM9YZYUZ0UKlHFhXItahfL0MHZ4Qiv1uaCR7247uv1mBb4EhGAIpPHC3gxpH7IdTAkvyWM6sgbeJjGS2szoAQ5c0BcZDsSE1KVdCc&sai=AMfl-YQhOu4p0DCLhxWW1fRaVfWiw0joTJReccljFdBA4lO9R9oGTOc4yk6g2x-jvgmfC5fA3Mv8O582aZyXB2B7htI-Y2FtDKGF8Ue-wRUQ-Pn1mWJ72V_764LDhCmy4uitFCwtZ8g1c6FboHX0IFEysn1jXrPa7QvxztVDtq6G2AhMwISpB3ngorcQOLJ134LF2Ol8O6e_bPdKMzDlnPuYI9rBSUz__x_3-sn3E2rYc8Omo1xF&sig=Cg0ArKJSzJFOinfOLLOfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220413.69699&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfHBKz77MOnNwnO1SP1YKC8oDPmcWclCxNrCVVZU4xH61M8DsqOXEDcRo9MiAhYuStGnlQFay1OtqQzNbkeN6SqqLPWWDJEowMK6Gwk4BYiZzQxiCjx8oO5GgI5bf-ORfWJ3d2i3MtjGNsfljzOL2sVVC2jg&dbm_d=AKAmf-AxZEhww20di6USXUdk4UT0SVjDJUd09t6GlAwJCX6-wQVoOu8NmqIbQUZTkbfyiWMQuc1HGuRciFG1cXmciQvTqqgOv8ru1dKCqXqfUjKTWt_kGUZZhdQrzsFVnYYtPPDQJE-Z1Gzrwp1cYoffXXZ8qmxrPNAlYDd1prrpvF8IIGv_nFU1m5YfHicI8L3T2oKdPaf2W752wG27NoIM0zrU2bDT9vGC1zvOwCaNE_gxW023fxrBzwbJAkQv7iob3tQNIskMt9O-60IlDrVOLKQVzUhKC7T7MrI3bhxwuVN1x3wlBY0dk_NFqjZBzuDZf00cH0RLMPJqj5MV1Pi0IcJkS_3a8nFtb1lNuPhvZjMoXr7ouw-GdVNW7w91tSfrlXY_Iu4oahru8_eYlp61rerR3QxWrE6vJLBG_M_n4F11DX4wL9g1LB5s_Oc-5hhFivCu7a1mU9hpzaKYyU7RO5NGOp9m8z0_v_LQg8Gcza2JrRyOzplW0oOYSm2AGa4pG4MQEKm18roSc6uTzO8oMtfG_dabJCgcakJkS2J20RsSmFsz0edzgLahPuOj4jfw1k5bXBproRNkwdNu0yOBkp_cA9cWP5D6Dbvi3Mq_PbYrgoRGeqHWEP9tX7u4ja-2rArpHcUyVf7bs_7Ed9q2LKPDVJKNEzatkFJVd4FHL0HIi-byhlUMePgLN0iGiRv-x1tuHHa8fJCot-OyJoBOqQEAYCEhNtm7Sp_-sbhKbLLzMtrZloBMhMPW2ocf7m2lq3NEPow84w4VmOMwSbGeCuv11MiYTqMlnVFuvwkU80zShyFx5lj9ypJiYlobNLnvTRhW6NchhanHPRDSE8durJn8Ri8lGCOnAtFaxXYJ2IQtmO2lAju5nKU5Xbl1nYU3S2oeqME8-2g2ZN30A1tL4fp_a2EDe9lM9-uoP69Vjeg_LZYdv0T9VjMaMNp90x78VdXW77rEBiY4HFJ6XA46yKQspe6QY_o_ESkGB6AQuMqoOIKo7xisPkzM-da5h9NPger3u2yeAuh3we27QXEyn1LcknDU09Q3Wl7lb11-DK6Bu38SNM1jShhekcEl6qY7vMa45AYpAXEG_p8E0JBvoWftXYMESLxJPfPHKTxUXQ5WKF9fCz-Qthyru4-AKB9uDGUVcxqaIxjiCT-IsAtafvnl-K39C_yzfg1Z78vK2XWmGUqThwKySvzX5LHy9cd1toprUMDYg1_SA9XOAYgnmtpvJzWlPcs0FtA74bOko9aRRuvrxIQvVYRyLGUs76rb_jGpK8xDXp6MCaXd7Tuhf3IrGPQQRo8Bzzztd3LbC_NkxxSV8IT04c30jVYEOwAYrhvtz7niQX370N-acnrTqKXBz108hFH5Z09xzXJ2XdMNW3M2LAmF6R0VwNJojSF_03IvMzx_O_paPbJlm6vx0Qp_edXJC7Vd3tCAgThciFYeqJ3NqQjuidWg0x42l1UnLzaE3GjIFutLtac7N35nnyAAwLcFjNIso5syL-gmDPybHV7G3Xd8ncGMfXP6vqYpTuS34jm9RRHYttaibLj5x5axlvi-CrYsh01TBRNlGX_wk0s6omZeegAVCOK0NTilMlEkd_jJMIx06rPMMva01j3JkVY5zo0_VNkCoWMIA4TlesWCmFHnixC3mb3PZ0-SxQBHhAQv1ajmx3n_0-2t-MnN_sV3NYaC558nTl3tN10nncTIJ5cqYSau3Dz2SL5SLDUtiCzBZPiBrNxnvmuZhevadt1RfAFCYhSXjjt_lDeyKNIqB5YEzc2lvewRExZAgxJrHmyBDCy-SiPpY_y5aXF1tvy25uC1qNNTVub9KAavabta9YjG1QTF_iJX3K5g8Y-xmANjoVwr7P4T6OPs6Gk4UBVry3hUmvZClYeFHMhP7TFs5TV0YWQPobtgpARMel21cyuMA3zE_O80vAkm4wU0tj4zG1X8MV_50_tGzhg8gjRRp5nBlPSRKqB37tRSwWBKrAacVKSn99OG1FfDSCnCVHJEQQ9IqpNH078AKhbl0gPZfCRRJ4uHzuoBO-SEIQKqo9xYHp2_KSzTjWCwdJMJxhlZ7bGxri-hFZgbXG-tIDyCwyrjb3xk-hmLi_fzg5x0vueOHM2cZcqc0jpyCNmI4Q-MQf4ySEdrZZbbdf3FTXOFHeFOrZqUDF_4zcSgIsJLg5bMkV7E9_AeMtUOvhran7XIfnvJFiRMEgiffSrrW9914P_ps17cuoHwGT998F9arGShovVCagL7y-BK93fWmuVKnapSBtn8z8PKm5oaeyxsosInSUDAZLiDYNox3Sn88Y6AsK3lHC9zbZPdycl0thwalYT1GukwAss5mIy-klW2yFy14BrEN4Jw0TMrTIahNeCGR8RJ5NBLI__4pNddcnA5CGO_eqKf6uB-ph8XGGIfVdBPpOrXck-nxByd-6q5f_7oMm3w_MQtHvZrAY1rPGBvXccnSc3sv3DlHG8Byh3sVgl2ly0ce1A5LIYbNc4gOYuy0j5_uGXRPK2eYKkyWg2S_2O8chJrCPjbK9UVQXdA-vsyrAAR6KkoGVl6gi4JRKj-XP878qrdjisdNkzbQGlbtSOwObd88DtGNlBmU64fgKtVTWRNlFoSK-iQJ1zPwYjx4zcqOy1lDvTApRQCuhz-2lv3-rdRs2rtYGhawSAu_3HQjyr6tEveTWqdhxbs723MbkBfbnP0NUN9Vn5Z0h5Tb7ry3TjTZkMzw1-ZxgCP70nWHz4GdJVwrq_8iMH9aMmD1xkkDlo1wW0HZNeoopAHN4xxC7Gpp05S95ZDHs7_RRRp1gHd_wzqu3wMXRyOQ03UTPdlEd_OwFyBHn8cu8DEsyTTHyREmZ6F8r4Y_TfEwl0OR9hSC0tF8oS32LEGxBcUkGJFPiCJHqj5j4ehYDZXqGItAa0RX0vPzZnYjobziolGWQc7iIeX_rSnaBI7TEHsu-t5sdF_ciOelhvua4Z57B5mWSYOCk8hloq5rBz0NZ1ZRzVDq0gpcN85VeigBQ3hgoIpxKWtUN2eHp-RYjw4lMLxL82beyr1luCTjjsCD8OVpBfQEF97kwIlLAnCtafPpPGtKUiTUPdop5llyaZuReFIVxxpNtzRIrnZj1G_OKBfH9_FQ6pDj_yLyqWFpB1XWxVr81kt8xyr_YWPjDsoqtKBHGeDkzFulipk3WhnL3U07Y5HNt4viAjkCS4DyTae&cid=CAASJeRo85KTRwfhr00-W4iB1iISM_nA9FOTPOKRbgd5Qsaww999OGk&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 21 Apr 2022 14:07:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 41A3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 09:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 09:07:05 GMT
3130174647914998654
s0.2mdn.net/simgad/ Frame 41A3 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3130174647914998654
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294edd57930c287d040bffa8bf3734ac277ccec50e953182300b2f13be528231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:44:11 GMT
x-content-type-options
nosniff
age
235392
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45492
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 00:24:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Apr 2023 20:44:11 GMT
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F3771812%2F1845205225853235%2Findex.html&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=99&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A514&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=67&cd=0&ah=67&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=198121&na=611478302&cs=0
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CD59 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsur-hwmxWKob_rL_8tVZ8MFTgKvZUGofVcFwhDBBn2vnVFWJodVkLPvVKzF0LXoGqWzVpWQ0fZSX_VipNyMYmhlRjG7r0fgfO5yjsmGM2M_Ru2a2vvG5IR0nSVKg_d3e57--Y8u8zkxfDkk8epoBseFnOa8CNzbKLLJ9_0NrpP14WoL67GAy7E2_xHZGORav0UKBGCYYcNuElx4bR0HZ-Fmr3kqcY83Swap3YGi3B26y4fvCbpknAQVJW-Ek8hy4xyVfPInooDO64J9s2T2t7y0u9rVdMDua9d7tPwXizu8JHfRn32V0ESQq7ppWD2LN9Sww7w4T99xKxsKm9MyLH8dD052igXq08_ZpN3LYvJ-_KYVIC_qhHwDO9nn8ZIkn55i0pFC1ujCa0bS9Eg4MWZS4DOvTkbkkOisVpoW8ySH0v0WMemtAjuQV7FT2Nn1VTK8ZsnNDVqCRED-gsm_Hu9JMV2I5bWdvkVynk0mHFvQHWRnDX0SOsReqXO98aayWa0wnE8ubNx1AXnKu1llzKyAKYTg7rK1weI1o-c8ES2lJmOLcBDQQFZ1TP_tR48XnwpgPMpA44V7B8huXC1vtGAji-JxDKDaj0hUOq1-iGeEPQei-2i1Fla7CSjsTUje4pgnEYJY_8IlRS_dGvEbQEK1B2V9wg-_ex5EkHu1VWXqaNRU9fpRYDtCLMH7OBSac5CUhVYflHjzF_iL0ySEJaXvD7R_z8Npy3t66uCVTZAqGXxMPiScT6MpKRXnOSN38U1ztxnO1kfi6gCKCRlG10zsKukAb1WSqjQvtSs3RgeVxgOsa-b97_Dv3ghn5zV60vQ1TDaG76hsVivy5ddXARmVEVMs0Gn1-ZwRUSAJxATleDv_-VdiNJgXvEWZDwke2KvVTCaMW-DV-2XgrXTE-ZfUl0MPIgx3GxTLooGo0FXoedkohFdla-0uMSDcLihWxqDYESpM8GBcOq33l9gGITrWi2ApCaFHNPZU-_LGqmLk1HUz1ft-7GkoxmokxJf6ZP_6elnX3TTwOCKVLoIWXE7APBGCTWSh3A_h_dC57gGpNAx0uYDdXLqNUgoeoffMprDT5UEHsJ4zvueC9oplJV95EMdpGwythaFCz26VwCpsbUcvlZQQFOlIBZ3ssMqREGKK9-2oqpiLqaiHYqq7Sw9LkrKfpHlhpY-9U--ImktCJVkg&sai=AMfl-YTh2ey8C6yrJQnRvENt007GB0TvoNHmXh-FTnEEAOWjzZ7I4Yv3bIpFGMGooM2ibdbIXgR0llxWxr3LUSNlhV81kQxwOG0nFPkCsQgGh7bJ9eN__-YA-KGRQ58Sax5Mty0ZIxppuPBUnFzjti0CfgjN5v7eHNMJsYiNu3lv7Xwdg-C5ECwavRjKRXgsvr6_qV2BLR6JqmgirEPGLjWIMyqMlekmxe4&sig=Cg0ArKJSzHkq7dnD9HylEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2228&vt=11&dtpt=1865&dett=3&cstd=360&cisv=r20220413.67001&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
pagead2.googlesyndication.com/bg/ Frame D812 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 00:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
220526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13613
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 00:51:57 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
pagead2.googlesyndication.com/bg/ Frame AC96 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 00:51:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
220526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13613
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Apr 2023 00:51:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 41A3 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzLZgd1yMv4mkdXzRJICrzgJxSMEaPkitNmyEZiI7mIRrJI7f_9FkTYenZXLWPA4blNTShJWG-RLIbS5RGtZTtvYdHvZNuEYFwkwqAwNgqlGEXJTrTuJB6VVKYU3tJiHEngc4eKifmiR6_89ute8-o5nbMmSPhx1LUB85LQRPx-x8qC8j96nIbiCSsWu4OBhrzyLIi4XiqM7FzrgRoHqpNz_cU4LwJmC4tIfDuIMKvgHHgM_ATJUhODW4AdVo6EU52pdVMqJ702HFi6NMfam8mg0VFDN67dx5L-8FKao_pE2_X2bg-sHT_7v8_cipR_U8CUQF0xuW2hPrfXNg9QeYh4HQE5IcK0zvZG2qE3oNU5bT8WHu2rGO6jpoysUWMWBea3H-lKZo2es-vELIM1hc2WzZhkP7PkCgMWuZi_V37E48T0fPvBQzSMC3mkXATDO3cqW5HkHOZ4Dz6bC3lvz6e7OfJMk5eKr0TYcMBwuOjNg0KUkQwfTehte0AUGhn4_X2PQixQNr_O-J0-IBLOI22KTq3G_2ZbZBRdt0CsHGB2JiyLeQmfiCrWV0nAek9j2F1Dd11OK2ZPPL5OXZevkko7A3y_E_awSaEDpX_xX9BJBRgCUhd-JAKrRDopcnj6azAQY59I-OY7FPNtZxgzYDZZr1bvNf1GVMyJa4dcWUuD2l03ERIJMiu_XrCxt_BblO54Rb9yY_-zqK49iDBfn_Z6odCGpHzsFAKT2rZpr5zpNdmzQ38k1Kedg54UjOo1Me-wGLoGX1WqbMyVOppOoM61GEIPdRJRNco3r9wNSUQjf9iMJhPhCcsfqMH8PyJ2jjG9R3V54U0V7UjFrjOhcf8X-GIwn5Ouw8oVW1aHNHy1UnRxd6uEb7N8e2lQIUZme8CH0vCqtLjql4I_IcFFqXKPijGneOtvp4UMh-A7q0p3wEkB3HGz2pwe0ZootzYaDvBwiKnsB4RIDsGwSeq-GPV5KwDKFVGtVdRqdTg-8ev10zn0VMIhmOVeAXBLJotHscc1qWYBjBReI2bBPlFgq9Fj1bjGaQmVhgo567fCl3QpwiOmyoo2ZGLZD-w5H9WNrJBimbwDjoD5D8AfWvgfbqL5x9UVGTxZECm-AJOhZKgE6T3C_PKzZ-_VdaOOBthMQviZUOGbqOAVLZM9YZYUZ0UKlHFhXItahfL0MHZ4Qiv1uaCR7247uv1mBb4EhGAIpPHC3gxpH7IdTAkvyWM6sgbeJjGS2szoAQ5c0BcZDsSE1KVdCc&sai=AMfl-YQhOu4p0DCLhxWW1fRaVfWiw0joTJReccljFdBA4lO9R9oGTOc4yk6g2x-jvgmfC5fA3Mv8O582aZyXB2B7htI-Y2FtDKGF8Ue-wRUQ-Pn1mWJ72V_764LDhCmy4uitFCwtZ8g1c6FboHX0IFEysn1jXrPa7QvxztVDtq6G2AhMwISpB3ngorcQOLJ134LF2Ol8O6e_bPdKMzDlnPuYI9rBSUz__x_3-sn3E2rYc8Omo1xF&sig=Cg0ArKJSzJFOinfOLLOfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=104&vt=11&dtpt=103&dett=2&cstd=0&cisv=r20220413.69699&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfHBKz77MOnNwnO1SP1YKC8oDPmcWclCxNrCVVZU4xH61M8DsqOXEDcRo9MiAhYuStGnlQFay1OtqQzNbkeN6SqqLPWWDJEowMK6Gwk4BYiZzQxiCjx8oO5GgI5bf-ORfWJ3d2i3MtjGNsfljzOL2sVVC2jg&dbm_d=AKAmf-AxZEhww20di6USXUdk4UT0SVjDJUd09t6GlAwJCX6-wQVoOu8NmqIbQUZTkbfyiWMQuc1HGuRciFG1cXmciQvTqqgOv8ru1dKCqXqfUjKTWt_kGUZZhdQrzsFVnYYtPPDQJE-Z1Gzrwp1cYoffXXZ8qmxrPNAlYDd1prrpvF8IIGv_nFU1m5YfHicI8L3T2oKdPaf2W752wG27NoIM0zrU2bDT9vGC1zvOwCaNE_gxW023fxrBzwbJAkQv7iob3tQNIskMt9O-60IlDrVOLKQVzUhKC7T7MrI3bhxwuVN1x3wlBY0dk_NFqjZBzuDZf00cH0RLMPJqj5MV1Pi0IcJkS_3a8nFtb1lNuPhvZjMoXr7ouw-GdVNW7w91tSfrlXY_Iu4oahru8_eYlp61rerR3QxWrE6vJLBG_M_n4F11DX4wL9g1LB5s_Oc-5hhFivCu7a1mU9hpzaKYyU7RO5NGOp9m8z0_v_LQg8Gcza2JrRyOzplW0oOYSm2AGa4pG4MQEKm18roSc6uTzO8oMtfG_dabJCgcakJkS2J20RsSmFsz0edzgLahPuOj4jfw1k5bXBproRNkwdNu0yOBkp_cA9cWP5D6Dbvi3Mq_PbYrgoRGeqHWEP9tX7u4ja-2rArpHcUyVf7bs_7Ed9q2LKPDVJKNEzatkFJVd4FHL0HIi-byhlUMePgLN0iGiRv-x1tuHHa8fJCot-OyJoBOqQEAYCEhNtm7Sp_-sbhKbLLzMtrZloBMhMPW2ocf7m2lq3NEPow84w4VmOMwSbGeCuv11MiYTqMlnVFuvwkU80zShyFx5lj9ypJiYlobNLnvTRhW6NchhanHPRDSE8durJn8Ri8lGCOnAtFaxXYJ2IQtmO2lAju5nKU5Xbl1nYU3S2oeqME8-2g2ZN30A1tL4fp_a2EDe9lM9-uoP69Vjeg_LZYdv0T9VjMaMNp90x78VdXW77rEBiY4HFJ6XA46yKQspe6QY_o_ESkGB6AQuMqoOIKo7xisPkzM-da5h9NPger3u2yeAuh3we27QXEyn1LcknDU09Q3Wl7lb11-DK6Bu38SNM1jShhekcEl6qY7vMa45AYpAXEG_p8E0JBvoWftXYMESLxJPfPHKTxUXQ5WKF9fCz-Qthyru4-AKB9uDGUVcxqaIxjiCT-IsAtafvnl-K39C_yzfg1Z78vK2XWmGUqThwKySvzX5LHy9cd1toprUMDYg1_SA9XOAYgnmtpvJzWlPcs0FtA74bOko9aRRuvrxIQvVYRyLGUs76rb_jGpK8xDXp6MCaXd7Tuhf3IrGPQQRo8Bzzztd3LbC_NkxxSV8IT04c30jVYEOwAYrhvtz7niQX370N-acnrTqKXBz108hFH5Z09xzXJ2XdMNW3M2LAmF6R0VwNJojSF_03IvMzx_O_paPbJlm6vx0Qp_edXJC7Vd3tCAgThciFYeqJ3NqQjuidWg0x42l1UnLzaE3GjIFutLtac7N35nnyAAwLcFjNIso5syL-gmDPybHV7G3Xd8ncGMfXP6vqYpTuS34jm9RRHYttaibLj5x5axlvi-CrYsh01TBRNlGX_wk0s6omZeegAVCOK0NTilMlEkd_jJMIx06rPMMva01j3JkVY5zo0_VNkCoWMIA4TlesWCmFHnixC3mb3PZ0-SxQBHhAQv1ajmx3n_0-2t-MnN_sV3NYaC558nTl3tN10nncTIJ5cqYSau3Dz2SL5SLDUtiCzBZPiBrNxnvmuZhevadt1RfAFCYhSXjjt_lDeyKNIqB5YEzc2lvewRExZAgxJrHmyBDCy-SiPpY_y5aXF1tvy25uC1qNNTVub9KAavabta9YjG1QTF_iJX3K5g8Y-xmANjoVwr7P4T6OPs6Gk4UBVry3hUmvZClYeFHMhP7TFs5TV0YWQPobtgpARMel21cyuMA3zE_O80vAkm4wU0tj4zG1X8MV_50_tGzhg8gjRRp5nBlPSRKqB37tRSwWBKrAacVKSn99OG1FfDSCnCVHJEQQ9IqpNH078AKhbl0gPZfCRRJ4uHzuoBO-SEIQKqo9xYHp2_KSzTjWCwdJMJxhlZ7bGxri-hFZgbXG-tIDyCwyrjb3xk-hmLi_fzg5x0vueOHM2cZcqc0jpyCNmI4Q-MQf4ySEdrZZbbdf3FTXOFHeFOrZqUDF_4zcSgIsJLg5bMkV7E9_AeMtUOvhran7XIfnvJFiRMEgiffSrrW9914P_ps17cuoHwGT998F9arGShovVCagL7y-BK93fWmuVKnapSBtn8z8PKm5oaeyxsosInSUDAZLiDYNox3Sn88Y6AsK3lHC9zbZPdycl0thwalYT1GukwAss5mIy-klW2yFy14BrEN4Jw0TMrTIahNeCGR8RJ5NBLI__4pNddcnA5CGO_eqKf6uB-ph8XGGIfVdBPpOrXck-nxByd-6q5f_7oMm3w_MQtHvZrAY1rPGBvXccnSc3sv3DlHG8Byh3sVgl2ly0ce1A5LIYbNc4gOYuy0j5_uGXRPK2eYKkyWg2S_2O8chJrCPjbK9UVQXdA-vsyrAAR6KkoGVl6gi4JRKj-XP878qrdjisdNkzbQGlbtSOwObd88DtGNlBmU64fgKtVTWRNlFoSK-iQJ1zPwYjx4zcqOy1lDvTApRQCuhz-2lv3-rdRs2rtYGhawSAu_3HQjyr6tEveTWqdhxbs723MbkBfbnP0NUN9Vn5Z0h5Tb7ry3TjTZkMzw1-ZxgCP70nWHz4GdJVwrq_8iMH9aMmD1xkkDlo1wW0HZNeoopAHN4xxC7Gpp05S95ZDHs7_RRRp1gHd_wzqu3wMXRyOQ03UTPdlEd_OwFyBHn8cu8DEsyTTHyREmZ6F8r4Y_TfEwl0OR9hSC0tF8oS32LEGxBcUkGJFPiCJHqj5j4ehYDZXqGItAa0RX0vPzZnYjobziolGWQc7iIeX_rSnaBI7TEHsu-t5sdF_ciOelhvua4Z57B5mWSYOCk8hloq5rBz0NZ1ZRzVDq0gpcN85VeigBQ3hgoIpxKWtUN2eHp-RYjw4lMLxL82beyr1luCTjjsCD8OVpBfQEF97kwIlLAnCtafPpPGtKUiTUPdop5llyaZuReFIVxxpNtzRIrnZj1G_OKBfH9_FQ6pDj_yLyqWFpB1XWxVr81kt8xyr_YWPjDsoqtKBHGeDkzFulipk3WhnL3U07Y5HNt4viAjkCS4DyTae&cid=CAASJeRo85KTRwfhr00-W4iB1iISM_nA9FOTPOKRbgd5Qsaww999OGk&rfl=1%2Chttps%253A%252F%252Fwww.bleepingcomputer.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&id=1&ii=5&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=230&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lh=134&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A514&aa=0&ad=72&cn=0&gk=72&gl=0&ik=72&ic=72&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=67&cd=67&ah=67&am=67&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=198121&na=205313759&cs=0
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:23 GMT
index.html
s0.2mdn.net/sadbundle/4758886164911207527/ Frame 6B54 		85 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0385c1392665dc542f9ac17d24cba4faa6562de5304f2582a72b49358063b1d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:23 GMT
expires
Fri, 21 Apr 2023 14:07:23 GMT
last-modified
Tue, 12 Apr 2022 16:41:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F8CE 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDes7S5ZMlwCRfi-Gtg-5xIq8-k2GYEnqGLee0lgfV4MtnanaPS1IE_1iRj0fK3B6WROoc3QkOXwMlF6fQDiT_pjtUwjRTlmuuhmMdOD-vCy6UZe3Ak357TLjk46mlbxj1b-qlh92kWxb6ydw6R6Xsn4ccGXa-Tqit8eprJ2TiiXSzqjMVGLxA1WUuDF50Ls7PBFWg8LWkFbxNufsoMe2LLdv9KBIFERnGCi2S-KlfJuz3FIS_-ShRzlotA-eyNqWB0EqqXqhcc1BKQpu_vymwEhK3lqdRRrh-MYUBxcKPFawk9W7TU0sxjAMCZMGX-pnrGqGKjO6GxtoxE9bXvPRmc-GKarn_nETZ_fYxTBRFi837dqCTdC8faHvpYJcsN4jvEx1a7YnWHTqRnSgUuFLIw6kP0ygiczvm5cpwvDpjC46TUvbrfhizbRVeAGa2Btav9rNMGapD7OTYFu1uS9oUM_cDzm00cCpR4KakvterDv7FDoo_nmrfyyCbRceJL6Ej1R2BGolkmy9ECf6YMpBs6NOuCUuouViMqEDBu0x704TOzJai9J02jTGZLEtRCWcG6kY75ZJ50qe7czVxmRFbsl0WgO6aGCuXc6RD2GlCXUUc96-Qomu4WoKwPEFvOq9SZW2E8MEfUIDX8gQ8lJzbgS7CSKz1apnfaD9tp6bO6hJcI5C7v5fpAVOibVJmT3iN8qhQB3oANdpBiT7qVi1gNGR4i4EjZ-xRc7LxmCeeECBGY2TKDxje1JsbKDFV_g9gGNISgkxgngYqwbiDnvnCLJV4OO8HQ-su0VvNnszYukLUWrhKxG1_YH_u2iXlt1Zpog7ea8b0hVTu9KQNTmwuUQG5ppMdRl2mkH_0tQk8n2JDCWvcEs-E9pGTUgzH_0C8GlLXoNFdOj3kNarCE61zcla68GDR9hTY52sViO7CFr7PgSsAPRRwAdHgUOJJokOQ2s5bRkCXfSBq4VK_5-Ylm2xCBstEHnZlALPuJwkEgsOfSneKwi4QVUsiPlwb1x3c_9N8SQWDYU2ryKJ0-ITa2brOui2d1iulhi6kSakPJC07KUw5jpJ-nRyK_qFOuKiOrEEYC-WvFfGizKGRa8Y0NFrePCzWUcCXkop3jKzenQwpo3QpccywmGNPzTXMDaWr3fHqSGDPQORkfSeAQD17vfU8smMZFHV-4wasLhkwA5qU_jzUJ-gqa2f8-Z2g7Q3Q0RAThtuQO87jFt1Clvp1eI4Fc-TxYyEveaqaBEcp&sai=AMfl-YQ2_w-gCQv9XIp0xRq4doDYU2rBObCS7VyNsHSNJ-rqpo-gzezSVLlleBxpakbrFnckyw6vnV5CNPmckfmv0Pp_CcBGAU6RbHsADos4POpOXIvtek-I3jHUp02zJUhVTR-X5ONf1Fd-6lbFXOKfUSXgFwi7m8wgWSWcA-PXky4EUZe6GUBBtec5HutmtpGbOY0qB6yfeJml-Ib-u3m0ZA9z&sig=Cg0ArKJSzDd_YRXFoc2REAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=191&cbvp=1&cstd=172&cisv=r20220413.09832&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 21 Apr 2022 14:07:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EC82 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
67571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:21:12 GMT
etag
48472445140208031
expires
Thu, 21 Apr 2022 19:21:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 41A3 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22e500e263bd877e8d92a46a7b84a7c887bbf8209a35a429a3d951a0a381d1fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F8CE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 09:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18018
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 09:07:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B853 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
67571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Apr 2022 19:21:12 GMT
etag
48472445140208031
expires
Thu, 21 Apr 2022 19:21:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8CE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1b60ac739645c935f004704f6a3218eb82a255b9f604f4be8819cf41c14e3bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A59C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 00:34:44 GMT
expires
Fri, 21 Apr 2023 00:34:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 6B54 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 00:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Apr 2022 00:18:08 GMT
src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086
adservice.google.com/ddm/fls/z/ Frame E030
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=2507573;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
  • https://ad.doubleclick.net/ddm/activity/src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&...
  • https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&o...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H3
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=2507573;dc_pre=CP-NuoiqpfcCFQ6IpwodqoAJbw;type=moat;cat=namas0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1650550043086?&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BAF8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3zOGGWVhYuDzD_6BoPwPhqCHwAwAAAAAOAHgBAI&bg=!ERKlElbNAAZvJBiFTyQ7ACkAdvg8Wv4mW_sezFrsTw5wrhMANzaUQcuWsdetzuU9AlBmio5Wgy9HgQIAAAWsUgAAAANoAQeZA0Rva7FhgR_zQvhpPmrGe-GMkTk7Gmhq872tODqF_FEjrFa-eRq5MrVYIyPh3o98ddpz6G8IbBr7Hxol4Qdi_7_dr856VgoQJpWbs_VFMVxopgt177GPjGZO3egvnhR-VQxizW36fWRc2o1_XG-t86iXFfpXDBGWFwOFym9GMg4-brTnECqrE42HI8IL_WJerOUMSekr0-M3Su4-ko0CNneUFPEwCt1rVJ4jRzvSoV8DA5Wuw_YGa3B7Ww0aCULdfVIocRi4l763kur9SyOi75t29rMdUQDqBECXXGjkKh2ysipI0O5mIx3v2XkX82Y25-ZxvWbbV_SWvC5VaJY2yQ8dwUg_UCFex1i7hzRfr3qDWsGPWg3PDdVdNpLUCMLCkpw1EYsjCe2djKgHzpsT1ZPULq_FffQqEgAmMC6VhNv8Jiva_PgPBGFLLLv2X4H0nWhK0SLTsi1Gn9ro8j_dX-szuKW5LhCAtN1SRI9zFz9Qy_ueb-GxMmzlN26ZsTGnX8Fo4tAAZIcYnZo0ccq1LtB6HWExPU73oDs8H1D-qX6UCLaeRNmtF1BO5xMSdsRSyBWFW3X6_-NqDOYQzr_cZzvRW3-vhnYzioMcc6Zge3B3UfREo4eHuCaYaUPTZxq0dO1ARMYN-bt7o-z1wgsZ2p58MwpfzyFh5UcFQwl4JmoYns2G6bl_mywxZ7XuHLMSZ4eXiMhnez0zqDi7C3zLT87MI20knJKWdo57I8bz-JSZ3cz1wbz_0fkVo0mjORkGuV4JhYfyQkGY7V8kgwjwUa4ajaEyqNZNj-0swxV6BJACrruc9ai1gDPvp7G_QpSvuDCAYuWb_-BXk6zWhtRzx6P7okcKIEfjcoeqtH7NPAzvE4zjjiIWY4cuoAtek8xzBqKqN5cXJw8gmL_030HgBM71aEvVxVcy02I4-w3VWHrtuqTPH0rrrtgeNktIrOIa-lit3VEPWZUC4BasXEFIgGaHk0viXV67gVQmd4uG7DQj3WQiRYrXcqHS9ugM4OCm4b8DIeR_gM3wm7CoHUZeWc1ULNNl_vhON-5EixVcv4DHoi0nF3hL670nWHsyskZmESIQKNtXQVBzP88Ya3LqHEjm73efKg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 16BC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/freestar/b-5a99e50-0ef925e1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
48759
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 00:34:44 GMT
expires
Fri, 21 Apr 2023 00:34:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJx2_Rn7oIWT_WpEcsoS6hiY7y4Y7yFxjW6csP...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1GbEd3QVdQTXBPR3dBeQ&google_push=AYg5qPJx2_Rn7oIWT_WpEcsoS6hiY7y4Y7yFxjW6csP_r0P0z5WhJ3aghQeJvqSzWYODfIiZX_YLPyFFyreSPBfcR1meZFwShUA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1GbEd3QVdQTXBPR3dBeQ&google_push=AYg5qPJx2_Rn7oIWT_WpEcsoS6hiY7y4Y7yFxjW6csP_r0P0z5WhJ3aghQeJvqSzWYODfIiZX_YLPyFFyreSPBfcR1meZFwShUA
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1GbEd3QVdQTXBPR3dBeQ&google_push=AYg5qPJx2_Rn7oIWT_WpEcsoS6hiY7y4Y7yFxjW6csP_r0P0z5WhJ3aghQeJvqSzWYODfIiZX_YLPyFFyreSPBfcR1meZFwShUA
Date
Thu, 21 Apr 2022 14:07:24 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLXF9_f...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjExNDA3MTg3NDIwMDc2OTM3MDMzNg%3D%3D&google_push=AYg5qPLXF9_fOQoQITSgwp9qfpTEfMcMLY6ndPHKDCYTk6MLzSY_6yGHOaimi-KET5E1q0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjExNDA3MTg3NDIwMDc2OTM3MDMzNg%3D%3D&google_push=AYg5qPLXF9_fOQoQITSgwp9qfpTEfMcMLY6ndPHKDCYTk6MLzSY_6yGHOaimi-KET5E1q0JVBn2_TQKgVHmJ0bc8w81O1GuxiD8
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjExNDA3MTg3NDIwMDc2OTM3MDMzNg%3D%3D&google_push=AYg5qPLXF9_fOQoQITSgwp9qfpTEfMcMLY6ndPHKDCYTk6MLzSY_6yGHOaimi-KET5E1q0JVBn2_TQKgVHmJ0bc8w81O1GuxiD8
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 21 Apr 2022 14:07:24 GMT
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPosetiNr2rbDNes30nra0k&google_cver=1&google_push=AYg5qPIUiWgTmJgpIuWkgUy2bVv0k-6xsg1Hz_vY3xUVUfCVZk7A0nzgjRlIorAJzXmbRbKYTcjGmwBm-WW81Vc4it0pPNjGOpQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUiWgTmJgpIuWkgUy2bVv0k-6xsg1Hz_vY3xUVUfCVZk7A0nzgjRlIorAJzXmbRbKYTcjGmwBm-WW81Vc4it0pPNjGOpQ&google_hm=JT9gl10vx6YTL_I_FFKeSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUiWgTmJgpIuWkgUy2bVv0k-6xsg1Hz_vY3xUVUfCVZk7A0nzgjRlIorAJzXmbRbKYTcjGmwBm-WW81Vc4it0pPNjGOpQ&google_hm=JT9gl10vx6YTL_I_FFKeSg==
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIUiWgTmJgpIuWkgUy2bVv0k-6xsg1Hz_vY3xUVUfCVZk7A0nzgjRlIorAJzXmbRbKYTcjGmwBm-WW81Vc4it0pPNjGOpQ&google_hm=JT9gl10vx6YTL_I_FFKeSg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
2a92td8pa5kpiodafht7aclhattd6bfq
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qZa_N1MLQtOLu8hCE3Ia-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qZa_N1MLQtOLu8hCE3Ia-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKApIQ70hqQFpf8dv09hYJyDWb_DSUo1oM4WEEvFkcasu5eXKT0IMygCkakdiLjcR1hDdGlk9zqPUafqNuDZBvJZjWZHw
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qZa_N1MLQtOLu8hCE3Ia-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKApIQ70hqQFpf8dv09hYJyDWb_DSUo1oM4WEEvFkcasu5eXKT0IMygCkakdiLjcR1hDdGlk9zqPUafqNuDZBvJZjWZHw
date
Thu, 21 Apr 2022 14:07:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQxtGL8ckmsCKWNFaIFTDE&google_cver=1&google_push=AYg5qPJtjylIgVPgaLanYD0AHT7k_48C4P5Af5t-kgz2CIqMAy3dsJJUWRVcaU2XO8L4m8ldEB9...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPJtjylIgVPgaLanYD0AHT7k_48C4P5Af5t-kgz2CIqMAy3dsJJUWRVcaU2XO8L4m8ldEB9rCOfY6m-5p3HO9WYjzD_h1g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPJtjylIgVPgaLanYD0AHT7k_48C4P5Af5t-kgz2CIqMAy3dsJJUWRVcaU2XO8L4m8ldEB9rCOfY6m-5p3HO9WYjzD_h1g
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPJtjylIgVPgaLanYD0AHT7k_48C4P5Af5t-kgz2CIqMAy3dsJJUWRVcaU2XO8L4m8ldEB9rCOfY6m-5p3HO9WYjzD_h1g
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5...
0
0
pixel
cm.g.doubleclick.net/ Frame EC82
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEFtkxK1wZrfBR3Jqdp2Ijp0&google_cver=1&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame EC82 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxN8lwPEFWKSjnkBQXqOhoc6LPt7ImztqZtOt6-MYtzXuk8g83nPBDUNLWrwH4W9IyWZL4
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame B853 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKuLgv8RNUQJoMa_5myGZWE&google_cver=1&google_push=AYg5qPKfe2YJkwgwUNMovQ_susASlK9ejf-mzyLRiS02cbYZiluHz9e70IODNiLFP5AiBCh8DK4Y9q3WMXEp3IVmw6F-2cqFhh_z
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:44af:4f54:8af4:5563 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B853
Redirect Chain
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEHhe9-0JozPJxBrf20sZva8&google_cver=1&google_push=AYg5qPJzNumjaJhHgy0GPSwpO-9IgKxXoFRxI-rivcDnJq9Brb0LpW4F6gvl0Tk3xhWVy4h28L08DgllB...
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPJzNumjaJhHgy0GPSwpO-9IgKxXoFRxI-rivcDnJq9Brb0LpW4F6gvl0Tk3xhWVy4h28L08DgllBOtCcxoMzbhA4rPml4QE&google_hm=MTA1OTU0MjE4MT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPJzNumjaJhHgy0GPSwpO-9IgKxXoFRxI-rivcDnJq9Brb0LpW4F6gvl0Tk3xhWVy4h28L08DgllBOtCcxoMzbhA4rPml4QE&google_hm=MTA1OTU0MjE4MTQ0MzgzNDY2MDE
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AYg5qPJzNumjaJhHgy0GPSwpO-9IgKxXoFRxI-rivcDnJq9Brb0LpW4F6gvl0Tk3xhWVy4h28L08DgllBOtCcxoMzbhA4rPml4QE&google_hm=MTA1OTU0MjE4MTQ0MzgzNDY2MDE
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B853
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPosetiNr2rbDNes30nra0k&google_cver=1&google_push=AYg5qPKO9i8SWlTghRHfYJGAwVqY2ribsFpFvHzQkSZRPALy1PiYUN-SII1xDTXjizRmss0jvMvdgXGBJT1kLu9cI8WnjH2Ty4K_
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKO9i8SWlTghRHfYJGAwVqY2ribsFpFvHzQkSZRPALy1PiYUN-SII1xDTXjizRmss0jvMvdgXGBJT1kLu9cI8WnjH2Ty4K_&google_hm=JT9gl10vx6YTL_I_FFKeSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKO9i8SWlTghRHfYJGAwVqY2ribsFpFvHzQkSZRPALy1PiYUN-SII1xDTXjizRmss0jvMvdgXGBJT1kLu9cI8WnjH2Ty4K_&google_hm=JT9gl10vx6YTL_I_FFKeSg==
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:23 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKO9i8SWlTghRHfYJGAwVqY2ribsFpFvHzQkSZRPALy1PiYUN-SII1xDTXjizRmss0jvMvdgXGBJT1kLu9cI8WnjH2Ty4K_&google_hm=JT9gl10vx6YTL_I_FFKeSg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
p3h6s0tjsppb56sa4d8vpbcls72l2ec7
pixel
cm.g.doubleclick.net/ Frame B853
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Aj4vayQDQxqHdpzU9Thzlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Aj4vayQDQxqHdpzU9Thzlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJPSsxE6iIFc_kOLHut8Db5fkLMfnBNMVeZcq5TYYBScA6RcJKEVzAp5h4RuSgMTfRl2RVdvtrUXzXaCcqPcve0oswfXfBS
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Aj4vayQDQxqHdpzU9Thzlg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJPSsxE6iIFc_kOLHut8Db5fkLMfnBNMVeZcq5TYYBScA6RcJKEVzAp5h4RuSgMTfRl2RVdvtrUXzXaCcqPcve0oswfXfBS
date
Thu, 21 Apr 2022 14:07:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B853
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJQxtGL8ckmsCKWNFaIFTDE&google_cver=1&google_push=AYg5qPIuQTbIJ5DJYPX2UzslU6jC74aaFegTFSvFQrEpOn3z3j9iJS_qkm_zz7UiBoyVNBUO3Lm...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPIuQTbIJ5DJYPX2UzslU6jC74aaFegTFSvFQrEpOn3z3j9iJS_qkm_zz7UiBoyVNBUO3LmduhkZpSjO-ydg-4b7cUr8ESpm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPIuQTbIJ5DJYPX2UzslU6jC74aaFegTFSvFQrEpOn3z3j9iJS_qkm_zz7UiBoyVNBUO3LmduhkZpSjO-ydg-4b7cUr8ESpm
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==&google_push=AYg5qPIuQTbIJ5DJYPX2UzslU6jC74aaFegTFSvFQrEpOn3z3j9iJS_qkm_zz7UiBoyVNBUO3LmduhkZpSjO-ydg-4b7cUr8ESpm
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
pixel
cm.g.doubleclick.net/ Frame B853
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHn...
0
0
pixel
cm.g.doubleclick.net/ Frame B853
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEFtkxK1wZrfBR3Jqdp2Ijp0&google_cver=1&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame B853 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJ5jHFMtfWiCSZJyfFWZcnDwjZuCEaCOg2tXIremWxoGXSf_Bd1ixtxt2ygX_7vLSC1Eq9
Requested by
Host: e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
URL: https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
preload.jpg
s0.2mdn.net/sadbundle/4758886164911207527/ Frame 6B54 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4758886164911207527/preload.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:31:49 GMT
x-content-type-options
nosniff
age
498934
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2255
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 16:41:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 19:31:49 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame A59C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
395383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 00:17:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B54 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05a8574b7d7094e5bd6f7cce2d77ec6cd38b25ab6194716248415c98add82876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5579
x-xss-protection
0
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 16BC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
395384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 00:17:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F8CE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDes7S5ZMlwCRfi-Gtg-5xIq8-k2GYEnqGLee0lgfV4MtnanaPS1IE_1iRj0fK3B6WROoc3QkOXwMlF6fQDiT_pjtUwjRTlmuuhmMdOD-vCy6UZe3Ak357TLjk46mlbxj1b-qlh92kWxb6ydw6R6Xsn4ccGXa-Tqit8eprJ2TiiXSzqjMVGLxA1WUuDF50Ls7PBFWg8LWkFbxNufsoMe2LLdv9KBIFERnGCi2S-KlfJuz3FIS_-ShRzlotA-eyNqWB0EqqXqhcc1BKQpu_vymwEhK3lqdRRrh-MYUBxcKPFawk9W7TU0sxjAMCZMGX-pnrGqGKjO6GxtoxE9bXvPRmc-GKarn_nETZ_fYxTBRFi837dqCTdC8faHvpYJcsN4jvEx1a7YnWHTqRnSgUuFLIw6kP0ygiczvm5cpwvDpjC46TUvbrfhizbRVeAGa2Btav9rNMGapD7OTYFu1uS9oUM_cDzm00cCpR4KakvterDv7FDoo_nmrfyyCbRceJL6Ej1R2BGolkmy9ECf6YMpBs6NOuCUuouViMqEDBu0x704TOzJai9J02jTGZLEtRCWcG6kY75ZJ50qe7czVxmRFbsl0WgO6aGCuXc6RD2GlCXUUc96-Qomu4WoKwPEFvOq9SZW2E8MEfUIDX8gQ8lJzbgS7CSKz1apnfaD9tp6bO6hJcI5C7v5fpAVOibVJmT3iN8qhQB3oANdpBiT7qVi1gNGR4i4EjZ-xRc7LxmCeeECBGY2TKDxje1JsbKDFV_g9gGNISgkxgngYqwbiDnvnCLJV4OO8HQ-su0VvNnszYukLUWrhKxG1_YH_u2iXlt1Zpog7ea8b0hVTu9KQNTmwuUQG5ppMdRl2mkH_0tQk8n2JDCWvcEs-E9pGTUgzH_0C8GlLXoNFdOj3kNarCE61zcla68GDR9hTY52sViO7CFr7PgSsAPRRwAdHgUOJJokOQ2s5bRkCXfSBq4VK_5-Ylm2xCBstEHnZlALPuJwkEgsOfSneKwi4QVUsiPlwb1x3c_9N8SQWDYU2ryKJ0-ITa2brOui2d1iulhi6kSakPJC07KUw5jpJ-nRyK_qFOuKiOrEEYC-WvFfGizKGRa8Y0NFrePCzWUcCXkop3jKzenQwpo3QpccywmGNPzTXMDaWr3fHqSGDPQORkfSeAQD17vfU8smMZFHV-4wasLhkwA5qU_jzUJ-gqa2f8-Z2g7Q3Q0RAThtuQO87jFt1Clvp1eI4Fc-TxYyEveaqaBEcp&sai=AMfl-YQ2_w-gCQv9XIp0xRq4doDYU2rBObCS7VyNsHSNJ-rqpo-gzezSVLlleBxpakbrFnckyw6vnV5CNPmckfmv0Pp_CcBGAU6RbHsADos4POpOXIvtek-I3jHUp02zJUhVTR-X5ONf1Fd-6lbFXOKfUSXgFwi7m8wgWSWcA-PXky4EUZe6GUBBtec5HutmtpGbOY0qB6yfeJml-Ib-u3m0ZA9z&sig=Cg0ArKJSzDd_YRXFoc2REAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=526&vt=11&dtpt=335&dett=3&cstd=172&cisv=r20220413.09832&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
preload.jpg
s0.2mdn.net/sadbundle/4758886164911207527/ Frame 6B54 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4758886164911207527/preload.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:31:49 GMT
x-content-type-options
nosniff
age
498935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2255
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 16:41:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 19:31:49 GMT
replay.png
s0.2mdn.net/sadbundle/4758886164911207527/ Frame 6B54 		457 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4758886164911207527/replay.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:31:49 GMT
x-content-type-options
nosniff
age
498935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
457
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 16:41:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 19:31:49 GMT
poster.jpg
s0.2mdn.net/sadbundle/4758886164911207527/ Frame 6B54 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4758886164911207527/poster.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d1fdb1e891146424d01ae18acd6acec2d199f4112178237e93d388f95fac8f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:31:49 GMT
x-content-type-options
nosniff
age
498935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23793
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 16:41:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 19:31:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B54 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Apr 2022 14:07:24 GMT
file.mp4
r1---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6B54
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/acao,ctier,expire,id,ip,ipbits,itag...
253 KB
254 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/165E8D88530B710251271C1C13C5AC69BEC06417.15C4A29E46C02C1F4FE23FBE178478C5EC86BB7A/key/cms1/cms_redirect/yes/mh/FL/mip/2607:5300:60:7867::11/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1650549143/mv/u/mvi/1/pl/32/file/file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4020:1::6 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ea8f7b5cdc315d58b6a7cf84f2e5de7c8d695f5f784bda428f8460312a9ea959
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Apr 2022 16:41:41 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-259414/259415
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
259415
Expires
Thu, 21 Apr 2022 14:07:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/a9387d4cbae11294/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3794229766/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/165E8D88530B710251271C1C13C5AC69BEC06417.15C4A29E46C02C1F4FE23FBE178478C5EC86BB7A/key/cms1/cms_redirect/yes/mh/FL/mip/2607:5300:60:7867::11/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1650549143/mv/u/mvi/1/pl/32/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6B54 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
prod_studio_01_248_videomodule.js
s0.2mdn.net/879366/ Frame 6B54 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_248_videomodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ff18e021c3d1a587eb9a6eab9d7299931b572849e07bb530e2c529bf7e99834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 17:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74183
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4993
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Apr 2022 17:31:01 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.25.0.9843edf0e05467b8fcc058bd038d3ff50171db2479e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.71.201.35.bc.googleusercontent.com
Software
/
Resource Hash
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 21 Apr 2022 14:07:24 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
replay.png
s0.2mdn.net/sadbundle/4758886164911207527/ Frame 6B54 		457 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4758886164911207527/replay.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4758886164911207527/index.html?e=69&leftOffset=0&topOffset=0&c=6PJPEQHuj6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 19:31:49 GMT
x-content-type-options
nosniff
age
498935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
457
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 16:41:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Apr 2023 19:31:49 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame E441 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 17 Apr 2022 00:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
395384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Apr 2023 00:17:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A59C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhL1JG2VhYsylBtivNcuYgYAOAAAAADgB4AQC&bg=!CQqlCk7NAAZvJBiFTyQ7ACkAdvg8WhOq-e3lZRD8-_0oVV8u5xZ06aUxr0pqqHRxZFet78toD5TvQAIAAADFUgAAAAJoAQeZAvDsm4YiiubY_q1tMHKSYY-PYOewIYFI6wZp3V5K3kxvYU9yc2dXAyc8aRLx4bKEEgxBe0jbTi1y4vAQWKHNcrFdpFx1bcnCBlOL5Xm2w6hzCH9CC-FVLHU_oMv03RcxUjOY7Ix2NDzxTwNpwDl94v6ug1dibRy1Daq7k2xvMAJ3l8M8XeWANtk4gck08TCqOzpv9-VN4wrD7rREtGEhfQvrZXspFudsR_QKxwGKCqQ0mFl4Yhwd4cpjP5YuxOtT7CxPF3UzSHFHAdTa_mkCWUP4Zsy6K_eZj5imWcFC9Sy_a3__S_LYMSDtBR1yUrMQoMR8Wdixh5qAg8S6a-Ze6vcd38UjkVvZ1rAFyRRNOuXQRKbswUh1PUeNagEvTVlAKi6GKFEAoQrLjCDj15kae3p2pcTEm1Bi-q5_fs2i2cIKoYa7fpS5S391MJfZeRQGZ4gRFAYPMmziJgRNdTo4pnBJUdlwrfkW2x23zOEnKv7onRYXTxanpYhGtrXNOzj8N_EZTsHLxe5P_Z1WQL5V_XpBmyLJctNiYSZfvUhAC_IXv7QhafPTvYMSc6N9miHKt7DnPiGCTRhYt6CKJUDSR4e0AywejPyGQN6AEQ_3grbBrGC6lMB4x8mn4KJOZ05wtvOqZahtJM2Zh7uwoPLCa6Vi8XqhExYhdLrAUgLLJ9LCLQqv1OEE840_7eVDIm8-0GnvHqUjl4TrgqAenREgX4MNmJqFijYNg7qQYYPSeDod33iai-EWpacRa8hUpEKrAg8KO6Fqu7rOY7nQr5rD3WXrJ3FWo2-UzqCPxK8fok5aNlMnJuZj4OoWvGUw5HcpafheFALaa-ZzQCQCWNg4P-mg3e6MWfZUXFV-gGmEZFvdM4mS_3ZyVF_43zZFv_ImBptrwRfK8dUteuuQvbuUi1GX-En1cV5JkunGnaXCn3S57xSTT-zpVTs5vf1GaI78qvNuzKAEweRkJ6Q1XyWCd45HgoKPMGszUnsWxoai8jy20w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKjSwGmVhYvrNMdGDzgWGlp3ACwAAAAA4AeAEAg&bg=!Q0ClQATNAAZvJBiFTyQ7ACkAdvg8WpBzRWCSeMBfRFJuPJvrqN-IglQjeSCkw3E1KtG0EwclcZt6pwIAAADBUgAAAAJoAQeZAvbU3r-OhMLAUSSIZz-ZnUrZGR8RwhwHo8nhWnVZqKRmdq1KSgME-chfAswrZ-NFChnyUk3ZSdJBlYZtGgCvfzJi2SpahiZryxpVyNET5K-r-mqqif6cBolXLOtGj6KUFHbCkqUgTHb3BQft-VuhO1hg9eXHYfcnKfNuC8QMcsrY_CIsYdntceuNfeRt5bH5LJ1hms3Uc9ict0cq9OJF58jFiZXBl4k-Pcm5yOrld5PHUbJZyLfGTk2o8B9XHiEPoFVJDHmDE_I5d_MSWFNq6UUssye3tbyL5hKiCW24QtcNf13GmRDdqqBluidsHV5TN3o5l3jM5dLR_GPe7faNpF2Adc7pURnKq9Tt6vtqj8VuWJ7JHUqZtEIG7BCnzkwPwRMWTHqCITnsXaR2BTu5ikcjxuhKAg4V6HKSKkqYA45F-G5TOTfEyZ2s99UyhHzKewCZYqp9pRH6kEBCbC_dyI4o8M5yAXnPA5cBE3u4JsTh0N7QN9prEAu8-soFiuQY06TnAU6AsBidwpCVG60OMFs_UkJoBqmWklpR2vYBbN5Ry2JafLVjWpEsEm3PVw-j9giLWTgm9Fa85Nn67k-5-ydP__GXvIJyNYaHdZToueA5uqo_zFtISeWxUjnzQa4BtSUtMN8zFeTNyyjvCd6IGeFg-lzoKoF0f0SV698feuuaJwfwz4l0qLQeeBlBm9NMdXYQo_08JreuCtaXLlr4X61hVsScnVrwNOJtZ6aqA7fA4ntE9tekDjhZPxPRJ8arW6XFCmBcMK65-5XhDS-WzE_1T1YTLm2jJW76_DZCRFvdZbuXOwxHnBLd15BCe9bt5xrjD2ua6GhugX2gFIeJ8HM2gqaVelegY-2DkGww2jXQcruBUHqYkQXUm3vrZ_vzD-Zs12uC89hf2fzXdMENEX9ppGhOwQPeLbGK8JDn59MXCepErrFbjU_g5eepFPEwmr_i42SQVBxD4SFLGEN2FmDODoG7dBnAvV5IiMZMOXBpLtAEnSFCHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI-sLxh6ql9wIV0YGzCh0GSwe4EAAYACDHtvBQQhMI6_bphqql9wIVgu6HCh1RIQzk;met=1;&timestamp=1650550044329;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame F8CE 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-sLxh6ql9wIV0YGzCh0GSwe4EAAYACDHtvBQQhMI6_bphqql9wIVgu6HCh1RIQzk;met=1;&timestamp=1650550044329;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&id=1&ii=5&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=1247&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=475&lg=1&lh=134&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A3076%3A514&aa=1&ad=1090&cn=72&gn=1&gk=1090&gl=72&ik=1090&ic=1090&ez=1&co=1090&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=67&ah=1020&am=67&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=198121&na=1286988497&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:24 GMT
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&id=1&ii=5&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=1249&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=475&lg=1&lh=134&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A3076%3A514&aa=1&ad=1090&cn=1090&gn=1&gk=1090&gl=1090&ik=1090&ic=1090&ez=1&co=1090&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=198121&na=1242100472&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:24 GMT
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&id=1&ii=5&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=1250&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=475&lg=1&lh=134&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A3076%3A514&aa=1&ad=1090&cn=1090&gn=1&gk=1090&gl=1090&ik=1090&ic=1090&ez=1&co=1090&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1020&cd=1020&ah=1020&am=1020&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=198121&na=561575892&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F44 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDXxg5URv-3_lut_JjA1SZcv-fxoGh17ikpaC222RHbPcHZaLvb6t_TKypJmEoElQePTAQ_jpSFTdWvJH2bleLZ6g3m1iLkkpnyFRhuBWG_gzu_ws&sai=AMfl-YSuOnhJaXFFIOCILPhyJbw3FiMFsuN7phSGhflYoXXYZrlvMwZxmKdigisNEmaIsI2mWnLa_oQj2GCLqUgXzQoAa_JVVHsvgOa4ohIb6jC4tiriPRJmWj96HIHL&sig=Cg0ArKJSzJv4yuaD_al9EAE&cid=CAASFeRoU7e_j_kDD9e4W-EDEdTo-1zWTw&id=lidar2&mcvt=1000&p=626,1082,876,1382&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1177222269&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650550041608&rpt=1949&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8CE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaSYT-OvAaRgCaRGQV8exV8qWf3h6e71Y5yATbIf-OWlFa_Yj-VeJqHsJKHCYMJomJ5doob5_M8Q8pSpiCY-dlz7ZsCQ5_ohV4lq2Dbxyfe32Leu8&sai=AMfl-YQMhpuHMoUXuPesQzcFaT3zRwaJNykcO6gl67IJaboEfoxpIVK0pPRkQ_pZHLmutcTLtkiAKPyt3uUJM3_OahXEkkvMiMKy0HuWtwgao775GRsc7aWBdtSK7bpc&sig=Cg0ArKJSzC-LpuQlgz_YEAE&cid=CAASJeRo0ANJlUvg8MZa5qmg0mlMU1s3qZ5sgrsy4XrImbupaE7EQ2Y&id=lidar2&mcvt=1000&p=226,436,316,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2050935381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650550041440&rpt=2319&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame DA88 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
25c85e584bc065783624a16649bfdaee7e21624d5cf11b8e5093f5cb39b762e2

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
462
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
de.tynt.com/deb/ Frame 0BF0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
  • https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
ebe1dfd01f3c135f8908c94bb6ddf87a6a77d138aea601d982dde3ae8edd287f

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1333
content-type
text/html
date
Thu, 21 Apr 2022 14:07:25 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Thu, 21 Apr 2022 14:07:24 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
ixmatch.html
js-sec.indexww.com/um/ Frame 6EFB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Apr 2022 14:07:25 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 6FE9 		116 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
35119
cf-cache-status
DYNAMIC
cf-ray
6ff6af983850efe4-EWR
content-encoding
br
content-type
text/html
date
Thu, 21 Apr 2022 14:07:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 285f391916b519587cefa0e29513e1ec.cloudfront.net (CloudFront)
x-amz-cf-id
yekOsXUxE41T7sfj1guZf-fdO9BsqzSNlll7uxVk2L6YmbUXcS8ETA==
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame C22C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31534
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 104714
X-Served-By
cache-lga21975-LGA, cache-yul12833-YUL
X-Timer
S1650550045.493170,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 626D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.29.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-14.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165732
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 23 Apr 2022 12:09:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 0671 		1 KB
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
c411d45c8a01b93b7cc33dc327441449cf4a4786854d93d63af85d685d0f362c

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
671
content-type
text/html
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame D691 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
31534
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:25 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Apr 2022 05:21:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 103820
X-Served-By
cache-lga21975-LGA, cache-yul12826-YUL
X-Timer
S1650550045.494173,VS0,VE0
pd
us-u.openx.net/w/1.0/ Frame 12CD 		1 KB
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
c411d45c8a01b93b7cc33dc327441449cf4a4786854d93d63af85d685d0f362c

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
671
content-type
text/html
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame AC96 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28b2478bf10c0c701bffaad9fed82d7ea96231fc7e955038830f0d0138566d77
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11493
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:25 GMT
expires
Sat, 23 Apr 2022 14:07:25 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
index.html
cdn.districtm.io/ids/ Frame 4352 		116 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
35119
cf-cache-status
DYNAMIC
cf-ray
6ff6af984860efe4-EWR
content-encoding
br
content-type
text/html
date
Thu, 21 Apr 2022 14:07:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 2684a624055735139ca3901fdc6d3742.cloudfront.net (CloudFront)
x-amz-cf-id
3UV-qvvwdHfT8qR6go8tV0Lped3kwv-g6Dq9-xWq2QFWmSx7Rs6HXQ==
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 65BA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.29.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-14.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=165732
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 23 Apr 2022 12:09:37 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 84BF 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
f2a13254d60ace1e937a7a8945d8bb3c28a5682295f3cdafc9b31d771c7b42a4

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
521
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 403C 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
28b2478bf10c0c701bffaad9fed82d7ea96231fc7e955038830f0d0138566d77
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11493
content-type
text/html; charset=UTF-8
date
Thu, 21 Apr 2022 14:07:25 GMT
expires
Sat, 23 Apr 2022 14:07:25 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 54B9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Apr 2022 14:07:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F0E6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-5.20.4.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Apr 2022 14:07:25 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync
sync.bfmio.com/
Redirect Chain
  • https://sync.bfmio.com/syncb?pid=126
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Protocol
HTTP/1.1
Server
3.95.80.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-80-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.bfmio.com/sync?pid=106&uid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
183
r1
c.deployads.com/cs/
Redirect Chain
  • https://sync.1rx.io/usersync2/sortable
  • https://sync.1rx.io/usersync2/sortable?zcc=1&cb=1650550045597
  • https://c.deployads.com/cs/r1?b=OPTOUT
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/r1?b=OPTOUT
Protocol
H2
Server
44.194.134.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-134-45.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://c.deployads.com/cs/r1?b=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
bswt
c.deployads.com/cs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sortable
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sortable
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033154777882003&expires=30&ssp=sortable
  • https://c.deployads.com/cs/bswt?b=1f1345a2-d50a-4715-8469-b318f811a70d&i=
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/bswt?b=1f1345a2-d50a-4715-8469-b318f811a70d&i=
Protocol
H2
Server
44.194.134.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-134-45.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

Location
//c.deployads.com/cs/bswt?b=1f1345a2-d50a-4715-8469-b318f811a70d&i=
Date
Thu, 21 Apr 2022 14:07:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ACRS
c.deployads.com/cs/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001cFpYHAA0&ru=https%3A%2F%2Fc.deployads.com%2Fcs%2FACRS%3Fb%3D33XUSERID33X
  • https://c.deployads.com/cs/ACRS?b=211700591296696
43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ACRS?b=211700591296696
Protocol
H2
Server
44.194.134.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-134-45.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://c.deployads.com/cs/ACRS?b=211700591296696
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ADMX
c.deployads.com/cs/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fc.deployads.com%2Fcs%2FADMX%3Fb%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dindex...
  • https://prebid.a-mo.net/cchain/0/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=index_rtb&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=YmFlGeWVK2rxHCPvkD15-QAA%26188
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%25...
  • https://prebid.a-mo.net/cchain/2/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=appnexus&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=8298961850055676383
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jLm...
  • https://prebid.a-mo.net/cchain/4/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=sovrn&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ==&uid=e6035e59639ec77fc6ef41ae
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8298961850055676383
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:db770658-fd94-4b00-ae5d-c384f343dce5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F340%3FA%3Dbaa9aeef-6266-43cf-ad20-188fa1d22bf1%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jLmRlc...
  • https://prebid.a-mo.net/cchain/5/340?A=baa9aeef-6266-43cf-ad20-188fa1d22bf1&bidder=pubmatic&cbx=aHR0cHM6Ly9jLmRlcGxveWFkcy5jb20vY3MvQURNWD9iPQ%3D%3D&uid=023E2F6B-2403-431A-8776-9CD4F5387396
  • https://c.deployads.com/cs/ADMX?b=baa9aeef-6266-43cf-ad20-188fa1d22bf1
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/ADMX?b=baa9aeef-6266-43cf-ad20-188fa1d22bf1
Protocol
H2
Server
44.194.134.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-134-45.compute-1.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:27 GMT
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
SortableCactus/1.0
content-type
image/gif

Redirect headers

location
https://c.deployads.com/cs/ADMX?b=baa9aeef-6266-43cf-ad20-188fa1d22bf1
date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=themediagrid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=themediagrid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2723265135857761152&ssp=themediagrid
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=2723265135857761152&ssp=themediagrid
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=2723265135857761152&ssp=themediagrid
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame DA88
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame DA88
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxMTI5NzMwMzMxNzgyMDM4NDE4Nw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame DA88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJPsdJzCDdg21uXtrM0IddM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJPsdJzCDdg21uXtrM0IddM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJPsdJzCDdg21uXtrM0IddM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA88
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxMTI5NzMwMzMxNzgyMDM4NDE4Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxMTI5NzMwMzMxNzgyMDM4NDE4Nw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAxMTI5NzMwMzMxNzgyMDM4NDE4Nw%3D%3D
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame DA88
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1011297303317820384187&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1011297303317820384187&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4cc30f51-5c33-4a30-8bcb-09e4b5be4e21&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4cc30f51-5c33-4a30-8bcb-09e4b5be4e21&_noobservation=1&_expected_cookie=4b09c94...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4cc30f51-5c33-4a30-8bcb-09e4b5be4e21&_noobservation=1&_expected_cookie=4b09c94fe27a10205d5c1152577c26f4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ff6af9c8c21a220-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=4cc30f51-5c33-4a30-8bcb-09e4b5be4e21&_noobservation=1&_expected_cookie=4b09c94fe27a10205d5c1152577c26f4
date
Thu, 21 Apr 2022 14:07:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ff6af9b8ac1a220-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
xuid
eb2.3lift.com/ Frame DA88
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1011297303317820384187?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-rH2QT1hE2oRRAKAePHRyQcVetFpBA76OUuQIsu15sA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rH2QT1hE2oRRAKAePHRyQcVetFpBA76OUuQIsu15sA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-rH2QT1hE2oRRAKAePHRyQcVetFpBA76OUuQIsu15sA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame DA88
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1011297303317820384187&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=80a15a6d-6229-4720-8f89-95fa346d419e&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=1f1345a2-d50a-4715-8469-b318f811a70d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=1f1345a2-d50a-4715-8469-b318f811a70d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=1f1345a2-d50a-4715-8469-b318f811a70d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame DA88 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1011297303317820384187&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:24 GMT
etag
"84ab6ebff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D955AFC4D1AC4F07B93712B8622F0DF9 Ref B: YTO01EDGE0408 Ref C: 2022-04-21T14:07:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame DA88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1011297303317820384187
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame DA88
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5O5AUMV2TM5ETI...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=wAFWSgI4rKGtqFSiHetv
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=wAFWSgI4rKGtqFSiHetv
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=wAFWSgI4rKGtqFSiHetv
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2A23 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
263efd3d40787bfba953fff6247e41dcea1baf400676ae6f2b529692a5c9f97b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1541
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:25 GMT
Dropped-Udsids
39|241|230|46|105|111|88|191
Expires
Thu, 21 Apr 2022 14:07:25 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
setuid
ib.adnxs.com/prebid/ Frame 84BF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1011297303317820384187
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7d559ec5-485e-4ee3-8fd3-61838e124f21
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 84BF 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1011297303317820384187
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4325290d-9bad-4efa-a728-00c2912ca95a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl
  • https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAIdlU7EwsoAADogEYxYGw&dongle=bzwx
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAIdlU7EwsoAADogEYxYGw&dongle=bzwx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAIdlU7EwsoAADogEYxYGw&dongle=bzwx
Date
Thu, 21 Apr 2022 14:07:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&dongle=d54f&gdpr=0&gdpr_consent=
Date
Thu, 21 Apr 2022 14:07:24 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5f1bddf1-c17c-11ec-8a5d-f3a7b7c238e3
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-b82eef33-16fc-4c8c-67d7-d64e2c6c3455$ip$149.56.153.188&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-b82eef33-16fc-4c8c-67d7-d64e2c6c3455$ip$149.56.153.188&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-b82eef33-16fc-4c8c-67d7-d64e2c6c3455$ip$149.56.153.188&dongle=4430
Date
Thu, 21 Apr 2022 14:07:25 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=YmFlGwAWPMpOGwAy&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=YmFlGwAWPMpOGwAy&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650550046.646921,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=YmFlGwAWPMpOGwAy&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=8298961850055676383&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=8298961850055676383&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b7d6bd35-8968-4993-98f8-ca92002731d1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=8298961850055676383&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=ee91c4ed-dc53-4d14-abcb-71c8ab4b15ca&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=ee91c4ed-dc53-4d14-abcb-71c8ab4b15ca&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=4945&xuid=ee91c4ed-dc53-4d14-abcb-71c8ab4b15ca&dongle=31ac
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2742146992366196957&dongle=d407
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2742146992366196957&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2742146992366196957&dongle=d407
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame 84BF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=531e6261-651e-4700-a49f-e49486105ad2&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=531e6261-651e-4700-a49f-e49486105ad2&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?mid=3690&xuid=531e6261-651e-4700-a49f-e49486105ad2&dongle=3995&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Apr 2022 14:07:24 GMT
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 6FE9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
143735
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6ff6af992920efe4-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Sat, 23 Apr 2022 14:07:25 GMT
usync.js
eus.rubiconproject.com/ Frame 54B9 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1562bf13c9030fbda35dd0005e927a150531cdff4ad9558aba3092408cfe539b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63447
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Fri, 22 Apr 2022 07:44:52 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 626D 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81795630&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
655ba3001668295c32f85c75e87d7c29818d320ae92268fa738bcfaea309cf1a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
idsync.d5cb6b96.js
cdn.districtm.io/ids/ Frame 4352 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/ids/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 697118bcd171d3b8a0299bf4ce5a8604.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
143735
cf-polished
origSize=3302
x-cache
Hit from cloudfront
cf-bgj
minify
content-encoding
br
last-modified
Thu, 20 May 2021 02:18:27 GMT
server
cloudflare
etag
W/"74ede07ef946dc2316f86b2661cf2dd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=172800
x-amz-cf-pop
JFK51-C1
cf-ray
6ff6af99494aefe4-EWR
x-amz-cf-id
lwQ1lEw9tGsIlt1UY6HrsjBk2yAp9q3IbjALvHkHmH0V-8_svMWTYw==
expires
Sat, 23 Apr 2022 14:07:25 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame 0671
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
0
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
server
ATS/9.1.0.46
age
2
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
date
Thu, 21 Apr 2022 14:07:25 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 0671
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwIncqFkwYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwIncqFkwYSBAgCEABCAEoA&google_gid=CAESEANxlnNlqyS8g56_l4Ml-Vc&google_cver=1
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=ec09a8a2-4704-473f-a5f4-f18ce13b65cc
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=ec09a8a2-4704-473f-a5f4-f18ce13b65cc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=ec09a8a2-4704-473f-a5f4-f18ce13b65cc
date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 0671
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
47c9b288-6674-4595-863c-ca6b24fe7708
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0671 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a2bf96d6-e803-c572-3555-3c1faf786f10
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6RT2DJE4K27FHCXXKAWK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0671
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2814204586404124893&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2814204586404124893&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2814204586404124893&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 0671
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650550046.663161,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6eae8cef-6405-ecc1-c48c-a87d381c69b9
pr-bh.ybp.yahoo.com/sync/openx/ Frame 0671 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/6eae8cef-6405-ecc1-c48c-a87d381c69b9?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 0671
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 0671 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDYwNjM5NjEtM2RkZS0yMDJjLWUwYmItZTQzMTBkYTk2YTkw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0671
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58294/ Frame 12CD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&verify=true
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
server
ATS/9.1.0.46
age
1
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=d4ad6922-2cc3-44c1-a67c-7f8250e85099&apid=UP5f2b6ec0-c17c-11ec-b457-02755faa7259
date
Thu, 21 Apr 2022 14:07:25 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 12CD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokYWZhZjk1Y2QtMzllZS00OGU4LWFhMjItM2U3YmZlZDBjNTI4EAAaDQidyoWTBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPLWEynElm2nTYnTiF-d42Y&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPLWEynElm2nTYnTiF-d42Y&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPLWEynElm2nTYnTiF-d42Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 12CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
21763289-5269-4945-ab60-7e4358a31942
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8298961850055676383
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 12CD 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=a2bf96d6-e803-c572-3555-3c1faf786f10
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TE1MF15B9M81FMSMHRBM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 12CD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2958319774479980765&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2958319774479980765&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2958319774479980765&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 12CD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650550046.663206,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YmFlGwAWPMpOGwAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
6eae8cef-6405-ecc1-c48c-a87d381c69b9
pr-bh.ybp.yahoo.com/sync/openx/ Frame 12CD 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/6eae8cef-6405-ecc1-c48c-a87d381c69b9?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 12CD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&ttd_puid=fa69eaab-f4a9-7e88-f55b-be88c74ba4f0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 12CD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDYwNjM5NjEtM2RkZS0yMDJjLWUwYmItZTQzMTBkYTk2YTkw
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 12CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHGl55JkW3f8vAu4skrrjEA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C22C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
72ce4638-311c-48dc-b487-a18f85abaaab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D691 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0b6ca10a-f286-403f-a134-e4bb988afa58
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C809 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9dab916bf68f9b63cdb40910e747879358dded945be1b0d038bf0026375d449

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1495
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:25 GMT
Dropped-Udsids
39|241|230|46|4|81|3|188
Expires
Thu, 21 Apr 2022 14:07:25 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
pubcid.php
hbx.media.net/ Frame AC96 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Thu, 21 Apr 2022 14:07:25 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:37:25 GMT
sync
gum.criteo.com/ Frame AC96 		61 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2049
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
cksync.html
contextual.media.net/ Frame C666
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Drkt%26refUrl%3D%26vid%3D055004569829355164014556790...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2935516401455679000V10&type=rkt&refUrl=&vid=05500456982935516401455679000V10&ovsid=970033154777882003
219 B
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2935516401455679000V10&type=rkt&refUrl=&vid=05500456982935516401455679000V10&ovsid=970033154777882003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 21 Apr 2022 14:07:25 GMT
expires
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 21 Apr 2022 14:07:25 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2935516401455679000V10&type=rkt&refUrl=&vid=05500456982935516401455679000V10&ovsid=970033154777882003
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7882e5c194561222&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500456982935516401455679000V10&ovsid=AAAGcTFWsJavVwMwmj7TAAAAAAA&expiration=1650636445&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500456982935516401455679000V10&ovsid=AAAGcTFWsJavVwMwmj7TAAAAAAA&expiration=1650636445&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500456982935516401455679000V10&ovsid=AAAGcTFWsJavVwMwmj7TAAAAAAA&expiration=1650636445&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dmma%26refUrl%3D%26vid%3D055004569829355164014556...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500456982935516401455679000V10&ovsid=299c6261-651d-4600-8dda-ad435d1fd6f6
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500456982935516401455679000V10&ovsid=299c6261-651d-4600-8dda-ad435d1fd6f6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x51 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500456982935516401455679000V10&ovsid=299c6261-651d-4600-8dda-ad435d1fd6f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Apr 2022 14:07:24 GMT
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500456982935516401455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500456982935516...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500456982935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500456982935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0e05fc7b42a6d9b47@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500456982935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
45 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1134389
content-length
0
expires
Thu, 21 Apr 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=71d66e19-1b20-45ab-b01a-e06433e4462c&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dzem%26refUrl%3D%26vid%3D05500456982935516401455679...
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500456982935516401455679000V10&vsid=2935516401455679000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500456982935516401455679000V10&vsid=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500456982935516401455679000V10&vsid=2935516401455679000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame AC96
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2935516401455679000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2935516401455679000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=80a15a6d-6229-4720-8f89-95fa346d419e&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=80a15a6d-6229-4720-8f89-95fa346d419e&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=80a15a6d-6229-4720-8f89-95fa346d419e&cs=1
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
1000.gif
id.rlcdn.com/ Frame AC96
Redirect Chain
  • https://id.rlcdn.com/710489.gif
  • https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCJ3KhZMGEgUI6AcQAEIASgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCJ3KhZMGEgUI6AcQAEIASgA
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCJ3KhZMGEgUI6AcQAEIASgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame AC96
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame AC96
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2935516401455679000V10
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CA93FGV3P0XQ6W4Z0BX0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:25 GMT
rum
dsum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame 2A23 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KRBQX648BYH4BVVK13ZB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
50918dbc-15b6-4617-8810-fc94ad2109ec
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2723265135857761152&expiration=1651759645
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2723265135857761152&expiration=1651759645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=2723265135857761152&expiration=1651759645
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YmFlGwAWPMpOGwAy
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YmFlGwAWPMpOGwAy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1650550046.794736,VS0,VE0
x-served-by
cache-yul12832-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YmFlGwAWPMpOGwAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 2A23
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bef5e2c-0469-8032-2d783d2c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bef5e2c-0469-8032-2d783d2c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:25 GMT

Redirect headers

date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=8bef5e2c-0469-8032-2d783d2c
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2A23 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YmFlGeWVK2rxHCPvkD15-QAA%26188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1971
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:40:16 GMT
buyers
dmx.districtm.io/s/v1/ Frame 6FE9 		535 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546e7f00ee2aaec47039f7f477ed8be724279e1519d66bf865048d34b32b0800
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ff6af9a1a07efe4-EWR
access-control-allow-headers
Origin, Content-Type
buyers
dmx.districtm.io/s/v1/ Frame 4352 		472 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/buyers
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c983af4ca4bb40ef5a23a643eb04de3f79fc6b33f03844049b5df6ab19b411a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
content-type
application/json
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ff6af9a2a12efe4-EWR
access-control-allow-headers
Origin, Content-Type
match
c1.adform.net/serving/cookie/ Frame 3070 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=023E2F6B-2403-431A-8776-9CD4F5387396
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 21 Apr 2022 14:07:25 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E1D0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YmFlGwAWPMpOGwAy&gdpr=0&gdpr_consent=
1 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YmFlGwAWPMpOGwAy&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 03:10:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug004:0:633

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 21 Apr 2022 14:07:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YmFlGwAWPMpOGwAy&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12832-YUL
x-timer
S1650550046.800714,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 53C2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug017:0:713

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:25 GMT
Expires
Thu, 21 Apr 2022 14:07:24 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x51 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&gdpr=0&gdpr_consent=
pm&gdpr=0&gdpr_consent=
match.prod.bidr.io/cookie-sync/ Frame 0915
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
0
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.7.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-7-173.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
nginx
location
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7BF0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 03:20:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug003:0:414

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 21 Apr 2022 14:07:25 GMT
expires
Thu, 21 Apr 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1778742
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 9C55 		0
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame AFE4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uC7vMxb8TIxn19ZOLGw0VZU4mbw
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug003:0:1486

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Apr 2022 14:07:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uC7vMxb8TIxn19ZOLGw0VZU4mbw
Pug
simage2.pubmatic.com/AdServer/ Frame 2BF4
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5f37edc2-c17c-11ec-b66f-79feb2a2c73e
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5f37edc2-c17c-11ec-b66f-79feb2a2c73e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug011:0:732

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 21 Apr 2022 14:07:25 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5f37edc2-c17c-11ec-b66f-79feb2a2c73e
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-5
server
Cowboy
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 1020
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=461b852e-81df-495a-a6cd-a8aee7ab54d0&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=023E2F6B-2403-431A-8776-9CD4F5387396
42 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=023E2F6B-2403-431A-8776-9CD4F5387396
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.115.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-115-184.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Thu, 21 Apr 2022 14:07:26 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 21 Apr 2022 14:07:25 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=023E2F6B-2403-431A-8776-9CD4F5387396
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug004:0:415
i.match
a.tribalfusion.com/ Frame 30E9 		43 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6ff6af9a7cf67136-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 52BD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:vm900jVJ1NHxsV5&gdpr=0&gdpr_consent=
42 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:vm900jVJ1NHxsV5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:2292

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Apr 2022 14:07:25 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:vm900jVJ1NHxsV5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-00e20f4f68688ca60@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9120
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664619934089
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664619934089
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:422

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=664619934089
Pug
simage2.pubmatic.com/AdServer/ Frame 7AA9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1650550045841
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug005:0:380

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:25 GMT
ETag
OPTOUT
Expires
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 6223
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7038364451691127419&uid=Q703836445169112...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7038364451691127419
42 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7038364451691127419
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va1pug002:0:518

Redirect headers

Cache-Control
max-age=19418
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 21 Apr 2022 14:07:26 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7038364451691127419
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 626D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Aj4vayQDQxqHdpzU9Thzlg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
96.16.29.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-29-14.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=165732
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 23 Apr 2022 12:09:37 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
396846.gif
idsync.rlcdn.com/ Frame 626D
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=023E2F6B-2403-431A-8776-9CD4F5387396
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=afaf95cd-39ee-48e8-aa22-3e7bfed0c528
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
SPug
image4.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=afaf6261-651e-4600-b56e-8557845f8d6c
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=afaf6261-651e-4600-b56e-8557845f8d6c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=afaf6261-651e-4600-b56e-8557845f8d6c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Apr 2022 14:07:24 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDIzRTJGNkItMjQwMy00MzFBLTg3NzYtOUNENEY1Mzg3Mzk2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 07:23:21 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug030:0:586
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkebkZzO_GXXwW1aKKm0ac&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkebkZzO_GXXwW1aKKm0ac&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 11:24:55 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug029:0:595
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMkebkZzO_GXXwW1aKKm0ac&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug019:0:548
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 21 Apr 2022 14:07:25 GMT
x-content-type-options
nosniff
server
nginx
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 20 Apr 2022 14:07:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8146466545210792157&gdpr=0&gdpr_consent=&us_privacy=
1 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8146466545210792157&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug013:0:731
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8146466545210792157&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
42 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 05:36:49 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug006:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
023E2F6B-2403-431A-8776-9CD4F5387396
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 626D 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/023E2F6B-2403-431A-8776-9CD4F5387396?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=023E2F6B-2403-431A-8776-9CD4F5387396&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mce4HUJE2uXKKWt6nVZbo6DBH8aT7ng-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mce4HUJE2uXKKWt6nVZbo6DBH8aT7ng-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mce4HUJE2uXKKWt6nVZbo6DBH8aT7ng-~A&gdpr=0&gdpr_consent=
date
Thu, 21 Apr 2022 14:07:25 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=f205bcd1e4e1224&is_secure=true&networkId=17100&version=1&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTFWsJavaAMOqpgnAAAAAAA&expiration=1650636445&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&...
42 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTFWsJavaAMOqpgnAAAAAAA&expiration=1650636445&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug019:0:423
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTFWsJavaAMOqpgnAAAAAAA&expiration=1650636445&nuid=023E2F6B-2403-431A-8776-9CD4F5387396&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX
42 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug008:0:509
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&gdpr=0&gdpr_consent=
1 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 03:20:33 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug007:0:505
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&gdpr=0&gdpr_consent=
Date
Thu, 21 Apr 2022 14:07:24 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
5f2b203c-c17c-11ec-8a5d-f3a7b7c238e3
Pug
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8298961850055676383&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8298961850055676383&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug016:0:2838
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bc833356-bdc0-47ff-9b13-958c0291c66c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8298961850055676383&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 626D 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.102.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-102-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-length
0
content-type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=b7589596-4aa2-4d21-be2f-603674503f61&expires=1&user_group=5&ssp=pubmatic&bsw_param=1f1345a2-d50a-4715-8469-b318f811a70d
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:432
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1f1345a2-d50a-4715-8469-b318f811a70d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 626D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_EEAE3886_15846FEA&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
4.78.226.233 Mobile, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-333536846; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-333536846; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug016:0:403
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr=&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr=&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug017:0:749
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341&gdpr=&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2723265135857761152
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2723265135857761152
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 05:39:30 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug008:0:314
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2723265135857761152
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 626D
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A94D67BC54
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A94D67BC54
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug019:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 21 Apr 2022 14:07:36 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=000000A94D67BC54
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
pubcid.php
hbx.media.net/ Frame 403C 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Thu, 21 Apr 2022 14:07:25 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:37:25 GMT
sync
gum.criteo.com/ Frame 403C 		88 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
468fa725f6491787adf804df52c98676d37ac56d2b15d4d26db740260a5876f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2837
strict-transport-security
max-age=31536000; preload;
content-length
207
expires
60
cksync.php
contextual.media.net/ Frame 403C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
45 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1096336
content-length
0
expires
Thu, 21 Apr 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 403C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1f1345a2-d50a-4715-8469-b318f811a70d&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10595421814438346601&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=95e8d339-28de-45ae-89fa-cfd5a9bc743f&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214740604128008332925&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10595421814438346601&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10595421814438346601&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10595421814438346601&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 403C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2935516401455679000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2935516401455679000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=55d1baff-9d73-4e6a-9d45-efd47b5011f8&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=55d1baff-9d73-4e6a-9d45-efd47b5011f8&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=55d1baff-9d73-4e6a-9d45-efd47b5011f8&cs=1
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame 403C 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 403C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
dcm
s.amazon-adsystem.com/ Frame 403C
Redirect Chain
  • https://cs.media.net/cksync?cs=35&type=tam&ovsid=setstatuscode&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3Ddcd3b62c-7a4b-4d79-a73e-c47474a8ab42%26id%3D2935516401455679000V10
  • https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RVF5EE4G80GKQTKTFEAW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s.amazon-adsystem.com/dcm?pid=dcd3b62c-7a4b-4d79-a73e-c47474a8ab42&id=2935516401455679000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT
cksync.php
contextual.media.net/ Frame 403C
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7b78934105261222&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500458472935516401455679000V10&ovsid=AAAGcNZjkwLG6wN-WkbSAAAAAAA&expiration=1650636445&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500458472935516401455679000V10&ovsid=AAAGcNZjkwLG6wN-WkbSAAAAAAA&expiration=1650636445&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=con&refUrl=&vid=05500458472935516401455679000V10&ovsid=AAAGcNZjkwLG6wN-WkbSAAAAAAA&expiration=1650636445&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 403C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dmma%26refUrl%3D%26vid%3D055004584729355164014556...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500458472935516401455679000V10&ovsid=a7de6261-651e-4700-8e5f-a270844f9ad6
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500458472935516401455679000V10&ovsid=a7de6261-651e-4700-8e5f-a270844f9ad6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=mma&refUrl=&vid=05500458472935516401455679000V10&ovsid=a7de6261-651e-4700-8e5f-a270844f9ad6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Apr 2022 14:07:24 GMT
cksync.php
contextual.media.net/ Frame 403C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500458472935516401455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Ddxu%26refUrl%3D%26vid%3D05500458472935516...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500458472935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500458472935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-007b7dbae3f126443@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2935516401455679000V10&type=dxu&refUrl=&vid=05500458472935516401455679000V10&ovsid=X9WZ3GiE1NHxsV5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 403C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2935516401455679000V10%26type%3Dzem%26refUrl%3D%26vid%3D05500458472935516401455679...
  • https://stags.bluekai.com/site/23178?id=wAFWSgI4rKGtqFSiHetv&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXIFDFOU3HJE2HES2HORYUMU3JJBSXI...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500458472935516401455679000V10&vsid=2935516401455679000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500458472935516401455679000V10&vsid=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Server
23.78.138.84 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-138-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Thu, 21 Apr 2022 14:07:26 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=wAFWSgI4rKGtqFSiHetv&refUrl=&type=zem&vid=05500458472935516401455679000V10&vsid=2935516401455679000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
log
c21lg-d.media.net/ Frame AC96 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=525bd81a-ea2c-4cb2-8ad8-56ef3153fef3&cs=15&vsid=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 21 Apr 2022 14:07:26 GMT
664619934089
dmx.districtm.io/s/10022/ Frame 4352
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=137&rurl=https%3A%2F%2Fdmx.districtm.io%2Fs%2F10022%2F___AUID___
  • https://dmx.districtm.io/s/10022/664619934089
68 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10022/664619934089
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6afea2673c411750099ce83e1e04bc2d7a4bf1c7a4919d82e6e087411422476
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9b7b71efe4-EWR

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://dmx.districtm.io/s/10022/664619934089
970033154777882003
dmx.districtm.io/s/10056/ Frame 4352
Redirect Chain
  • https://p.rfihub.com/cm?pub=36496&in=1
  • https://dmx.districtm.io/s/10056/970033154777882003
74 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10056/970033154777882003
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6904791aaaaf7befa754ff249c1618c4d11e2ac40726e8df6011c08d372af2ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9bab98efe4-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10056/970033154777882003
Date
Thu, 21 Apr 2022 14:07:25 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
acb76ab0-e132-4b2f-8fd7-cc784a34419b
dmx.districtm.io/s/10059/ Frame 4352
Redirect Chain
  • https://match.sharethrough.com/1PQ8qgv7/v1/
  • https://dmx.districtm.io/s/10059/acb76ab0-e132-4b2f-8fd7-cc784a34419b
92 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10059/acb76ab0-e132-4b2f-8fd7-cc784a34419b
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145d71d3dbfbbccb605f416cff183bfe88032460070ae87491acda763561929a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9bab9defe4-EWR

Redirect headers

location
https://dmx.districtm.io/s/10059/acb76ab0-e132-4b2f-8fd7-cc784a34419b
date
Thu, 21 Apr 2022 14:07:25 GMT
content-length
0
districtm
match.prod.bidr.io/cookie-sync/ Frame 4352 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/districtm
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.7.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-7-173.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
1f1345a2-d50a-4715-8469-b318f811a70d
dmx.districtm.io/s/10009/ Frame 4352
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=districtm&user_id=286vr5EAbQqFk6575TO4djZE1M2
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=districtm&bsw_param=1f1345a2-d50a-4715-8469-b318f811a70d&google_hm=MWYxMzQ1YTItZDUwYS00NzE1LTg0NjktYjMxOGY4MTFhNzBk
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKQtm0mfm7OBXMu8WaUZxEM&google_cver=1&ssp=districtm&bsw_param=1f1345a2-d50a-4715-8469-b318f811a70d
  • https://dmx.districtm.io/s/10009/1f1345a2-d50a-4715-8469-b318f811a70d
92 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10009/1f1345a2-d50a-4715-8469-b318f811a70d
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c71ce8d0704a157d1aecd6c50a69c80e961f67723a79e2fbb0006fde3350c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9cccebefe4-EWR

Redirect headers

Location
//dmx.districtm.io/s/10009/1f1345a2-d50a-4715-8469-b318f811a70d
Date
Thu, 21 Apr 2022 14:07:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
8RnuZY7TXGpSriqslf2s
dmx.districtm.io/s/10027/ Frame 6FE9
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=districtm
  • https://dmx.districtm.io/s/10027/8RnuZY7TXGpSriqslf2s?pi=districtm
76 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10027/8RnuZY7TXGpSriqslf2s?pi=districtm
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499d399d09cbc6e7cc5f10c2d72c2815e07c622264ee418fcc1ce91650596219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9bec0cefe4-EWR

Redirect headers

location
https://dmx.districtm.io/s/10027/8RnuZY7TXGpSriqslf2s?pi=districtm
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT, Thu, 21 Apr 2022 14:07:25 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
AAAGcTFWsJavaQNa6JRrAAAAAAA&expiration=1650636445&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&is_secure=true
dmx.us-east-29.districtm.io/s/10007/ Frame 6FE9
Redirect Chain
  • https://districtm-match.dotomi.com/match/bounce/current?version=1&networkId=33921&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&rurl=//dmx.us-east-29.districtm.io/s/10007/
  • https://districtm-match.dotomi.com/match/bounce/current?DotomiTest=43b8d7a2ff011222&is_secure=true&version=1&networkId=33921&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&rurl=%2F%2Fdmx.us-east-29.districtm.io%...
  • https://dmx.us-east-29.districtm.io/s/10007/AAAGcTFWsJavaQNa6JRrAAAAAAA&expiration=1650636445&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&is_secure=true
153 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.us-east-29.districtm.io/s/10007/AAAGcTFWsJavaQNa6JRrAAAAAAA&expiration=1650636445&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&is_secure=true
Protocol
H2
Server
34.74.216.17 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.216.74.34.bc.googleusercontent.com
Software
/
Resource Hash
91b24f6a89985a48ed16b26056969fe3d78527863f6269c4959631bdd87ee2a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
content-length
153
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
//dmx.us-east-29.districtm.io/s/10007/AAAGcTFWsJavaQNa6JRrAAAAAAA&expiration=1650636445&nuid=286vrCPNzw6qk94xIO2T6xeV9Eq&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
uC7vMxb8TIxn19ZOLGw0VZU4mbw
dmx.districtm.io/s/10026/ Frame 6FE9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=132
  • https://dmx.districtm.io/s/10026/uC7vMxb8TIxn19ZOLGw0VZU4mbw
83 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10026/uC7vMxb8TIxn19ZOLGw0VZU4mbw
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
894d53db224c47bb07db1adf797e1670ec569285b1e74879e12b62812478e2a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9bab9eefe4-EWR

Redirect headers

Location
https://dmx.districtm.io/s/10026/uC7vMxb8TIxn19ZOLGw0VZU4mbw
Date
Thu, 21 Apr 2022 14:07:25 GMT
Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341
dmx.districtm.io/s/10001/ Frame 6FE9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=96
  • https://dmx.districtm.io/s/10001/13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341
106 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10001/13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78b78de33ce86deec00f5b7c9e98774a4869dfce0284075bee423417e614d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9baba0efe4-EWR

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dmx.districtm.io/s/10001/13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
y-KLAv8FJE2uGrlAmp4inR8.KwPZRGG0OcR7GlkZQ-~A
dmx.districtm.io/s/10057/ Frame 6FE9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58377/occ?gdpr=&gdpr_consent=
  • https://dmx.districtm.io/s/10057/y-KLAv8FJE2uGrlAmp4inR8.KwPZRGG0OcR7GlkZQ-~A
100 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/10057/y-KLAv8FJE2uGrlAmp4inR8.KwPZRGG0OcR7GlkZQ-~A
Protocol
H2
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d3780779d5a98e2de9d2eda7625fd931ec5173725574e809b349628e1e8eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.districtm.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
6ff6af9baba2efe4-EWR

Redirect headers

location
https://dmx.districtm.io/s/10057/y-KLAv8FJE2uGrlAmp4inR8.KwPZRGG0OcR7GlkZQ-~A
date
Thu, 21 Apr 2022 14:07:25 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 54B9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI5MlZMNUctMTItQUZSSQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 54B9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJmNTljYjM2OGM5YmYxYTBkM2VmMTEyODljOGM1YTRmMjBiMTY5Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJmNTljYjM2OGM5YmYxYTBkM2VmMTEyODljOGM1YTRmMjBiMTY5Yg
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWJmNTljYjM2OGM5YmYxYTBkM2VmMTEyODljOGM1YTRmMjBiMTY5Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 54B9 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Apr 2022 14:07:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame 54B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENgUP2VP57ZUSXQ481WEqgw&google_cver=1
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENgUP2VP57ZUSXQ481WEqgw&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENgUP2VP57ZUSXQ481WEqgw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 54B9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8lU678hqTFuKWTuoqLs2ng&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8lU678hqTFuKWTuoqLs2ng
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8lU678hqTFuKWTuoqLs2ng
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q19TVPWARYMSCDDJVF98
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=8lU678hqTFuKWTuoqLs2ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 54B9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=&expires=30
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 54B9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WYzSJC72xH2Xx8CfpGJh3cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4611340623556115414
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4611340623556115414
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif

Redirect headers

date
Thu, 21 Apr 2022 14:07:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4611340623556115414
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 54B9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L292VL5G-12-AFRI
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L292VL5G-12-AFRI
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 31A307B2083C4604B7EB6209277E623D Ref B: YTO01EDGE0807 Ref C: 2022-04-21T14:07:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXdKqEwCC+ncN27J9l/oQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L292VL5G-12-AFRI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6&expiration=1653142045&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame C809 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EPQN8CYVQS4V3C1MVK8V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6f95c4e-9446-4a35-a199-9aac0b7b9033
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8298961850055676383
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8146466545210792157
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8146466545210792157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8146466545210792157
pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=9fHAIPX2xybu9c5zp6LbIvPyk3fu8pUg8_YUkFIa
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=9fHAIPX2xybu9c5zp6LbIvPyk3fu8pUg8_YUkFIa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=9fHAIPX2xybu9c5zp6LbIvPyk3fu8pUg8_YUkFIa
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=531e6261-651e-4700-a49f-e49486105ad2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=531e6261-651e-4700-a49f-e49486105ad2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:07:26 GMT

Redirect headers

Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=531e6261-651e-4700-a49f-e49486105ad2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Apr 2022 14:07:25 GMT
CookieIndex
rtb.adentifi.com/ Frame C809 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.102.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-102-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
content-length
0
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C809 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YmFlGeWVK2rxHCPvkD15-QAA%26188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bleepingcomputer.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:26 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1970
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 21 Apr 2022 14:40:16 GMT
log
c21lg-d.media.net/ Frame 403C 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=525bd81a-ea2c-4cb2-8ad8-56ef3153fef3&cs=15&vsid=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 21 Apr 2022 14:07:26 GMT
log
c21lg-d.media.net/ Frame 403C 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=LzacvpVy8vrftJ93NqSMA5QrouX_SW8f&cs=15&vsid=2935516401455679000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=2030%2C173%2C251%2C175%2C178%2C157%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C336%2C117%2C238%2C337%2C338%2C339%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C228%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 21 Apr 2022 14:07:26 GMT
usync.html
eus.rubiconproject.com/ Frame B941
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Apr 2022 14:07:26 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Apr 2022 14:07:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
cms-xch-chicago.33across.com/ Frame 0BF0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=uC7vMxb8TIxn19ZOLGw0VZU4mbw&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?gdpr_consent=&ri=10&ru=https%3A%2F%2Fcms-xch.33across.com%2Fmatch%3Fgdpr_58%3D%24gdpr_58%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26bidder_id%3...
  • https://cms-xch.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
  • https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch-chicago.33across.com:443/match?gdpr_58=&gdpr=0&gdpr_consent=&bidder_id=10&external_user_id=1f1345a2-d50a-4715-8469-b318f811a70d
date
Thu, 21 Apr 2022 14:07:26 GMT
server
awselb/2.0
content-length
134
content-type
text/html
match
cms-xch-chicago.33across.com/ Frame 0BF0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1650550045950.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fc...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=299c6261-651d-4600-8dda-ad435d1fd6f6
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=299c6261-651d-4600-8dda-ad435d1fd6f6
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 21 Apr 2022 14:07:26 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cms-xch-chicago.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=299c6261-651d-4600-8dda-ad435d1fd6f6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 21 Apr 2022 14:07:25 GMT
match
events-ssc.33across.com/ Frame 0BF0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Vs9T65NE2uGYLZnaHyGfep8WGAxMrvcz~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Vs9T65NE2uGYLZnaHyGfep8WGAxMrvcz%7EA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Vs9T65NE2uGYLZnaHyGfep8WGAxMrvcz%7EA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Vs9T65NE2uGYLZnaHyGfep8WGAxMrvcz%7EA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 0BF0
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=271f064a9bf11221&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAGcec8yOk9iwML--vrAAAAAAA&expiration=1650636446&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGcec8yOk9iwML--vrAAAAAAA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGcec8yOk9iwML--vrAAAAAAA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAGcec8yOk9iwML--vrAAAAAAA&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 0BF0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1653142046%26external_user_id%3D5169ee99-c653-4a21-a834-6b5fb8f9a4f6
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653142046&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653142046&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&ru=deb&id=dPGcAuqZ0r6Ok4aKlId8sQ&gdpr_consent=undefined&us_privacy=undefined&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:25 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1653142046&external_user_id=5169ee99-c653-4a21-a834-6b5fb8f9a4f6
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.js
eus.rubiconproject.com/ Frame B941 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1562bf13c9030fbda35dd0005e927a150531cdff4ad9558aba3092408cfe539b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 21 Apr 2022 14:07:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63446
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Fri, 22 Apr 2022 07:44:52 GMT
users
dmx.districtm.io/s/v1/ Frame 6FE9 		0
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ff6af9d9db1efe4-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.districtm.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-max-age
14400
cf-cache-status
DYNAMIC
cf-ray
6ff6af9d4d4f8cb9-EWR
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
match
events-ssc.33across.com/ Frame B941
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L292VL5G-12-AFRI
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L292VL5G-12-AFRI
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L292VL5G-12-AFRI&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L292VL5G-12-AFRI&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:26 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L292VL5G-12-AFRI&ts=1650550046&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
users
dmx.districtm.io/s/v1/ Frame 4352 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Requested by
Host: cdn.districtm.io
URL: https://cdn.districtm.io/ids/idsync.d5cb6b96.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cdn.districtm.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Apr 2022 14:07:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ff6af9dbdf6efe4-EWR
access-control-allow-headers
Origin, Content-Type
users
dmx.districtm.io/s/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/s/v1/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cdn.districtm.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS, POST
access-control-allow-origin
https://cdn.districtm.io
access-control-max-age
14400
cf-cache-status
DYNAMIC
cf-ray
6ff6af9d4d608cb9-EWR
date
Thu, 21 Apr 2022 14:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame C22C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c1f898c-2b4f-4456-924f-c20d4cf56e08
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D691 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Apr 2022 14:07:26 GMT
X-Proxy-Origin
149.56.153.188; 149.56.153.188; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
ec115358-f3fb-422b-a23a-1b328be18768
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 626D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156696&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&id=1&ii=5&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=5296&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=475&lg=1&lh=134&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A3076%3A514&aa=1&ad=5139&cn=1090&gn=1&gk=5139&gl=1090&ik=5139&ic=5139&ez=1&co=1090&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5076&cd=1020&ah=5076&am=1020&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=198121&na=1488309179&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:28 GMT
pixel.gif
px.moatads.com/ Frame E030 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&dMoatBDS=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ESSENCEDIGITALNA1&ol=2481714046&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-bA%2F9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1St6rl4fSl7XR4zDhBa4DU0%3D&rs=1-kplEbVjbGrWLAw%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fstartups%2Frundll32.exe_streamci_StreamingDeviceSetup-747.html&id=1&ii=5&f=1&j=https%3A%2F%2Fwww.bleepingcomputer.com&lp=https%3A%2F%2Fwww.bleepingcomputer.com&t=1650550043086&de=663280137457&cu=1650550043086&m=5499&ar=bee2df476bf-clean&iw=5a06169&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=475&lg=1&lh=134&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A3076%3A514&aa=1&ad=5342&cn=5139&gn=1&gk=5342&gl=5139&ik=5342&ic=5342&ez=1&co=1090&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5277&cd=5076&ah=5277&am=5076&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=27391841%3A6022511%3A332299257%3A168090932&bo=bleepingcomputer.com&bd=bleepingcomputer.com&gw=essencedigitalna20153870852878&zMoatOrigSlicer1=6022511&zMoatOrigSlicer2=332299257&zMoatG=ct&zMoatAUCID=-&zMoatJS=3%3A-&zMoatDR=-&hv=Essence%20Override%202&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&jk=-1&jm=1&tc=0&fs=198121&na=1110709340&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 14:07:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 65BA 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28143370&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
380b108ef8274643bad7cecdca46921ea765be1678c1f0e4c35dbc9a57317bb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 14:07:27 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 2DAD
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=33c839b9-3596-4b17-9c40-2f22e5351973-tuct95aeaa0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=33c839b9-3596-4b17-9c40-2f22e5351973-tuct95aeaa0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 21 Apr 2022 14:07:28 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12820-YUL
x-timer
S1650550049.734651,VS0,VE64

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 21 Apr 2022 14:07:28 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=33c839b9-3596-4b17-9c40-2f22e5351973-tuct95aeaa0&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12821-YUL
x-timer
S1650550049.688704,VS0,VE10
x-vcl-time-ms
10
usersync
match.bnmla.com/ Frame 2CC8
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=76FDC54144714F12816F67C0F1455CDB
0
0
pubmatic
gocm.c.appier.net/ Frame 7C5E 		0
0
pub
matching.truffle.bid/sync/ Frame B218 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 21 Apr 2022 14:07:28 GMT
Server
nginx/1.21.4
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 01B9
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=92731aac-b216-447b-a1d9-45ec9c0bdc5b
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=92731aac-b216-447b-a1d9-45ec9c0bdc5b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Apr 2022 03:10:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug004:0:600

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Apr 2022 14:07:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=92731aac-b216-447b-a1d9-45ec9c0bdc5b
/
csync.loopme.me/ Frame AF53 		0
0
cookiesync
core.iprom.net/ Frame 92A5 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame D44A
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6676370c-cb38-417c-9a6d-3a5538d26582
1 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6676370c-cb38-417c-9a6d-3a5538d26582
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 06:18:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
njrpug021:0:397

Redirect headers

content-length
0
date
Thu, 21 Apr 2022 14:07:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6676370c-cb38-417c-9a6d-3a5538d26582
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame EAB8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
1 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 03:10:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
va2pug009:0:398

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Thu, 21 Apr 2022 14:07:28 GMT
expires
Wed, 20 Apr 2022 14:07:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:76FDC54144714F12816F67C0F1455CDB
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
/
pixel.onaudience.com/ Frame 65BA 		0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 65BA
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=023E2F6B-2403-431A-8776-9CD4F5387396&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=023E2F6B-2403-431A-8776-9CD4F5387396&addseg=10,33,39
0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 65BA 		0
0
g.pixel
aa.agkn.com/adscores/ Frame 65BA 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=023E2F6B-2403-431A-8776-9CD4F5387396
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.207.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-207-10.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:28 GMT
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
Rdg-nJ1C2XNUlBsTNosTVVgZLIZ8SrCY0SBkFHNQsEHKJX74C6jqmA==
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 65BA 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.95.120 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 14:07:28 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Domain
mathid.mathtag.com
URL
https://mathid.mathtag.com/d/i.js
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?dspid=6&uuid=76FDC54144714F12816F67C0F1455CDB
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=023E2F6B-2403-431A-8776-9CD4F5387396
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=023E2F6B-2403-431A-8776-9CD4F5387396&addseg=10,33,39
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=023E2F6B-2403-431A-8776-9CD4F5387396&sInitiator=external&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer function| Blazy object| fixto string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf boolean| fifabAlready function| fi_fab object| __cfBeacon object| google_tag_manager undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| google_tag_data string| GoogleAnalyticsObject function| ga object| fsdata object| _comscore object| fsprebid function| load_script object| googletag object| gaplugins object| gaGlobal object| gaData function| udm_ object| ns_p object| COMSCORE function| Tapad function| fsprebidChunk object| _pbjsGlobals object| mnet object| ats object| ggeac object| google_js_reporting_queue object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| addthis_share object| fiUtils object| $customVisiblity object| $waitOn undefined| google_measure_js_timing boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| apstag object| _qevents object| svqwkV2 function| svqwkV3 object| xop boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus boolean| creativeVendorLibraryLoaded object| EE70hY2 function| EE70hY3 function| xblocker object| B55AnP function| B55Anx function| xblacklist object| ID5 object| PublisherCommonId object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests boolean| DFPSFMessageEnabled object| ampInaboxIframes object| ampInaboxPendingMessages

227 Cookies

Domain/Path Name / Value
www.bleepingcomputer.com/startups Name: ntvSession
Value: {}
.resetdigital.co/csync Name: ckbk
Value: 000000A94D67BC54
.3lift.com/sync Name: sync
Value: CgoIoQEQkvbL44QwCgoIgQIQkvbL44QwCgoI4gEQkvbL44QwCgoI5gEQkvbL44QwCgoIhwIQkvbL44QwCgkICRCS9svjhDAKCQhJELD2y-OEMAoJCAsQkvbL44QwCgoIjAIQkvbL44QwCgoIjgEQsPbL44QwCgoIzgEQsPbL44QwCgoIkQIQsPbL44QwCgoIkgIQsPbL44QwCgoIlAIQsPbL44QwCgoI1gEQsPbL44QwCgkIORCw9svjhDAKCQg6EJL2y-OEMAoJCBsQsPbL44QwCgkIXxCS9svjhDAKCQgfELD2y-OEMA==
.bleepingcomputer.com/ Name: session_id
Value: 59d0b06b6c50505234790cf382823702
www.bleepingcomputer.com/ Name: fsbotchecked
Value: true
www.bleepingcomputer.com/ Name: _fssid
Value: 44dd2039-6501-489c-bda0-d4d4d930ae00
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.1680307641.1650550038
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.111597908.1650550038
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.scorecardresearch.com/ Name: UID
Value: 19037bfe412354b303cb8bf1650550038
cdn.firstimpression.io/ Name: OAID
Value: 4533f8835adf633166536193ce155c19
www.bleepingcomputer.com/ Name: __atuvc
Value: 1%7C16
www.bleepingcomputer.com/ Name: __atuvs
Value: 6261651680eab468000
www.bleepingcomputer.com/ Name: _lr_geo_location
Value: CA
www.bleepingcomputer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.addthis.com/ Name: ouid
Value: 62616516000152e713f6de403567ddd9dd1b5435950462fff9cf
.addthis.com/ Name: di2
Value: aVRdm#%!k#$M`#!AgP2TIPv7LW6Lj6Hq#34Q#1:R#19w
.addthis.com/ Name: um
Value: j.'2022042114071874200769370336'
.addthis.com/ Name: uid
Value: 626165160008f048
.addthis.com/ Name: na_id
Value: 2022042114071874200769370336
.addthis.com/ Name: vc
Value: 2
.addthis.com/ Name: uvc
Value: 1%7C16
.addthis.com/ Name: loc
Value: MDAwMDBOQUNBUUMyMjU1MTA2NDQ2MjAwMDBDSA==
.reddit.com/ Name: csv
Value: 2
.openx.net/ Name: i
Value: 29c5d5f2-5d2e-417f-af8d-7660a36c970d|1650550039
.yahoo.com/ Name: A3
Value: d=AQABBBdlYWICEGzdvBQfXN-YD2-BWlPjeZYFEgEBAQG2YmJrYgAAAAAA_eMAAA&S=AQAAArhgtH3D7iaXRYTrs8kHvkE
.adnxs.com/ Name: uuid2
Value: 8298961850055676383
.deployads.com/ Name: d7s_uid
Value: rap0k73378z7
.rubiconproject.com/ Name: khaos
Value: L292VL5G-12-AFRI
.postrelease.com/ Name: visitor
Value: 1b167960-234f-474c-b8db-ba9e0c284547
.postrelease.com/ Name: status
Value: 0
www.bleepingcomputer.com/ Name: _ntv_uid
Value: 1b167960-234f-474c-b8db-ba9e0c284547
.quantserve.com/ Name: mc
Value: 62616517-68bda-301ef-1c105
.bleepingcomputer.com/ Name: __qca
Value: P0-599194699-1650550039385
.pub.network/ Name: _fsuid
Value: 3f8832ea-6782-44e5-9df6-a655e76b5d77
.amazon-adsystem.com/ Name: ad-id
Value: AxhsdJS3AU16tCNjYzUjq1Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYAiACKAIwl8qFkwY4AkACSAIQl8qFkwYYAQ..
.lijit.com/ Name: ljt_reader
Value: e6035e59639ec77fc6ef41ae
.contextweb.com/ Name: V
Value: qLrMiP7PILrj
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c672f5959907bcd5
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjIzU7IyNDM1NDe1NDO21FGyMEbjo8kbmUP4hqYmFiC%2BoYERio5aAMRIEO4%3D
.zemanta.com/ Name: zuid
Value: wAFWSgI4rKGtqFSiHetv
.3lift.com/ Name: tluid
Value: 1011297303317820384187
.yieldmo.com/ Name: yieldmo_id
Value: g4e439215b90113f3e54%7C1650550039883%7C0%7C
.sharethrough.com/ Name: stx_user_id
Value: acb76ab0-e132-4b2f-8fd7-cc784a34419b
.simpli.fi/ Name: suid
Value: 76FDC54144714F12816F67C0F1455CDB
.sitescout.com/ Name: ssi
Value: 13b48936-f855-4e8a-bf80-bb8c1b9746de#1650550039988
.acuityplatform.com/ Name: auid
Value: 664619934089
.media.net/ Name: visitor-id
Value: 2935516401455679000V10
.media.net/ Name: data-sov
Value: e6035e59639ec77fc6ef41ae~~3
.adsrvr.org/ Name: TDID
Value: 5169ee99-c653-4a21-a834-6b5fb8f9a4f6
.bidswitch.net/ Name: tuuid
Value: 1f1345a2-d50a-4715-8469-b318f811a70d
.bidswitch.net/ Name: c
Value: 1650550040
.bidswitch.net/ Name: tuuid_lu
Value: 1650550040
.doubleclick.net/ Name: IDE
Value: AHWqTUn_lam5WrixWl_Zd5Fuf3faZL9o6rAinLnlKG7SipBqq9Ped_F7AHdbTVXiJhw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b82eef33-16fc-4c8c-67d7-d64e2c6c3455.T18JCMd9m7eNvBevSve5ymuCoi0E0iD93rD3xl8h45w
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AuC7vMxb8TIxn19ZOLGw0VZU4mbw.4K9eimTm8d6Bl%2FFhk%2BJooxo0Ib6etZR4R55YIUeK6I8
.lijit.com/ Name: _ljtrtb_66
Value: 664619934089
.ads.yieldmo.com/ Name: ptrt
Value: 5169ee99-c653-4a21-a834-6b5fb8f9a4f6
.ads.yieldmo.com/ Name: ptrstk
Value: uC7vMxb8TIxn19ZOLGw0VZU4mbw
.lijit.com/ Name: _ljtrtb_27
Value: 08e421e7-ae6f-40aa-912c-21b9b0b66530
.exelator.com/ Name: EE
Value: "6f15f00485752523279260de38d94f6c"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEszdA0zcDAxMLU3NTI1MjYyNzSyMwgJdXYIsXSJM0seXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6ImfHxUUpaQyLSopPBR9QswQATX8oxw%253D%253D"
.ads.yieldmo.com/ Name: ptrpp
Value: qLrMiP7PILrj
.tapad.com/ Name: TapAd_TS
Value: 1650550040212
.tapad.com/ Name: TapAd_DID
Value: 95e8d339-28de-45ae-89fa-cfd5a9bc743f
.creativecdn.com/ Name: u
Value: 8RnuZY7TXGpSriqslf2s
.creativecdn.com/ Name: ts
Value: 1650550040
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1de9|2N.0.AAAGcTFWsJat2gMhRw9lAAAAAAA|3oy.0.13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341|4is.0.CAESEOwpgT8GJX71xQ0q37Ytels|7TY.0|7TZ.0.1
.lijit.com/ Name: ljtrtb
Value: eJwNyMENgDAIBdBdOEsCFH%2BL24DBJYy728s7vJcAujYOjRguK%2Bggm%2FtktZv25Gw87JLJoXazaUVJAecQ%2Bn7cPQ8w
.lijit.com/ Name: _ljtrtb_86
Value: 8RnuZY7TXGpSriqslf2s
.lijit.com/ Name: _ljtrtb_83
Value: L292VL5G-12-AFRI
.casalemedia.com/ Name: CMPS
Value: 470
.bleepingcomputer.com/ Name: __gads
Value: ID=83ab0673e5662e19:T=1650550040:S=ALNI_MZaxKGDKlWPqEMyY8O7EAYKTFGiTQ
.bleepingcomputer.com/ Name: __gpi
Value: UID=0000044c11ad22fa:T=1650550040:RT=1650550040:S=ALNI_MaGBBE4hqTf9f7f8ef63E7tUzNJQg
.casalemedia.com/ Name: CMID
Value: YmFlGeWVK2rxHCPvkD15-QAA
.casalemedia.com/ Name: CMPRO
Value: 188
.dyntrk.com/ Name: dyn_u
Value: 04030001_6261651b5e4ff
.media.net/ Name: data-g
Value: CAESEEJpebRvJWGznM7Og_vzH3c~~3
.go.sonobi.com/ Name: __uis
Value: fb4985c7-87a3-4bfb-91be-d9ed158d0390
.go.sonobi.com/ Name: HAPLB8S
Value: s8654|YmFlF
.teads.tv/ Name: tt_viewer
Value: 71105bc9-fd71-4f14-b8ba-2b8c30d80b7e
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&89e7dcf9-65fa-4a4a-8b24-205b36b5c2be"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2381:u=1:x=1:i=1650550043:t=1650636443:v=2:sig=AQGGdom81X04aATzRSq94BNc8f13-yog"
.spotxchange.com/ Name: audience
Value: 5dc869a4-c17c-11ec-a32c-144e8b5f0403
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A3529571638518424481
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YmFlGwAWPMpOGwAy
.torchad.com/ Name: ADK_EX_309
Value: 1
.torchad.com/ Name: ADKUID
Value: A3529571638518424481
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 023E2F6B-2403-431A-8776-9CD4F5387396
.mookie1.com/ Name: id
Value: 10595421814438346601
.mookie1.com/ Name: mdata
Value: 1|10595421814438346601|1650550044007
.mookie1.com/ Name: ov
Value: 1db1209a6f65dae18a5c8d971c72ccd0
.adingo.jp/ Name: ID
Value: c1d1ee9c8a6e0051dcc7bca80be54bc9
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220421
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.openx.net/ Name: pd
Value: v2|1650550045|vMbwgag2gKvPhEkWgyiK
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.a-mo.net/ Name: amuid2
Value: baa9aeef-6266-43cf-ad20-188fa1d22bf1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: anj
Value: dTM7k!M4.gDYRWSF']wIg2GU!=*y*c!A#Fi.TOKKnyW<U1`VROYQM-:KF4IhFrR6x?L:`XCIUp4I3yU2AO)%_?qz<>/X%W#.wLNF66'[KaEWig%p<4Mh(I3pRAJ/fR!y]x=JRQx#r20R*/<hF!!*c:-WcZu
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjEwMTEyOTczMDMzMTc4MjAzODQxODciLCJleHBpcmVzIjoiMjAyMi0wNy0yMFQxNDowNzoyNVoifX0sImJpcnRoZGF5IjoiMjAyMi0wNC0yMVQxNDowNzoyNVoifQ==
.pubmatic.com/ Name: DPSync3
Value: 1651708800%3A201_197%7C1651104000%3A164%7C1650585600%3A174
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1MTc3t7AwAnKE-Ax1Mxwjki3SDUNTo4yyAbXiDB8kAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1MTc3t7AwAnKE-Ax1Mxwjki3SDUNTo4yypXgNzUwNTE0NDExMzSyMAMvLSIEzAAAA
.adform.net/ Name: C
Value: 1
.linkedin.com/ Name: li_sugr
Value: 4cc30f51-5c33-4a30-8bcb-09e4b5be4e21
.bing.com/ Name: MUID
Value: 1EEF2037E24C61D33A7A31BAE366609A
.c.bing.com/ Name: MR
Value: 0
.33across.com/ Name: 33x_ps
Value: u%3D77986264599495%3As1%3D1650550045703%3Ats%3D1650550045703
.ipredictive.com/ Name: cu
Value: 5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3|1650550045741
.adform.net/ Name: uid
Value: 2723265135857761152
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.criteo.com/ Name: uid
Value: bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b
.openx.net/ Name: univ_id
Value: 537072971|5169ee99-c653-4a21-a834-6b5fb8f9a4f6|1650550045768280
.bfmio.com/ Name: __106_cid
Value: 5169ee99-c653-4a21-a834-6b5fb8f9a4f6
.bfmio.com/ Name: __io_cid
Value: 5169ee99-c653-4a21-a834-6b5fb8f9a4f6
.media.net/ Name: data-rk
Value: 970033154777882003~~8
.advertising.com/ Name: APID
Value: UP5f2b6ec0-c17c-11ec-b457-02755faa7259
.brand-display.com/ Name: _knxq_
Value: 8bef5e2c-0469-8032-2d783d2c.1650550045.0.1650550045.1650550045
.turn.com/ Name: uid
Value: 8146466545210792157
ads.avct.cloud/ Name: uuid
Value: 71d66e19-1b20-45ab-b01a-e06433e4462c
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1MDU1MDA0NTg5NiwiNCI6MTY1MDU1MDA0MDAzNywiMjciOjE2NTA1NTAwNDAwMzcsIjM5IjoxNjUwNTUwMDQwMDM3fQ
.w55c.net/ Name: matchpubmatic
Value: 5
.tynt.com/ Name: uid
Value: V/jM4WJhZR3xkHUVAVM22w==
.media.net/ Name: data-tam
Value: setstatuscode~~35
.media.net/ Name: data-ttd
Value: 5169ee99-c653-4a21-a834-6b5fb8f9a4f6~~1
.w55c.net/ Name: wfivefivec
Value: X9WZ3GiE1NHxsV5
.adgrx.com/ Name: ADGRX_UID
Value: 5f37edc2-c17c-11ec-b66f-79feb2a2c73e
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7038364451691127419P
.owneriq.net/ Name: pmc
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmpgampgYGJqZmHUJIjEtzQ2BgBQequ7IAAAAA
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjf6jXVzZXJNYXRjaGluZ0lkJLaRbGFzdERyb3BUaW1lTWlsbGlzJQFAEw4uLoiYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQBMOLi6Ij3RoaXJkUGFydHlVc2VySWRXZTYwMzVlNTk2MzllYzc3ZmM2ZWY0MWFl+4A2+kLMQyUBQBMOL2SwRCUBQBMOL2SwRSH7gjEzN/pCJASSQyUBQBMOL2eoRCUBQBMOL2eoRSH7+4Z2ZXJzaW9uwvs="
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.rlcdn.com/ Name: pxrc
Value: CJ3KhZMGEgUI6AcQABIFCOhHEAASBgi66gEQABIGCLjrARAA
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1650550045950%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1650550045950%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1650550045950%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1650550045950%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1650550045950%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1650550045950%7D%5D
.pippio.com/ Name: did
Value: j7BNMUrvCF3ASMng
.pippio.com/ Name: didts
Value: 1650550045
.pippio.com/ Name: nnls
Value:
.w55c.net/ Name: matchmedianet
Value: 5
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.mathtag.com/ Name: uuid
Value: 299c6261-651d-4600-8dda-ad435d1fd6f6
.tribalfusion.com/ Name: ANON_ID
Value: aUnvYxON6Jf8ZbUxrbxUXk1btUd2YYZdixX8ZdObiHk05JFWs1hk84x1aUF7ZaNBJurFZcHfZcor3Lpg43ZaxW0ulVjROEo9eeWeJ4qCs4TCdr9Br5wVJ8L
.pubmatic.com/ Name: PUBMDCID
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-461b852e-81df-495a-a6cd-a8aee7ab54d0&KRTB&23340-461b852e-81df-495a-a6cd-a8aee7ab54d0
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YmFlGwAWPMpOGwAy&KRTB&22978-YmFlGwAWPMpOGwAy&KRTB&23194-YmFlGwAWPMpOGwAy&KRTB&23209-YmFlGwAWPMpOGwAy
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-664619934089
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-5f37edc2-c17c-11ec-b66f-79feb2a2c73e
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-uC7vMxb8TIxn19ZOLGw0VZU4mbw
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:vm900jVJ1NHxsV5
.mookie1.com/ Name: syncdata_IOW
Value: 1
.quantserve.com/ Name: d
Value: EC4BFQH6JYEO-TC_vLEA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2723265135857761152&KRTB&23263-2723265135857761152
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5169ee99-c653-4a21-a834-6b5fb8f9a4f6&KRTB&22918-5169ee99-c653-4a21-a834-6b5fb8f9a4f6&KRTB&23031-5169ee99-c653-4a21-a834-6b5fb8f9a4f6
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&KRTB&23011-5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3&KRTB&23355-5f1bddf0-c17c-11ec-8a5d-f3a7b7c238e3
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8146466545210792157
.adsymptotic.com/ Name: U
Value: 4b09c94fe27a10205d5c1152577c26f4
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGcTFWsJavaAMOqpgnAAAAAAA&KRTB&22713-AAAGcTFWsJavaAMOqpgnAAAAAAA&KRTB&22715-AAAGcTFWsJavaAMOqpgnAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&KRTB&16736-uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&KRTB&23019-uid:d6ef6261-651d-4200-b8d9-975a538fe6ed&KRTB&23208-uid:d6ef6261-651d-4200-b8d9-975a538fe6ed
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 861c000f-ef83-4f1d-b20a-b76b72fcd417
beacon.lynx.cognitivlabs.com/ Name: ss
Value: tdRLdZU5k4AAuDQAcfDwQmXd7bw39ut2NdPJbXnlmXEb9y%2Bhz7uLrkTeBIOuT7Hz1SnWB1oMY6VK46mYMOplSw%3D%3D
.media.net/ Name: data-c
Value: bdab6266-a73b-4ddd-bfa0-ac2b41f7ae4b~~1
.media.net/ Name: data-c-ts
Value: 1650550046
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIpre6g8nq0ToQBRIWCgdzdng5dDUwEgsIyo3-t8nq0ToQBRIVCgZjYXNhbGUSCwiupYK8yerROhAFEhcKCHB1Ym1hdGljEgsI4vrJusnq0ToQBRgBIAEoAjILCKjJ2-nf6tE6EAU4AVoHZjB2MzVld2AC
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~24ge:18z8~24ge:191l~24ge:18za~24ge:190u~24ge"
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7038364451691127419&KRTB&22521-Q7038364451691127419
.mfadsrvr.com/ Name: c
Value: 1650550046
.mfadsrvr.com/ Name: tuuid_lu
Value: 1650550046
.casalemedia.com/ Name: CMST
Value: YmFlGWJhZR4A
.rlcdn.com/ Name: rlas3
Value: VLKrv/rkF0NK+AkNtnDKfu+T5qrGzs0A7btlDe70H4M=
.dotomi.com/ Name: DotomiTest
Value: 271f064a9bf11221
.mxptint.net/ Name: mxpim
Value: R1B330_EEAE3886_15846FEA.1.00000000000000006261651E
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.media.net/ Name: data-ze
Value: wAFWSgI4rKGtqFSiHetv~~8
.casalemedia.com/ Name: CMRUM3
Value: e66261651d2760&046261651d05a0&276261651e27605169ee99-c653-4a21-a834-6b5fb8f9a4f6&036261651e2760531e6261-651e-4700-a49f-e49486105ad2&586261651d2760YmFlGwAWPMpOGwAy&bc6261651d05a0&2d6261651905a0CAESEK4glnwDV2nk1iopqJc8zzI&516261651d05a0&bf6261651d00018bef5e2c-0469-8032-2d783d2c&f16261651d05a0&2e6261651d05a0
.media.net/ Name: data-xu
Value: X9WZ3GiE1NHxsV5~~8
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX&KRTB&19420-7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX&KRTB&22979-7Nxwt-zbd7H32H7kvo9rterfI-D33yW36tsYzSCX
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMkebkZzO_GXXwW1aKKm0ac&KRTB&16514-CAESEMkebkZzO_GXXwW1aKKm0ac&KRTB&23025-CAESEMkebkZzO_GXXwW1aKKm0ac
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:76FDC54144714F12816F67C0F1455CDB
.pubmatic.com/ Name: PugT
Value: 1650550046
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-13b48936-f855-4e8a-bf80-bb8c1b9746de-62616517-4341
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8298961850055676383&KRTB&23339-8298961850055676383
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_EEAE3886_15846FEA&KRTB&23092-R1B330_EEAE3886_15846FEA
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23175-000000A94D67BC54
.mookie1.com/ Name: syncdata_TAP
Value: 1
.pippio.com/ Name: pxrc
Value: CJ7KhZMGEgQIAhAAEgYI7OsBEAA=
.media.net/ Name: data-co
Value: AAAGcNZjkwLG6wN-WkbSAAAAAAA~~8
.nrich.ai/ Name: _nauid
Value: b7589596-4aa2-4d21-be2f-603674503f61
.mfadsrvr.com/ Name: bsw_uid
Value: 1f1345a2-d50a-4715-8469-b318f811a70d
.mfadsrvr.com/ Name: ssh
Value: !medianet,1650550046
.media.net/ Name: data-mm
Value: 299c6261-651d-4600-8dda-ad435d1fd6f6~~8
.linksynergy.com/ Name: rmuid
Value: ec09a8a2-4704-473f-a5f4-f18ce13b65cc
.linksynergy.com/ Name: icts
Value: 2022-04-21T14:07:26Z
.agkn.com/ Name: ab
Value: 0001%3A2jYyReqQhZU%2BRrZRR%2FgtY0poGhlvvnS2
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1f1345a2-d50a-4715-8469-b318f811a70d
.media.net/ Name: data-bs
Value: 1f1345a2-d50a-4715-8469-b318f811a70d~~1
.mookie1.com/ Name: syncdata_NEU
Value: 1
.mfadsrvr.com/ Name: tuuid
Value: 55d1baff-9d73-4e6a-9d45-efd47b5011f8
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHreuNhX5Zn3O1WuCoMxA8a+JUixCbOKdolQVmnFEBAWT65es3G2l10vi24ddgdzywfBYRBeRcCfxh/6qRlWSa6aNgdOVL2Yy+ZLSzkyHji57KpUjWTmmg0
.districtm.io/ Name: _dm_uid
Value: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOjEwMDAwLCJ1c3IiOiJxZ1plc2dZYk1qZzJkbkpEVUU1NmR6WnhhemswZUVsUE1sUTJlR1ZXT1VWeHVnWVJDS1pPRWd3Mk5qUTJNVGs1TXpRd09EbTZCZ01JcWs2NkJnTUlyazY2QmdNSXNFNjZCaGNJeUU0U0VqazNNREF6TXpFMU5EYzNOemc0TWpBd013PT0iLCJpYXQiOjE2NTA1NTAwNDZ9.X-kpS_csteN5Av6aqd4Jx2U5h0Tckfb-6mJkfqWci6QkfBLmSSkgRc75xTM-kJoZOaVrk_x5_pdW-jL0lwWmrA
.media.net/ Name: data-mf
Value: 55d1baff-9d73-4e6a-9d45-efd47b5011f8~~1
.pubmatic.com/ Name: pi
Value: 158355:3
ads.playground.xyz/ Name: connect.sid
Value: s%3AuQg8fqNOZSGFibPRA9ghYNeDFanLH9Ve.r9BBlfL3ZJUxU6zjpOa51aqyolRNsiP8Vqe7ZuQbsx8
.pubmatic.com/ Name: SyncRTB3
Value: 1653091200%3A224%7C1651708800%3A176_233_240_22_3_8_99_56_7_166_48_231_55_204_178_71_220_81_104_21_54_5_13_165%7C1651104000%3A38_2_15_223%7C1651363200%3A63%7C1651795200%3A35%7C1650931200%3A216
.id5-sync.com/ Name: id5
Value: f4c199df-8944-3ae1-af27-67e03e726131#1650550039747#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.adsby.bidtheatre.com/ Name: __kuid
Value: db770658-fd94-4b00-ae5d-c384f343dce5.419764047
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: SPugT
Value: 1650550046
c.deployads.com/ Name: d7s_dc
Value: 44ACRSG211700591296696G4ADMXbbaa9aeef-6266-43cf-ad20-188fa1d22bf1G4bswtb1f1345a2-d50a-4715-8469-b318f811a70dG
.bidr.io/ Name: bito
Value: AAIdlU7EwsoAADogEYxYGw
.bidr.io/ Name: bitoIsSecure
Value: ok

21 Console Messages

Source Level URL
Text
javascript error URL: https://www.bleepingcomputer.com/startups/rundll32.exe_streamci_StreamingDeviceSetup-747.html
Message:
Access to XMLHttpRequest at 'https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1' from origin 'https://www.bleepingcomputer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://ib.adnxs.com/&https://ads.yieldmo.com/v000/sync?userid=8298961850055676383&pn_id=an
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://mathid.mathtag.com/d/i.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning (Line 3)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://match.prod.bidr.io/cookie-sync/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=unmatched_solutions_ltd&google_hm=QTM1Mjk1NzE2Mzg1MTg0MjQ0ODE&google_push=AYg5qPLzDRDedWTmBCVhZfn8XDxG02CzFccvaqi92tWGW1zD7E6Z-aK9Bqglgedsvcp5hC3YTHg6zPkIZxOMccp9Xv7L2JsszNrH
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPKrh1kVSwRu_qtctHfUQ8DWqt59ujVJ7vQi2Hxh0s-VcJRalGDT3G8lDViiXzooCrvIBzkOHUJ6ORQYHf_IYAzLf978NWCg&google_hm=d56c725eaba2b7a0653350a0c5696a54
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AYg5qPLCsfLmpu4aLCR_ROMNTKgiKZRz9T3zsvZ8giYNL7aTjEF6wao559oD-dTxHez4PHZGmZMBIk6XfcvacwhXQTiIsVoW68U&google_hm=c1d1ee9c8a6e0051dcc7bca80be54bc9
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_cver=1&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPLFY0EHmFXyUXvBfUnsaroQ85awjdsHnK057Nyzb7LRVDn6eoFjt9ApkbuZ-KTahUCDd15F0ejPIFSrgBdmFnuz9zV93JbO
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmFlGeWVK2rxHCPvkD15_QAAALwAAAIB&google_gid=CAESECmkXqz5VQ_N-UDIBwDepoE&google_push=AYg5qPL2XrytDMzYp4Vd5aHKxNbSh9UhGh-BGYYPTbMiD4UELE5QdoR6izzXcMEB9hLKmLYD6n6mKbS61jNgRE9x5oDO5EOg8Mc&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=yieldmo&gdpr=&gdpr_consent=&_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://match.prod.bidr.io/cookie-sync/districtm
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
network error URL: https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.pub.network
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.ca
adservice.google.com
amazon-tam-match.dotomi.com
ap.lijit.com
api-public.addthis.com
api.btloader.com
api.floors.dev
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.deployads.com
c.pub.network
c.us1.dyntrk.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
cdn.districtm.io
cdn.firstimpression.io
cdn.id5-sync.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms-xch-chicago.33across.com
cms-xch.33across.com
cms.quantserve.com
contextual.media.net
core.iprom.net
creativecdn.com
cs.media.net
csync.loopme.me
d.adroll.com
d.pub.network
data.adsrvr.org
de.tynt.com
dis.criteo.com
districtm-match.dotomi.com
dmp.brand-display.com
dmx.districtm.io
dmx.us-east-29.districtm.io
docker.creative-serving.com
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
e.dlx.addthis.com
e3f6df70904c99ba2fc7c7cc60823106.safeframe.googlesyndication.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
gcdn.2mdn.net
geo.moatads.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
loadm.exelator.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mathid.mathtag.com
mb.moatads.com
medianet-match.dotomi.com
mweb.ck.inmobi.com
odr.mookie1.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pghub.io
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
r1---sn-t0a7ln7d.c.2mdn.net
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
sync-amz.ads.yieldmo.com
sync-pp.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.extend.tv
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
tag.researchnow.com
tagan.adlightning.com
tags.rd.linksynergy.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.creativecdn.com
v1.addthisedge.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.reddit.com
x.bidswitch.net
z.moatads.com
aud.pubmatic.com
btlr.sharethrough.com
cm.g.doubleclick.net
core.iprom.net
csync.loopme.me
gocm.c.appier.net
match.bnmla.com
mathid.mathtag.com
pixel.onaudience.com
s7.addthis.com
uipglob.semasio.net
104.105.42.146
104.16.68.69
104.18.100.194
104.20.59.209
104.36.115.109
104.36.115.113
104.36.115.114
104.45.178.220
107.178.246.49
107.178.254.65
13.224.202.14
13.224.207.10
13.224.207.49
13.224.207.65
13.224.207.67
13.224.207.75
13.226.31.96
13.33.46.100
130.211.23.194
142.250.64.98
142.250.65.198
142.250.80.2
142.250.80.34
142.251.40.226
147.75.38.124
151.101.1.44
151.101.130.49
151.101.193.108
151.101.193.140
159.65.197.210
162.248.18.11
169.197.150.8
172.67.75.139
173.223.56.123
173.231.178.85
174.137.133.49
18.197.103.129
18.67.65.85
185.167.164.42
185.184.10.30
185.184.8.90
198.148.27.139
199.127.204.142
199.38.167.128
20.72.149.136
204.237.133.116
207.198.113.169
209.54.180.3
216.200.232.249
23.0.229.23
23.1.200.83
23.10.88.241
23.195.109.72
23.217.153.125
23.221.200.152
23.52.162.163
23.52.162.190
23.52.162.21
23.52.163.40
23.52.163.93
23.78.138.84
2600:1f18:4e9:5a01:166f:faec:e70b:6d2e
2600:1f18:612b:4264:29b9:1155:5103:2a66
2600:9000:20ed:3200:6:44e3:f8c0:93a1
2602:803:c002:200::42
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:8b
2606:4700:20::ac43:4acf
2606:4700:4400::ac40:98f5
2606:4700:440e::6812:2fe6
2606:ae80:1451:21::410
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2008
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2003
2607:f8b0:4006:824::2006
2607:f8b0:4020:1::6
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:44af:4f54:8af4:5563
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:400::300
3.140.125.127
3.213.231.202
3.214.98.210
3.218.90.66
3.230.217.116
3.95.80.233
34.102.253.54
34.107.148.139
34.111.151.213
34.117.239.71
34.149.20.76
34.203.95.120
34.206.186.180
34.232.7.173
34.237.108.132
34.74.216.17
34.98.67.3
35.186.253.211
35.190.60.146
35.190.90.30
35.201.71.192
35.211.165.199
35.211.178.172
35.227.238.208
35.241.45.217
35.244.159.8
35.71.131.137
35.71.139.29
4.78.226.233
44.194.134.45
44.201.217.92
45.35.192.162
46.105.202.126
5.161.54.172
50.19.44.88
51.161.117.180
51.68.39.188
51.89.21.20
52.0.156.250
52.1.9.6
52.116.221.248
52.200.181.105
52.200.63.55
52.204.248.204
52.206.102.177
52.21.125.8
54.156.95.15
54.159.196.118
54.166.104.187
54.208.57.183
54.210.154.62
54.211.115.184
54.84.41.110
63.251.114.137
63.251.114.182
64.202.112.31
67.202.105.24
67.202.105.32
68.67.160.114
68.67.161.182
69.12.8.74
69.166.1.10
69.173.144.165
69.90.254.78
74.119.119.150
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
96.16.29.14
0385c1392665dc542f9ac17d24cba4faa6562de5304f2582a72b49358063b1d0
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a8574b7d7094e5bd6f7cce2d77ec6cd38b25ab6194716248415c98add82876
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
0b37f3d8aa5e1f298bf71477c945f576745020ce44f048ec67e19a93cd285372
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be157fb756710ee2821e8bfa7d244e32d15d4a9e118fb86281e1e846e4dbe70
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0d23a033adadf4aee3d9ae65d0057ec452e3ea117ac5a38cf59fdc6cda3f5d9a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0ff18e021c3d1a587eb9a6eab9d7299931b572849e07bb530e2c529bf7e99834
108a5ee6306c726271c490dceca48e5fb5a148ea41fcb9fe55cd5d348f16eb57
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145d71d3dbfbbccb605f416cff183bfe88032460070ae87491acda763561929a
1562bf13c9030fbda35dd0005e927a150531cdff4ad9558aba3092408cfe539b
160796bff376e80711994b4cc84713d78049425aa26323e08defd3ae6d377d14
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1b316cf2c7664979b7cf66a6f2d3a64d34874b29b10849af62a1f208c31ff12e
21f41b3a7be6b51a9cb0f6c6fa4242b9bee2bf7edbb6721bae0c19be800fe2cd
229da481237c3f5ba1725ee32a9a922ce856aa6f984b3daebb59804066b20c68
22e500e263bd877e8d92a46a7b84a7c887bbf8209a35a429a3d951a0a381d1fb
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
25c85e584bc065783624a16649bfdaee7e21624d5cf11b8e5093f5cb39b762e2
263efd3d40787bfba953fff6247e41dcea1baf400676ae6f2b529692a5c9f97b
268a7b2b5b0e56b977e9e58ee2e509bcae33ef831868eec0bf5ff9aa5a4c16bd
28b2478bf10c0c701bffaad9fed82d7ea96231fc7e955038830f0d0138566d77
28d6b51ff8cb860d3dba5930fc0cd37648ec0e3830e98baf41b26fca216b5c37
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
294edd57930c287d040bffa8bf3734ac277ccec50e953182300b2f13be528231
2a3c6e99591820af61cc1982b87d337448abdab0b6cdb9a631fb7591e0ecae4a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7b308833a82afa605416609024d6210e58ecf639a9a2661ba9fe7c2f735149
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33b7557539dde2e59bc01caefb3cb2f0431d36ab928d1476c960f7490587e946
347d9f68b113bb97ee7813cd4f63ff4a0d1d8c65d1012c8df83fbef34b7131bd
36167853f2f5adcd9d5afde410b6fd0cf980e1c754c9d63d229083668d6aea91
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
380b108ef8274643bad7cecdca46921ea765be1678c1f0e4c35dbc9a57317bb3
3a2a44d6d645afa6dd329ef0d6e7c92ebf624e49bf20fc301e59d69d9a59c87d
3d510e16e6e569e573980fd67a55221795d539fd56688ecaca8d284255e86ee6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7d78eccbc68077488d31e659986f80428c6affdd7c1b4c56e31d72b0d6861f
3efe120550343e2c05d76eea530b414e504815daf9c455efe64297bdb35e24bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41440ca212b3b1798cf6f4dba9c9012e030848511f997b6cc0b7e7c2e0e20843
427d49bcf21334abdb425ace6cd1660bd96db64ae3be25be152045a730377206
43d3780779d5a98e2de9d2eda7625fd931ec5173725574e809b349628e1e8eae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468fa725f6491787adf804df52c98676d37ac56d2b15d4d26db740260a5876f4
46ab0fb3834133bf41894c1846e122be3adf07e2b687ac36c7518e6df87f9788
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
47e9b42965bea31f491a411286d3910e224e791879ad2e352deb0d2a4b945c96
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48f1a1b5d68ac28e8adcd19fcc648a0a3a9145fb2bc10f13a289212a7745c503
4914c163af57311f0841ffa3add690d448bd405aff0a220e0ce9bc95601b9854
499d399d09cbc6e7cc5f10c2d72c2815e07c622264ee418fcc1ce91650596219
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4a2b3eaca36b79224c174e7371325ab20afb8b7217668f871ad44c9b15650600
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b77109942571a6fafd1403871c3fa463c959cabe27495a627e28715ff4e99a9
4d312294a06982e0377c120ec4264047c63fcb56b327468835938bcc8f144ece
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e43a62612491ba51206736491f25e6b7748f1ecd5f2752633eee39a9ccb2ace
4ec4aa749d768f1f39c73ced794ab439144b6764d31d097c3b7a4299c6a84bd5
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
546e7f00ee2aaec47039f7f477ed8be724279e1519d66bf865048d34b32b0800
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a7626f874414b0e260282c292c41851e7d27866eeb475f3fb80a34feea0504
55d783462e6671fa985a6b0829db15474f4e57f0555c93e15cc2db6a1d1e6cab
5aef37c7abe75530fac92a34f337cd7f558956e9800f5b0e05094fb83e963be6
5bed9c7bf5dd43601db274be799bf05929aa7d058aa410464739bd3dbbc2a240
5dd0d040336167f3822644a30f393f189ba700daa94c45b686fba65d074cbd4e
5e2fa0db2b47dfd4756431e7574be49e40544778046fcde5a691939b86b5a35d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6171e8a0e81e8bb3771a11b1b4d7979416349923fbe3ce4d3ff6a1861361fadf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
649fc78f0d874b4e2e7cde4d0ee7255fe6c6a8ed2e909566752e4ac82d7abd03
655ba3001668295c32f85c75e87d7c29818d320ae92268fa738bcfaea309cf1a
662c56b35f59aecda894fb9b23f424ac14d862d9a956ff9b50a6efa15246033b
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6904791aaaaf7befa754ff249c1618c4d11e2ac40726e8df6011c08d372af2ef
6a443dd3afe8a151520725e3d41ec3b6298e69c7db2f6e72ee8a8ac25b481d75
6a5ac5baff77accdc598b43da984d5e65565a879ac2219be8fe45efe7de19609
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1fdb1e891146424d01ae18acd6acec2d199f4112178237e93d388f95fac8f8
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6d6cb386a633ec3c80cec7e9b1f0287ea19a5c5a2edc16f60f266fac10dc0c68
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e97afe0a1ab27b50b281408d045d61de9d343ccfb901e928e04bf19fb815a2e
6fab9effc5afa3bcb563e1d4581fcfac4d432951642be41070d036187408fcd7
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
74ba418906fb0290f2464121a1910bb9bd06b559924f9f8ce8f10cf63f07971a
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
78da514c9f16a47d8e2374012619445409c56fd4da464e9cbd7b581cbf809b08
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c71ce8d0704a157d1aecd6c50a69c80e961f67723a79e2fbb0006fde3350c1c
7ccb3b364eb66088dd696526313acbfcc7c763a8e870e66699b5a190ab2bf890
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836310c23109fa3a43f188bf6567e791a53a5441c655c95fe1a4a8e526f35d67
83926932e047df927ee7c1344c513f5380b905bd5e63e8a983bf0d97c99c8aa5
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
86ce1cf8469e7cf238c75b3b7832cd4584de46b4aea240603feda0a225cb1495
8702e282eaafc20ed9259cdb705c0f3ff011dce6ee39bf48a32603c7287fb66b
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
894d53db224c47bb07db1adf797e1670ec569285b1e74879e12b62812478e2a3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c11a74bd4d89d073f7ab536ffe5d2fbb751ed996603b738a2becfc9dc874fd9
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
91b24f6a89985a48ed16b26056969fe3d78527863f6269c4959631bdd87ee2a1
923e7acda6875850b044a8af10ce19dc774c27f76e922b028be3664963c504b6
9242b51504d02464c157615b69ea52761b704e1d4b6e925f436eb6c993beafdf
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
945355cd198fab488c6d39e2f2c200f4588cde1f98f6781ee942b15a324c811b
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
966f2d91f30369d087b2a7149623cf40a173d02985dac8d613619016e6ab81b4
9673fddf73f09cc8f1f8953960273c8a19635f0aa4f24afef747827f907e4a34
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f9c94ec86466e6648663996ac8a80269ca8306f84a4d4fdef92829bf26238e4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b374cb5be30cf745d18c8403fcf6d68c68720a8b72f6205960a38231056bc3
a0d0abc81595a9a4520f68591476f2f3e0d621c9e69557396b2c420ea49ae32b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78b78de33ce86deec00f5b7c9e98774a4869dfce0284075bee423417e614d0a
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab064d3a8ee80e5c8bdf36910e1dabf618c7c3ed80a75c78c3a62560a170272c
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aebd50af0cd8da2f314a52e2088788775d1a441bd674ef9379578e7bc1b5ad50
af8d27e343e40d60295bda2bea1fe791caad23373e829cc8a4bd046a5df79a30
b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20c7535189a3ce02189713627dec04c4b66acfc4344261846d53096d6525800
b22015fa939c2be51580dd933017dbb0d01f86e00ed3477e100d990495fdd23a
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
ba626050004d9b1c9e773d17664162297b25bf0ce8165489f4e177efc8722b28
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c1b60ac739645c935f004704f6a3218eb82a255b9f604f4be8819cf41c14e3bc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2af249728ffbcd06c207a408992a7ca357f1b494b4d3acca87043ac85a73c42
c408905f5369cf0ee79b93f242150da7e8712527fdecff071c30cca1bdcf1f29
c411d45c8a01b93b7cc33dc327441449cf4a4786854d93d63af85d685d0f362c
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
c479391701d51b6cc1b06c886ad082d5961a5eb90229e96bc0c5d176dfc3882d
c530e52c52e852c798563490f22a97f051bf4e2d23830f2294dd3f3fa69ec535
c55983d1aa644753804bd8018de6f070555281032f3ddb7e14cdb6370c11b1f9
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
c983af4ca4bb40ef5a23a643eb04de3f79fc6b33f03844049b5df6ab19b411a0
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd277a6937c38f23af7aa5f1c232033c09449b23d61d19763feb5bc602e50460
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1acfaf8603fb7a475b59f93b7b21e58f96555ec4fadb6ac48122afb5dfb0299
d2084062fff698fe4865f688cafdd7898038b0293b89ac6a5506ee3310652922
d30a201f946c32e7b8e67ee6aaa311dca801a3e1de758eb7799f49a5d25fd878
d41bf77714b5d59e9db02f99695d702074040894e85c177c0c57b294e7acc936
d782b2b665472878496bd801875f3a2a839169ed172adf3daba54c0d7bd74add
d84ec9d15167e9ac8c3f44d75eed6313caecaba9723720fd5ae4d75197333893
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9dab916bf68f9b63cdb40910e747879358dded945be1b0d038bf0026375d449
daffdd6f62e491d3b2ab8012fb6c886e904863487f503e76a4fc6281594d533b
ddb9febd56b4f60e5d0d28f7b7f1454e1ba1c04ce86eef1b041639f29760e2eb
e03604fbd11500c1152efe9e69a85d3c20ef3dcc7e247e955cd5981491e94e68
e2e3fe4c249324917cc16292093a7e2a9dc509bde2a06db65eebe80fca4496ce
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e7443c80b3861cc93da1121323aaf9b18f63f4a997a3edfa2e9fd25106e9af9e
e874096415fcd29e9262036c53ffac1db14357df9644e040d390ad0b3375efdb
ea8f7b5cdc315d58b6a7cf84f2e5de7c8d695f5f784bda428f8460312a9ea959
ea9f8ace5bf9d8980e268983ce92dd179865a18de388e621bd90d8879edab9b8
ebe1dfd01f3c135f8908c94bb6ddf87a6a77d138aea601d982dde3ae8edd287f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f10d248f17984d660f3d5a1e7e689a55efbee629e981b4c9135c8a3546e4de71
f21bb4d8e3b92cac0edee015d363a3e95765b4adac91be960d2e9fdd933efc62
f2a13254d60ace1e937a7a8945d8bb3c28a5682295f3cdafc9b31d771c7b42a4
f6afea2673c411750099ce83e1e04bc2d7a4bf1c7a4919d82e6e087411422476
f6b3f3123253e205e7b5f0ff6ee82b2f7dcb4df129786ca936afd62790ba4395
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
f9576f225d518dbb375e43aa59b0334d23fb4abee4d8bf1f56f45ed165bc1059
fab032945c02fb9d789ea99cad49b63fd31054df7293c0920ef07d7829c27d8e
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8